Privacy Policy

1. Introduction

This Privacy Policy explains how The Lab Post collects, uses, and protects your information. By using the Service, you agree to this policy.

2. Information We Collect

2.1 Account Information

Name, email, and password (encrypted).

2.2 Research Information

Your research project names and descriptions, used to find matching papers. Descriptions and matched paper abstracts are processed by AI service providers under zero-retention contracts: these providers do not train on our data, and no content is retained after the response is returned.

2.3 Usage Information

IP address, browser type, device info, pages visited, and time on site.

2.4 Cookies

We use strictly necessary cookies for authentication session management only.

3. How We Use Your Information

• Generate paper matches and relevance notes tailored to your research profile
• Deliver your daily email, including unsubscribe handling and deliverability monitoring
• Maintain your account and provide support
• Detect and prevent technical issues and abuse

4. Email Communications and Opt-Out

When you create an account, you opt in to receive a daily email of paper matches based on your research profile. You can stop receiving these emails at any time via:

• The one-click unsubscribe link in the email (RFC 8058 compliant, honored by Gmail and other major clients)
• The unsubscribe link in the footer of every email
• Your account settings page

Unsubscribed addresses are written to an internal suppression list that is consulted before every send. If a paper-match email bounces permanently or is flagged as a complaint by your mail provider, we automatically add the address to the same suppression list and stop sending.

5. Disclosure of Your Information

5.1 Service Providers

To operate the Service we use vetted third-party service providers in the following categories: AI model providers (profile generation, relevance ranking, relevance notes), an email delivery provider, an authentication provider, and cloud infrastructure providers (database, hosting, compute). Each provider is bound by their own privacy policies and by our contracts with them. Where we send your content (research descriptions, matched paper abstracts), those providers are contracted under zero-retention terms: they do not train on our data, and content is not retained after the response is returned.

5.2 Business Transfers

Your information may be transferred in a merger, acquisition, or asset sale. We will notify you of any such change.

5.3 Legal Requirements

We may disclose information where required by law, court order, or legal process.

6. Data Security

All data is encrypted in transit (TLS) and at rest. Authentication uses industry-standard password hashing. No method of transmission is 100% secure, but we take reasonable precautions.

7. Your Data Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting [email protected]. You can also delete your account directly from your account settings, which removes your research descriptions, match history, and contact information from our database.

8. Children's Privacy

The Service is not for users under 18. Contact us if you believe a child has provided personal data.

9. Changes to This Policy

We may update this policy and will post changes here with an updated date. Continued use constitutes acceptance.

10. Contact

Questions? Contact us at [email protected].