Privacy
Privacy is the product.
Crick is built so that we cannot betray your trust even if we wanted to. There is no database to leak, no account to compromise, no S3 bucket to misconfigure.
What we promise
We never store your raw genome
When you upload a file, it is parsed inside a single Next.js route handler. The file buffer is a function-scoped variable that the garbage collector reclaims the moment matching is finished. The file is never written to disk: not to /tmp, not to a block store, not to a database.
We never store your matches
Matches are computed in memory, encoded into a compact URL fragment, and returned to your browser. The server forgets them as the response is sent. The next request — even from the same person, on the same IP, a millisecond later — has no memory of what came before.
You don't need an account
There is no authentication system because there is nothing to authenticate. No user table, no email collection, no password reset flow. You cannot delete your account because you don't have one.
You can come back to your results
The URL is the result. Bookmark it. Email it to yourself. Print the page. It will render identically next year because every ingredient required to draw the page is encoded in the URL fragment, and we keep every prior encoding scheme around forever so that older URLs never break.
You cannot be re-identified from our logs
Request logs strip the URL fragment (the encoded payload) and the request body. The aggregate metrics we keep are uploads per day, error rates, parse failure types, and which match categories were hit overall — never individual variants and never per-user. No raw IP addresses beyond what DigitalOcean's edge needs for routing.
How is this possible architecturally?
The application is stateless. By design:
- No managed database
- No object storage
- No Redis, queue, or job runner
- No cookies for genome data; no server-side sessions of any kind
- No third-party analytics that could see the URL fragment
Add to that strict HTTP security headers — including Referrer-Policy: no-referrer, so links you click from a result page can't see what URL you came from — and the surface area for accidentally leaking your data is very small.
What about the URL itself?
The encoded URL contains only match IDs and the genotype key needed to select the right display variant. It does not contain any raw variant data, no raw rsids, no chromosomal positions, no information that could be used to reconstruct your underlying genome. If you share the URL with someone, you're sharing a list of which matches came back, not a copy of your DNA.
How do you know it actually works?
The code is open source. The path from upload to result is short and easy to follow: /app/api/process/route.ts is the only stateful endpoint, it never instantiates a database client, and it explicitly clears its local buffers in a finally block. You can read it on GitHub.
What happens if you find a bug?
If you discover a way data could leak — please tell us. Open a GitHub issue or email the maintainers. We'll fix it, write up what happened, and add a regression test.
— The Crick maintainers