Overview
MyHeritage is a genealogy platform that expanded into DNA testing, combining family tree research with genetic ancestry analysis. Our analysis reveals significant concerns stemming from a 2018 data breach affecting 92 million users, combined with broad research consent practices and complex data sharing with third-party testing partners.
Key Concerns
- 2018 Data Breach History: Major security incident exposed 92 million user accounts, raising ongoing trust concerns about data protection.
- Third-Party Lab Processing: DNA samples are processed by third-party laboratories with separate data handling practices.
- Broad Research Terms: Research consent language is broadly worded, allowing various uses of genetic data.
- Family Tree Data Integration: DNA data combined with extensive family tree information creates rich profiles.
- Indefinite Data Retention: Genetic data may be retained indefinitely without clear automatic deletion timelines.
- Photo Deep Nostalgia Feature: AI features process uploaded family photos, raising additional data concerns.
Positive Aspects
- Deletion Available: Users can request deletion of DNA data and account information.
- Research Opt-in: Research participation requires explicit opt-in consent.
- International Presence: Strong genealogy database particularly for European ancestry research.
- Post-Breach Improvements: Security measures reportedly enhanced following 2018 breach.
Data Collection Summary
MyHeritage collects DNA samples, extracted genetic data, family tree information, photos, and historical documents. Data is processed by third-party labs and stored on MyHeritage servers. The platform integrates genetic data with genealogical records to create comprehensive family profiles. AI features process photos for various enhancement and animation features.