Privacy Policy

1. Introduction

GrantFlux ("we," "us," or "our") is committed to protecting the privacy and intellectual property of the academic community we serve. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including Deep Peer Analysis, FluxReader, EchoLearn, Funding Co-pilot, and ResearchGPT (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect information that is essential to provide and improve our Services. This includes:

• Account Information: When you register, we collect personal identifiers such as your name, institutional email address, and role. To streamline this process, you may provide this information by connecting your ORCID iD or through your institution's single sign-on (SSO) system.
• Professional and Research Data: To power our core features like Deep Peer Analysis, we analyze data related to your professional work. This may include your publication history, research keywords, grant awards, and institutional affiliation, which may be provided by you or retrieved from public sources (e.g., ORCID, CrossRef, PubMed).
• User-Generated Content: We collect content you create within our Services, such as annotations and notes in FluxReader, queries submitted to ResearchGPT or Funding Co-pilot, and articles submitted for EchoLearn audio synthesis.
• Payment Information: For paid subscriptions, we use a third-party payment processor (Stripe). We do not store your credit card details. We only receive transaction confirmation and subscription management data.
• Usage Data: We automatically collect information about how you interact with our Services, such as feature usage frequency and technical log data. This information is primarily used in an aggregated and anonymized form to improve our platform.

3. How We Use Your Information

Your data is used exclusively to provide and enhance the Services you subscribe to:

• To Provide Core Services: Your research data is the input for our analytical engines. For example, your publication list is used to generate your Deep Peer Analysis, and articles you upload are processed to create EchoLearn summaries.
• To Personalize Your Experience: We use your research focus to recommend relevant funding opportunities and scholarly articles.
• To Communicate with You: We use your contact information to send service-related notifications, security alerts, and support messages.
• For Service Improvement: We analyze anonymized and aggregated usage data to identify trends, troubleshoot issues, and develop new features. We do not use your personal, identifiable research content to train our global AI models.

4. Data Sharing and Disclosure

We maintain strict confidentiality and do not sell your personal data. We only share information under the following limited circumstances:

• With Service Providers: We use third-party vendors for hosting (e.g., AWS) and payment processing (e.g., Stripe) who are bound by strict confidentiality agreements.
• With Your Institution: If you are on an Institutional plan, we may share high-level usage and license management data with your designated administrator. We do not share the content of your private research or queries.
• For Legal Compliance: We may disclose information if required by law, subpoena, or other legal process.

5. Data Security

We implement industry-standard technical and organizational measures to protect your data, including encryption of data in transit and at rest, and strict access controls. However, no method of transmission or storage is 100% secure.

6. Enterprise and Institutional Users

For academic departments and institutions using our Enterprise Academic Solutions, we provide enhanced security controls including SSO integration, role-based access permissions, and departmental data segregation. Administrators at your institution will have access to license usage statistics but not to individual research content unless explicitly permitted by your institutional policies.

7. Your Rights and Choices

You retain control over your personal data. You have the right to access, correct, or delete your personal information at any time through your account settings or by contacting us. You can manage your subscription and communication preferences from your user dashboard.

8. International Data Transfers

GrantFlux operates globally, and your information may be processed on servers located outside of the country where you live. We take measures to ensure that your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

9. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by email or through a prominent notice on our website. Your continued use of the Services after such changes constitutes your acceptance of the new policy.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at privacy@grantflux.com.