ABSCLUST PRIVACY POLICY
Effective: 29.7.2024
Our website uses cookies
This website uses strictly necessary and optional cookies. You can see full information about the cookies we use in the ‘Cookies’ section below.
You can always change your cookie preferences here.
​
We use trusted third-party providers
Because we use service providers in multiple countries, some of your personal data may be processed outside of the EU, particularly in the USA. The USA does not have an adequacy decision by the European Commission, which means it does not provide the same level of data protection as the EU. To ensure the security of your data, we enter into data protection agreements with all our providers and implement Standard Contractual Clauses (SCCs) when necessary. You can request a copy of the SCCs we rely on with our providers outside the EU/EEA by contacting us at privacy@absclust.com.
​
You can enforce your data protection rights
You can enforce your data protection rights by contacting us at privacy@absclust.com.
Under the GDPR, you have the following data protection rights:
-
The right to access your personal data.
-
The right to rectify any inaccuracies in your personal data.
In certain circumstances defined by law, you may also exercise the following rights:
-
The right to request the deletion of your personal data.
-
The right to restrict the processing of your personal data.
-
The right to request the transfer of your personal data to another controller.
-
The right to withdraw consent to the processing of your data.
The right to object
When we process your data based on legitimate interest, you also have the right to object to the processing under Art. 21 GDPR.
The right to lodge a complaint
If you believe that our processing of your data infringes European data protection laws, you have the right to file a complaint with a data protection authority.
​
We regularly update this Privacy Policy
We reserve the right to update this Privacy Policy to reflect changes to our practices or for other operational, legal, or regulatory reasons.
You can always easily contact us
The controller in the meaning of the General Data Protection Regulation is AbsClust, privacy@absclust.com, see Imprint for contact details
You’re not legally or contractually required to provide us with your information
Unless otherwise stated, providing us with your personal data is not a statutory or contractual requirement. Although you are not obliged to provide it, we will not be able to offer you or guarantee the functionalities described in this Privacy Policy if you decide not to share the requested information.
​
PROCESSING ACTIVITIES
Below, you can find more details on how we process your personal data.
Website Access
Information
When you visit our website, your web browser transmits the following data to our web server:
-
Usage data (e.g. web pages visited)
-
Communication data (e.g. browser type, network, device, and IP addresses)
Purpose and legal basis
-
Analysis and maintenance of technical operation of the servers
-
Security and improvement of the hosting platform
The legal basis for this processing activity is the legitimate interest (Art. 6(1)(f) GDPR) in the technical functionality and security of the website.
Recipients
Website services providers: AbsClust, Contabo GmbH
Retention period
The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For the data collection to provide the website, this is when the respective session has ended.
If the data is stored in log files, it is deleted after 120 days at the latest. Further storage is possible, but the users’ IP addresses are deleted or anonymized in this case.
​
User Account
Information
Registration is required on our website to provide full access to the services. During registration, we will collect the information you entered in the registration form’s input mask. In addition, other communication data, e.g. IP addresses, browser type, operating system, or IP addresses are processed.
Purpose and legal basis
We process your personal data from the contact form in the preliminary stage of entering into a contract by Art. 6(1)(b) GDPR. The processing of communication data is based on legitimate interest Art. 6(1)(f) GDPR in the processing of your request.
Recipients
The website provider: AbsClust.
Retention period
We store your data for the full time of user activity and a maximum of 24 months from last user activity or 12 month from account deletion, unless you become our client and we need to keep it for other reasons, e.g. tax or legal.
​
Purchases
Information
For verification of payments, required to access AbsClust advanced features, we use third-party services, provided by Stripe. All user interaction happens with Stripe directly, without AbsClust serving as a proxy in between. You can find more information about how Stripe processes your data by the link: https://stripe.com/en-gb-es/legal/end-users. AbsClust will receive from Stripe the following information: user first and family names, type of bank card, the last four digits of the bank card, bank card validity data. This data will be stored at AbsClust to control features, available to the user.
Purpose and legal basis
We process your personal data from the contact form in the preliminary stage of entering into a contract by Art. 6(1)(b) GDPR. The processing of communication data is based on legitimate interest Art. 6(1)(f) GDPR in the processing of your request.
Recipients
The website provider: AbsClust, payment system provider: Stripe
​
Retention period
We store your data for the full time of user activity and a maximum of 24 months from last user activity or 12 month from account deletion, unless it is necessary to keep it for other reasons, e.g. tax or legal. Information about Stripe retention period can be found by the link https://stripe.com/en-gb-es/legal/end-users.
​
Mailing List
Information
Your e-mail address and interaction with the mailing lists (such as records of the links you click in the newsletter).
We use tracking to tailor the content of our newsletter to users’ interests and to get statistics on user activity. You can decide on the tracking when you register for the website and by (amending your profile). The following data is collected as part of tracking: (date and time, browser referrer, user agent (the browser used), and optional context-dependent information).
Purpose and legal basis
We collect your information to send you the newsletter based on your consent under Art. 6 (1)(a) GDPR. We only add you to our mailing list if you confirm your subscription by clicking the link in the email we send you automatically after signing up for the newsletter (‘double-opt in’ procedure).
We use tracking to analyze reader activity and provide you with content personalized to your interests. The legal basis for newsletter tracking is your consent according to Art. 6 (1)(a) GDPR.
Recipients
Email marketing provider: AbsClust
Retention period
We keep your data for as long as you subscribe to our newsletter. You can unsubscribe from this service at any time by clicking the unsubscribe link in each Newsletter. You can withdraw your consent to email tracking at any time by changing your account settings.
Search queries
We use third-party services to provide core functionality of AbsClust search engine. This means that your search queries might be processed by third-party service providers OpenAI, Inc and Cohere, Inc. For this purpose no user-related information is sent to third party (such as name, email, IP address, etc), only an anonymous search query string. AbsClust stores the user search queries to provide convenient search history in the user interface.
Purpose and legal basis
This website processes user search queries (possibly including third-party providers) for providing core search functionality. This processing is based on Art. 6 (1) b GDPR for meeting our contractual obligations.
Retention period
We store your search queries for the full time of user activity and a maximum of 24 months from last user activity or 12 month from account deletion.
OpenAI stores the data for up to 30 days for purposes of identifying abuse. You can read about OpenAI privacy policy at https://openai.com/enterprise-privacy/
Cohere stores the data for up to 30 days for purposes of identifying abuse. You can read about Cohere privacy policy at https://cohere.com/data-usage-policy
User uploaded data
AbsClust allows user to upload custom data sources, e.g. scientific articles as PDF to provide search within custom data sources. The data is securely stored in our servers and is only available to the user who uploaded the data. AbsClust stores this data for the full time of user activity or unless the custom data source is deleted by the user. In addition, for implementing AbsClust functionality, selected chunks of the data might be sent to third-party providers OpenAI, Inc and Cohere, Inc. This is necessary to implement following AbsClust features:
-
Basic information search within custom dataset
-
Question answering from custom dataset
-
Information extraction from custom dataset
For this purpose no user information is sent to third party (such as name, email, IP address, etc), only anonymized chunks of information from user uploaded data.
Purpose and legal basis
This website processes user uploaded data for providing basic functionality, which might include sending chunks of this data to third-party providers. This processing is based on Art. 6 (1) b GDPR for meeting our contractual obligations.
Retention period
We store the information for the full time of user activity or until specific custom dataset deletion. The data is stored for maximum of 36 months from last user activity or 6 months from account deletion or 6 months since specific custom dataset deletion.
OpenAI stores the data for up to 30 days for purposes of identifying abuse. You can read about OpenAI privacy policy at https://openai.com/enterprise-privacy/
​
Cohere stores the data for up to 30 days for purposes of identifying abuse. You can read about Cohere privacy policy at https://cohere.com/data-usage-policy
Website Analytics
Information and recipients
We use third-party web analytics services, Google Analytics, to collect standard internet log information and details of visitor behavior patterns. We do this to learn about the number of visitors to the different parts of the website.
This information is only processed in a way that does not directly identify anyone. The information collected is considered personal because Google assigns a unique identifier to each visitor. Read Google's overview of privacy and safeguarding data.
This information may also include details about your use of this website, including (clicks, internal links, pages visited, scrolling, searches, and timestamps).
We do this to learn about the number of visitors to the different parts of the website to improve our services. This information is only processed in a way that does not directly identify anyone.
​
Purpose and legal basis
Learning about site traffic and activity to help us improve our website based on user consent according to Art. 6 (1)(a) GDPR. You can withdraw your consent at any time by changing your cookie settings.
Retention period
See the details in the ‘Cookies’ section below.
COOKIES
Technically necessary cookies
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Legal basis
The processing is carried out under Art. 6 (1)(f) GDPR based on the legitimate interest in a user-friendly configuration of the website.
Cookies and retention period:
COOKIE NAMETYPEEXPIRYPURPOSE
crsftokenHTTPSessionA CSRF (Cross-Site Request Forgery) token is used to protect web applications from unauthorized actions by ensuring that requests to a server are intentionally generated by authenticated users. This cookie is essential for the security of the website and visitors.
sessionidHTTPSessionA session ID cookie is used to uniquely identify a user’s session on a web server, allowing the server to maintain state. This cookie is essential for the security of the website and visitors.
​
SOCIAL MEDIA
Information
When you visit and interact with us on our social media platforms, the following information is visible to us: public profile, aggregated insights, and statistics.
If you enter social media using the social buttons on our website, the following data is being transmitted to these platforms:
-
Information about your browser, network, and device
-
Details about the web page
-
Your IP address
Purpose and legal basis
We use social media on the legal basis of legitimate interest under Art. 6 (1)(f) GDPR in presenting our work through widely used communication channels.
Recipients
Social media platforms are separate controllers for the personal data they process. You use and interact with us on social media platforms voluntarily, subject to the policies of social media platforms.
​
To learn more about how the following social media platforms* process your data, we encourage you to read their privacy policies:
** Please note that these social media platforms transfer information to countries outside the EU, particularly the USA, and are subject to laws that do not correspond to the data protection standards guaranteed by EU laws.