[DRAFT — Subject to legal review]

Privacy Policy

Last updated: July 1, 2026

1. Information We Collect

Registration Data. When you create an account, we collect your name, email address, and organization (optional). If you register via OAuth (GitHub or Google), we receive your profile information from those providers.

Usage Data. We collect information about how you interact with the Service, including session activity, feature usage, and AI agent interactions. This helps us improve the platform and diagnose issues.

Research Data. When you use the Service, your research configurations, experiment results, manuscripts, and related files are processed and stored. We treat all research data as confidential.

Payment Data. Payment information is collected and processed by Stripe. We receive only a tokenized reference and basic transaction details (amount, date, last four digits of the card).

2. How We Use Information

  • Provide the Service: process your requests, run AI agents, manage experiments, and deliver results.
  • Improve the Product: analyze usage patterns to enhance features, performance, and reliability.
  • Security: detect and prevent fraud, abuse, and security threats. This includes AI input/output filtering and audit logging.
  • Communication: send service notifications, security alerts, and (with your consent) product updates.
  • Legal Compliance: fulfill legal obligations and respond to lawful requests.

3. Data Storage & Security

Your data is stored on Amazon Web Services (AWS) infrastructure in the ap-northeast-1 (Tokyo) region. All data is encrypted at rest using AES-256 and in transit using TLS 1.2+.

We implement industry-standard security measures, including network isolation, access controls, regular security audits, and automated vulnerability scanning. Database backups are encrypted and stored in a separate availability zone.

4. Third-Party Sharing

We share your data only with the following categories of third parties, and only to the extent necessary to provide the Service:

  • Stripe — payment processing. Stripe's privacy policy applies to payment data they process.
  • Anthropic — AI model provider. Research prompts and context are sent to Anthropic's API to power AI agents. Anthropic's data usage policy applies.
  • Amazon Web Services — cloud hosting and infrastructure.

We do not sell your personal information or research data. We do not share your data with third parties for advertising purposes.

5. User Rights

You have the right to:

  • Access: request a copy of the personal data we hold about you.
  • Correction: update or correct inaccurate personal data.
  • Deletion: request deletion of your personal data and account. Research data will be deleted within 30 days of account closure.
  • Portability: export your research data, including experiment configurations, results, and manuscripts, in standard formats.
  • Objection: object to processing of your personal data for specific purposes.

To exercise these rights, contact us at privacy@apexin.ai. We will respond within 30 days.

6. Data Retention

We retain your data according to the following schedule:

  • Account data: retained while your account is active, plus 30 days after closure.
  • Research data: retained per your subscription plan (Starter: 90 days after project completion; Professional: 1 year; Team: 2 years).
  • Audit logs: retained for 2 years for security and compliance purposes.
  • Usage analytics: aggregated and anonymized after 90 days.

7. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising cookies. Analytics data is collected server-side without client-side trackers.

8. Children's Privacy

The Service is not directed to individuals under 16 years of age. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service at least 30 days before the changes take effect.

10. Contact

For privacy-related questions or to exercise your data rights, contact us at privacy@apexin.ai.

See also: Terms of Service | AI Attribution Guide