This Privacy Policy explains how Reasearch-ly (“Company,” “we,” “us,” or “our”) collects, uses, stores, shares, and protects personal data when you use [Reasearch-ly], including our website, application, APIs, AI tools, document analysis tools, research features, subscriptions, and related services (the “Service”). By using the Service, you agree to the practices described in this Privacy Policy. 1. Who We Are The Service is operated by: [COMPANY LEGAL NAME] Registered in: [JURISDICTION] Registered address: [REGISTERED ADDRESS] Email: [PRIVACY EMAIL] For privacy-related requests, contact us at [PRIVACY EMAIL]. 2. Scope of This Policy This Privacy Policy applies to personal data we collect through the Service. It does not apply to third-party websites, services, APIs, databases, payment processors, AI providers, academic publishers, or external platforms that we do not control. Their own privacy policies apply. 3. Personal Data We Collect We may collect the following categories of personal data. 3.1 Account Information Name, email address, username, password hash, institution, organization, role, country, profile information, account preferences, and authentication details. 3.2 Payment and Subscription Information Billing name, billing address, subscription plan, transaction status, invoice details, payment metadata, tax information, and limited payment details. Full payment card information is processed by [PAYMENT PROVIDER]. We do not store full card numbers unless expressly stated. 3.3 User Content Prompts, queries, uploaded files, PDFs, documents, research notes, citations, datasets, metadata, images, messages, generated outputs, summaries, analysis results, and other content you submit or generate through the Service. User Content may contain personal data about you or others. You are responsible for ensuring that you have the right to upload and process such content. 3.4 AI and Research Data Inputs, outputs, model responses, document extractions, citation suggestions, research recommendations, summaries, classifications, edits, and usage context needed to provide AI-powered features. 3.5 Usage and Device Data IP address, browser type, device type, operating system, pages viewed, features used, session activity, timestamps, referring pages, error logs, performance logs, API activity, usage limits, and security logs. 3.6 Communications Support requests, feedback, emails, chat messages, survey responses, bug reports, and other communications with us. 3.7 Cookies and Similar Technologies We may use cookies, pixels, local storage, session storage, analytics tools, and similar technologies to operate the Service, remember preferences, analyze usage, secure accounts, and improve functionality. 4. How We Use Personal Data We use personal data to: a. provide, operate, and maintain the Service; b. create and manage accounts; c. process uploads, prompts, files, documents, and AI Outputs; d. provide research, citation, summarization, and document-analysis features; e. process payments and subscriptions; f. provide customer support; g. personalize user experience; h. monitor performance, reliability, and usage; i. detect, prevent, and investigate fraud, misuse, abuse, security incidents, and policy violations; j. comply with legal obligations; k. enforce our Terms of Service and policies; l. improve, debug, and develop the Service; m. communicate updates, notices, security alerts, and administrative messages; n. send marketing communications where permitted by law and subject to opt-out rights. 5. Legal Bases for Processing Where applicable privacy laws require a legal basis, we process personal data based on one or more of the following: a. performance of a contract, to provide the Service you requested; b. legitimate interests, such as securing, improving, and operating the Service; c. consent, where required for cookies, marketing, or optional processing; d. legal obligation, where processing is required by law; e. protection of rights and safety, where necessary to prevent misuse, fraud, or harm. 6. AI Processing The Service uses artificial intelligence and automated systems to process prompts, uploaded content, documents, files, queries, metadata, and other User Content. When you use AI-powered features, your inputs and User Content may be sent to AI model providers, cloud providers, infrastructure providers, or other processors that help us provide the Service. AI processing may generate outputs that are inaccurate, incomplete, or unsuitable. You are responsible for reviewing and verifying all outputs before relying on them. You must not upload personal data, confidential data, sensitive data, regulated data, health data, financial data, government data, trade secrets, or third-party private data unless you have the legal right and authority to do so. 7. AI Model Training Unless we clearly state otherwise or obtain your consent, we do not intentionally use your private User Content to train public AI models. Our AI providers may process data according to their own service terms, data processing agreements, retention rules, and security practices. Current AI providers include: [LIST AI PROVIDERS]. If you are an institutional or enterprise customer and require specific data-processing terms, contact us at [PRIVACY EMAIL]. 8. Sharing Personal Data We may share personal data with: a. cloud hosting providers; b. AI model providers; c. payment processors; d. analytics providers; e. customer support tools; f. email and communication providers; g. security, fraud prevention, and monitoring providers; h. professional advisers, including lawyers, auditors, accountants, and insurers; i. regulators, courts, law enforcement, or public authorities where required by law; j. business successors in connection with a merger, acquisition, financing, restructuring, sale of assets, or similar transaction. We do not sell personal data in the ordinary meaning of selling user information for money. 9. Third-Party Services The Service may link to or integrate with third-party services, research databases, APIs, citation databases, publishers, search providers, and AI systems. We are not responsible for the privacy practices, content, security, availability, or policies of third-party services. You should review their policies before using them. 10. International Transfers Your personal data may be processed in countries other than the country where you live. These countries may have different data protection laws. Where required, we use appropriate safeguards for international transfers, such as contractual protections, data processing agreements, or other legally recognized mechanisms. 11. Data Retention We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, maintain accounts, comply with legal obligations, resolve disputes, enforce agreements, prevent abuse, and maintain security. Typical retention periods are: a. account data: for the life of the account and for a reasonable period after closure; b. uploaded files and User Content: [RETENTION PERIOD, e.g., until deleted by the user or account closure, subject to backups and legal obligations]; c. payment records: as required for tax, accounting, and legal compliance; d. security logs: for a reasonable period to detect and prevent misuse; e. support communications: for a reasonable period after resolution. Deleted data may remain in backups, archives, logs, or legal records for a limited period before deletion according to our retention practices. 12. Data Deletion You may request deletion of your account or certain personal data by contacting [PRIVACY EMAIL]. We may retain some information where necessary to: a. comply with law; b. resolve disputes; c. prevent fraud or abuse; d. enforce agreements; e. maintain security; f. complete transactions; g. preserve legal claims; h. comply with accounting, tax, audit, or regulatory obligations. 13. Security We use reasonable administrative, technical, and organizational measures designed to protect personal data. These may include encryption, access controls, authentication, monitoring, logging, backup procedures, and provider due diligence. However, no method of transmission, storage, cloud hosting, internet communication, or AI processing is completely secure. We cannot guarantee absolute security. 14. Your Privacy Rights Depending on your location and applicable law, you may have rights to: a. access personal data we hold about you; b. correct inaccurate or incomplete data; c. request deletion of personal data; d. restrict or object to processing; e. request portability of your data; f. withdraw consent where processing is based on consent; g. object to direct marketing; h. object to certain automated decision-making; i. complain to a data protection authority. To exercise rights, contact [PRIVACY EMAIL]. We may need to verify your identity before responding. 15. UAE Privacy Rights If UAE personal data protection law applies, you may have rights to request access, correction, deletion, restriction, stopping of processing, transfer of data, and objection to certain automated processing, subject to applicable legal limits. 16. EEA, UK, and Similar Privacy Rights If GDPR, UK GDPR, or similar laws apply, you may have rights to access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and complaint to a supervisory authority. 17. California and Other U.S. State Privacy Rights If applicable U.S. state privacy laws apply, you may have rights to request access, deletion, correction, portability, opt-out of certain sharing or targeted advertising, and non-discrimination for exercising privacy rights. To exercise these rights, contact [PRIVACY EMAIL]. 18. Marketing Communications You may opt out of marketing emails by using the unsubscribe link or contacting us. We may still send transactional, security, legal, and service-related messages. 19. Cookies We use necessary cookies to operate the Service. We may also use analytics, preference, performance, or marketing cookies where permitted. You can control cookies through your browser settings or our cookie banner where available. Blocking cookies may affect Service functionality. 20. Children’s Privacy The Service is not intended for children under 18. We do not knowingly collect personal data from children under 18. If you believe a child has provided personal data, contact us at [PRIVACY EMAIL]. 21. Do Not Track Some browsers send “Do Not Track” signals. Because there is no consistent industry standard for responding to these signals, we may not respond to them. 22. Business Transfers If we are involved in a merger, acquisition, financing, restructuring, bankruptcy, sale of assets, or similar transaction, personal data may be transferred as part of that transaction. 23. Changes to This Privacy Policy We may update this Privacy Policy from time to time. If changes are material, we will provide notice through the Service, by email, or by another reasonable method. Your continued use of the Service after the updated Privacy Policy becomes effective means you accept the updated policy.