Privacy Policy
Last updated: 24/04/2026
This Privacy Policy explains how Acteams (the "Service") collects, uses, and shares personal data, and describes your privacy rights under the EU General Data Protection Regulation (GDPR) and other applicable laws.
1. Who We Are (Controller)
The controller responsible for processing your personal data is:
- Legal entity: acteams.ai
- Address: [Add address]
- Email: privacy@acteams.ai
If you appoint a Data Protection Officer (DPO), add: [DPO contact].
2. Scope
This policy applies to our website and web application, including project collaboration features (projects, documents, notes, literature management, discussions/chat) and related APIs.
3. Personal Data We Collect
3.1 Account & identity data
- Name (if provided)
- Email address
- Authentication data (e.g., password hash; never your plain password)
- Profile image (if provided)
- Account status (e.g., email verification state)
3.2 Collaboration & content data (user-generated content)
The Service is designed for collaborative research work. Depending on your use, you may provide content that can include personal data.
- Project names and membership/role information
- Discussion/chat messages and reactions
- Notes content (including tags and linked literature references)
- Literature records you add (e.g., citations, identifiers, metadata)
- Files you upload (e.g., PDFs or other attachments) and file metadata
- Documents you create/edit (LibreOffice formats via Collabora Online)
3.3 Technical & usage data
- Log data (timestamps, requested pages/endpoints, errors)
- Device and browser information (user agent)
- IP address (typically captured in server logs)
- Security-related events (e.g., sign-in attempts)
3.4 Preferences
- User preferences (e.g., sign-in behavior, default project)
- UI preferences (may be stored locally in your browser)
4. Purposes and Legal Bases (GDPR Art. 6)
We process personal data only when we have a valid legal basis. Depending on context, our legal bases include:
- Contract (Art. 6(1)(b)): to provide the Service, create accounts, enable collaboration, and deliver requested features.
- Legitimate interests (Art. 6(1)(f)): to secure and maintain the Service, prevent fraud/abuse, debug issues, and improve reliability.
- Consent (Art. 6(1)(a)): for any non-essential cookies or similar technologies (if used) and for optional communications where required.
- Legal obligation (Art. 6(1)(c)): where we must comply with applicable law.
5. AI Features (OpenAI)
Some features may send user-provided text (e.g., a literature reference string) to an AI service provider (currently OpenAI) to generate outputs such as formatted citations or to help locate a full-text URL.
- You control what text you submit. Do not submit sensitive personal data unless you have a lawful basis and appropriate permissions.
- AI outputs can be inaccurate. You are responsible for verifying results (especially in academic/citation contexts).
- Depending on configuration, certain AI requests may be stored by the provider for service operation and abuse monitoring.
6. Document Collaboration (Collabora / WOPI)
The Service supports real-time collaborative editing of documents via Collabora Online. When you open and edit a document, document content is processed to render and save your changes.
7. Sharing and Disclosure
We do not sell your personal data. We share personal data only as needed to run the Service, including with hosting/infrastructure providers, email delivery providers (verification/service emails), and providers used for optional AI or document collaboration features.
We may also disclose information when required by law or to protect rights, safety, and security.
8. International Data Transfers
Some service providers may process data outside the European Economic Area (EEA). Where this occurs, we use appropriate safeguards such as adequacy decisions and/or standard contractual clauses (SCCs).
9. Data Retention
We retain personal data only as long as necessary for the purposes described above.
10. Your Rights (GDPR)
If GDPR applies to you, you have the right to:
- Access your personal data
- Rectify inaccurate or incomplete personal data
- Erase your personal data (right to be forgotten), in certain cases
- Restrict processing, in certain cases
- Data portability, in certain cases
- Object to processing based on legitimate interests, in certain cases
- Withdraw consent at any time where processing is based on consent
You also have the right to lodge a complaint with your local data protection authority (supervisory authority).
11. Security
We implement appropriate technical and organizational measures to protect personal data. However, no system is 100% secure.
12. Changes to This Policy
We may update this policy from time to time. We will post the updated version on this page and update the "Last updated" date.
13. Contact
Questions or requests can be sent to privacy@acteams.ai.