Privacy Policy

We are committed to protecting your privacy. This Privacy Policy explains what personal data we collect, why we collect it, how we use and store it, and what rights you have. By using our services, you agree to the practices described here. If you do not agree, please do not use our platform.

Account and profile

When you register, we collect: email address, name (if provided), password (stored in hashed form), and any profile details you choose to add (e.g. company, role). We may also store your authentication state and session data for security and access control.

Usage and product data

We collect information about how you use the platform: searches, saved literature, reviews, reports, dashboard usage, feature usage, and timestamps. This helps us operate the service, improve features, and troubleshoot issues.

Content you create

We store the content you create within the platform: literature reviews, notes, tags, classifications, saved articles, report configurations, and any text or metadata you input. This data is necessary to provide the service and is associated with your account.

Technical and device data

We may collect: IP address, browser type and version, device type, operating system, referring URLs, and general location (e.g. country or region). We use this for security, fraud prevention, and understanding how our service is accessed.

Communications

If you contact us (e.g. via support email), we keep records of those communications and any information you provide (name, email, content) to respond and improve support.

• • Providing, maintaining, and securing the platform and your account
• • Processing your searches, analyses, and report generation
• • Storing and retrieving your saved literature, reviews, and reports
• • Sending account-related emails (e.g. verification, password reset)
• • Responding to support requests and feedback
• • Improving our products, performance, and user experience
• • Detecting and preventing abuse, fraud, and security incidents
• • Complying with legal obligations and enforcing our terms
• • Sending optional marketing or product updates (only with your consent where required)

Where applicable (e.g. GDPR), we process your data on the following bases: (a) performance of a contract (providing the service you signed up for); (b) legitimate interests (security, analytics, product improvement); (c) consent (e.g. marketing, optional features); (d) legal obligation (e.g. responding to lawful requests). You may withdraw consent where it applies without affecting the lawfulness of processing before withdrawal.

We do not sell your personal data. We may share data only in these circumstances:

• • Service providers: Hosting, email, analytics, and other vendors that process data on our behalf under strict agreements
• • Legal and safety: When required by law, court order, or to protect our rights, your safety, or the public
• • Business transfers: In connection with a merger, sale, or acquisition, with notice and continued protection of your data

We require third parties to use your data only for the purposes we specify and in line with this policy and applicable law.

We retain your data for as long as your account is active and as needed to provide the service. After account closure, we may retain certain data for a limited period for legal, security, or operational reasons (e.g. backups, dispute resolution). Aggregated or anonymized data may be retained longer for analytics and improvement. You can request deletion of your personal data subject to applicable law and our retention requirements.

We implement technical and organizational measures to protect your data, including encryption in transit (e.g. TLS) and at rest where applicable, access controls, secure authentication, and regular review of our practices. Despite our efforts, no system is completely secure; we ask you to keep your credentials safe and to report any suspected unauthorized access.

Depending on where you live, you may have the right to:

• • Access the personal data we hold about you
• • Correct inaccurate or incomplete data
• • Request deletion of your data (subject to legal/operational needs)
• • Restrict or object to certain processing
• • Data portability (receive your data in a structured, machine-readable format)
• • Withdraw consent where processing is based on consent
• • Lodge a complaint with a supervisory authority (e.g. in the EEA)

To exercise these rights, contact us at the email below. We will respond within the timeframes required by applicable law.

Your data may be processed in countries other than your own, including where data protection laws differ. Where we transfer data from the EEA, UK, or other regulated regions, we use appropriate safeguards (e.g. standard contractual clauses, adequacy decisions) as required by law.

We use cookies and similar technologies for: essential operation (e.g. session, authentication), preferences (e.g. theme, language), and analytics to understand usage. You can control non-essential cookies through your browser or our cookie preferences where offered. Blocking essential cookies may affect how the platform works.

Our service is not intended for users under 16 (or higher age where required). We do not knowingly collect personal data from children. If you believe we have collected such data, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the “Last updated” date. Material changes may be communicated via email or a notice in the platform. Continued use after changes constitutes acceptance of the revised policy.

For privacy-related questions, requests, or complaints, contact us at:

Email: safetybox.ai@gmail.com

We will respond to your request in line with applicable data protection laws.