Privacy Policy

Last updated: January 18, 2026

Introduction

PostPrint ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our research paper management platform.

Information We Collect

Information You Provide

  • Account Information: Name, email address, ORCID iD (optional), and password
  • Profile Information: Research interests, affiliation, and profile photo (optional)
  • Research Content: Papers you upload, annotations, notes, folders, and citations
  • Collaboration Data: Information about organizations, projects, and shared folders

Automatically Collected Information

  • Usage Data: How you interact with PostPrint, features used, and time spent
  • Device Information: Device type, operating system, browser type, and IP address
  • Cookies: We use essential cookies for authentication and preferences. See our Cookie Policy for details

How We Use Your Information

We use your information to:

  • Provide and maintain PostPrint services
  • Manage your account and authenticate access
  • Store and organize your research papers and notes
  • Enable collaboration features with other users
  • Send service updates and important notifications
  • Improve our services and develop new features
  • Ensure security and prevent fraud or abuse

Data Storage and Security

Your research papers and notes are stored offline-first on your device with optional cloud sync. We implement industry-standard security measures including:

  • Encryption of data in transit (TLS/SSL)
  • Encrypted storage of sensitive information
  • Regular security audits and updates
  • Secure authentication with password hashing
  • Access controls and monitoring

Data Sharing and Disclosure

We never sell your personal information. Your name, email, and other identifying information are never sold to third parties. We only share your personal information in these limited circumstances:

  • With Your Consent: When you explicitly share papers or collaborate with others
  • Service Providers: Third-party services that help us operate (hosting, email, analytics) under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or to protect rights and safety
  • Business Transfers: In the event of a merger or acquisition (with notice to users)

Anonymized Data

We may use, license, or sell fully anonymized and aggregated data derived from user-generated content such as annotations and comments. This data is stripped of all personal identifiers and cannot be linked back to any individual user. Anonymized data may be used for research, analytics, or commercial purposes. Because this data is not personally identifiable, it falls outside the scope of personal data protection regulations.

Your Rights and Choices

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct your information
  • Deletion: Request deletion of your account and data
  • Export: Download your papers, notes, and data
  • Opt-out: Unsubscribe from non-essential emails
  • Object: Object to certain data processing activities

To exercise these rights, contact us at privacy@postprint.net

Data Retention

We retain your information for as long as your account is active or as needed to provide services. When you delete your account:

  • Your personal data is deleted within 30 days
  • Shared content in collaborative spaces may be retained for other users
  • Anonymized usage data may be retained for analytics
  • Backups are deleted according to our backup retention schedule

Our Commitment to Privacy

We are committed to protecting user privacy and personal data. Our practices are designed to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We support user rights such as access, correction, and deletion of personal data, apply appropriate security safeguards, and use contractual protections when working with service providers or transferring data internationally.

GDPR Rights (European Economic Area)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to Access: You may request a copy of the personal data we hold about you
  • Right to Rectification: You may request that we correct any inaccurate or incomplete personal data
  • Right to Erasure: You may request that we delete your personal data, subject to certain legal exceptions
  • Right to Restrict Processing: You may request that we limit how we use your personal data
  • Right to Data Portability: You may request a copy of your data in a structured, machine-readable format
  • Right to Object: You may object to our processing of your personal data for direct marketing or legitimate interests
  • Right to Withdraw Consent: Where we rely on consent, you may withdraw it at any time

Legal Basis for Processing: We process your personal data based on: (a) your consent when you sign up; (b) performance of our contract to provide services; (c) our legitimate interests in operating and improving our platform; and (d) compliance with legal obligations.

International Transfers: If we transfer your personal data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

Supervisory Authority: You have the right to lodge a complaint with a data protection supervisory authority in your country of residence.

CCPA Rights (California Residents)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You may request information about the categories and specific pieces of personal information we have collected, the sources of that information, our business purposes for collecting it, and the categories of third parties with whom we share it
  • Right to Delete: You may request that we delete the personal information we have collected from you, subject to certain exceptions
  • Right to Opt-Out of Sale: We do not sell your personal information. If this changes, you will have the right to opt-out
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights

Categories of Personal Information Collected: Identifiers (name, email, ORCID); professional information (affiliation, research interests); internet activity (usage data, device information); and content you provide (papers, annotations, notes).

Business Purposes: We use personal information to provide and maintain our services, communicate with you, improve our platform, and ensure security.

To exercise your CCPA rights, contact us at privacy@postprint.net. We will respond to verifiable requests within 45 days.

Children's Privacy

PostPrint is not intended for users under 13 years old. We do not knowingly collect information from children. If we learn we have collected information from a child, we will delete it immediately.

Third-Party Services

PostPrint may integrate with third-party services such as:

  • ORCID for researcher identification
  • Crossref and PubMed for paper metadata
  • Cloud storage providers (optional)

These services have their own privacy policies, which we encourage you to review.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a prominent notice in the application. Continued use after changes constitutes acceptance.

Contact Us

If you have questions about this Privacy Policy, contact us: