Sciebeta

01

Introduction

ScieBeta ("we", "us", or "our") operates sciebeta.com, an open-access scientific publishing and digest platform. This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and what rights you have over it.

By using ScieBeta, you agree to the practices described in this policy. If you do not agree, please discontinue use of the platform.

Governing law: This policy is governed by the Digital Personal Data Protection Act, 2023 (DPDP Act) of India and, where applicable, other relevant data protection laws including the Information Technology Act, 2000.

02

Who This Policy Applies To

This policy applies to all persons who interact with sciebeta.com, including:

→
Visitors — anyone who browses sciebeta.com without an account.
→
Registered users — readers, students, and general members who create an account.
→
Researchers and contributors — users who publish digests or contribute content through the Studio.
→
Newsletter subscribers — users who subscribe to our weekly science digest email.

03

What Data We Collect

3.1 Data You Provide Directly

Data	When collected
Full name	Account registration
Email address	Registration, newsletter subscription
Password (hashed only, never plain text)	Account registration
Profile info (affiliation, ORCID, bio)	Optional researcher profile setup
Content you publish (digests, abstracts, references)	When you use Studio to publish
Call notes, tags, and annotations	When you use researcher tools
Messages and collaboration content	When you use Collab or Chat
Feedback and support communications	When you contact us

3.2 Data Collected Automatically

Data	Purpose
IP address	Security, abuse prevention
Browser type and version	Technical compatibility
Device type	Responsive experience
Pages visited and time spent	Platform analytics and improvement
Referring URL	Understanding traffic sources
Session identifiers	Authentication and session management

3.3 Data from Third Parties

We do not purchase data from data brokers or advertising networks. We may receive limited data from third-party login providers (if enabled) — limited to what you permit during OAuth flow — and from academic databases (OpenAlex, PubMed, CrossRef, EuropePMC), which supply bibliographic metadata only, not personal data.

04

Why We Collect Your Data

Purpose	Legal basis (DPDP Act 2023)
Creating and managing your account	Consent / Contract
Publishing and displaying your digests	Consent / Contract
Sending newsletter emails you subscribed to	Consent
Improving platform features and fixing bugs	Legitimate interest
Detecting and preventing fraud or abuse	Legitimate interest / Legal obligation
Responding to your support requests	Consent / Contract
Complying with applicable laws	Legal obligation
AI-assisted digest generation (Studio)	Consent (you initiate the action)

Note: We do not use your personal data for advertising, profiling for commercial purposes, or sale to third parties. ScieBeta is ad-free.

05

How We Use AI Features

The ScieBeta Studio uses AI models (currently Google Gemini) to assist with generating digest summaries and research insights. When you use these features:

→
Your input text and source URLs are sent to Google's Gemini API for processing.
→
We do not permanently store your prompts on Google's servers beyond the scope of a single API call.
→
AI-generated content is reviewed and published by you — ScieBeta does not auto-publish AI output.
→
Google's use of API data is governed by Google's AI API Terms of Service.

06

Data Storage and Security

→
All user data is stored on Supabase (PostgreSQL), with servers that may be located outside India. By using ScieBeta, you consent to this cross-border transfer.
→
The platform is hosted on Vercel (global CDN).
→
We use Row-Level Security (RLS) policies so users can only access their own data.
→
Passwords are hashed and never stored in plain text.
→
All data transmission is encrypted via HTTPS/TLS.
→
Access to production databases is restricted to authorised platform administrators only.

Despite these measures, no system is completely secure. We encourage you to use a strong, unique password and report any suspected security issues to contact@sciebeta.com.

07

Data Sharing

We do not sell, rent, or trade your personal data. We share data only in the following limited circumstances:

Recipient	Reason
Supabase, Vercel, Google (Gemini API)	Service providers — only as necessary to operate the platform
Government / courts	When required by Indian law, court order, or lawful request
Safety	To protect the rights, safety, or property of ScieBeta or its users
Successor entity	In the event of a merger or acquisition, bound by this policy

All researcher-published digests are publicly accessible by design, as ScieBeta is an open-access platform.

08

Public Content

Content you publish on ScieBeta — including digest titles, abstracts, author names, affiliations, and references — is publicly accessible and may be indexed by search engines. The ScieBeta Public API (sciebeta.com/api/v1/digests) also makes published digest metadata available to third parties.

If you wish to have published content removed, contact us at contact@sciebeta.com.

09

Email Communications

If you subscribe to our newsletter or create an account, we may send you the ScieBeta weekly digest email, platform announcements, and account-related notifications.

You may unsubscribe from marketing emails at any time via the link in any email or by contacting contact@sciebeta.com. Transactional emails (password reset, account security) cannot be opted out of while your account is active.

10

Data Retention

Data type	Retention period
Account data	Until account deletion, plus 30 days
Published digests	Indefinitely (open access by design)
Newsletter subscription	Until unsubscribe
Server logs	90 days
Support communications	2 years

When you delete your account, personal data is removed from active systems within 30 days. Published digests may remain with your name anonymised, unless you specifically request full removal.

11

Your Rights Under DPDP Act 2023

As a data principal under the Digital Personal Data Protection Act 2023 (India), you have the right to:

01
Access the personal data we hold about you.
02
Correction of inaccurate or incomplete personal data.
03
Erasure of your personal data (right to be forgotten), subject to legal obligations.
04
Nomination of a person to exercise your rights in the event of your death or incapacity.
05
Grievance redressal — raise a complaint with us, and if unresolved, with the Data Protection Board of India.
06
Withdrawal of consent at any time, without affecting the lawfulness of prior processing.

To exercise any of these rights, email contact@sciebeta.com with the subject line "Data Rights Request". We will respond within 30 days.

12

Children's Privacy

ScieBeta is not directed at children under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has registered on ScieBeta, please contact us immediately and we will delete the account.

13

Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or applicable law. When we do, we will update the effective date above and, for material changes, notify registered users by email. Continued use of ScieBeta after the updated policy is posted constitutes acceptance.

14

Contact and Grievance Officer

Reach us

Emailcontact@sciebeta.com

Websitesciebeta.com

LocationKerala, India

We aim to acknowledge all requests within 72 hours and resolve them within 30 days.