After 24 hours Promethease deletes all information about your raw genome.
After 45 days Promethease deletes your Promethease report.
At no time is your DNA data shared - or sold - to any external party, period. We also do not sell any products like vitamins or supplements.
When you look at SNPedia with your webbrowser, the pages you've requested are part of the SNPedia webserver logs. This makes it possible to match a set of genotypes to a given IP address. These logs are not kept long term; typically they are removed after 1 month, however this is not automated.
When using http://promethease.com you are uploading your genome to our central website. All traffic is encrypted via https and your upload is retained in a well protected location. If a genome is uploaded, but the user does not continue and generate a report, the uploaded genome is automatically deleted after 24 hours. As soon as a report has been generated (typically 10 minutes) the uploaded genome is deleted. If you've imported directly from 23andMe the imported genomes are not deleted when your report was generated, but are instead retained for 24 hours.
If you've made a payment to use Promethease, you will see that your email address was provided by the payment processor (Stripe.com). This email address is used to email you a link to your Promethease report. You may choose to change this to a different address, or to remove the email address. If you do not remove your email address, you will be mailed a link to your completed report. This is probably the weakest link in the security, so you might wish to blank your email, but it makes it much more likely that you will lose the ability to retrieve your completed report.
Since most users will eventually click through from their Promethease report into SNPedia, and usetheir webbrowser to look at the full details of some of their genotypes, this too leaks information about your genotypes and IP address into server logs.
For this reason, in time we hope to scrub the ip/genotypes from the SNPedia logs. But I am strong believer in release early, release often and Promethease wouldn't exist at all if I had to wait until every case was covered.
You can improve security by running Promethease behind Tor. For the extremely security conscious, Promethease may not yet be for you. If you can't wait, consider doctoring a few versions of your genotype file, and running Promethease a few times, from various coffee shops in foreign countries. You alone will know which file was real, and the rest will serve as chaff. Other possibilities exist, and your comments on this important topic are welcome.
These technical solutions are still being formulated, in line with the discussions raised in recent articles ([PMID 18769715]) and by the NIH and Wellcome Trust.