Privacy Policy

Axis Research Lab ("we," "us," or "our") operates the website located at axisresearchlab.com (the "Site"). This Privacy Policy explains how we collect, use, and protect information about visitors and registered users. By using the Site, you agree to the practices described here.

1. Information We Collect

Information you provide directly:

• Account registration: Email address and password (stored as a bcrypt hash — we never store your plaintext password).
• Email subscriptions: Email address and the page you subscribed from.
• Contact form submissions: Name, email address, subject, and message content.

Information collected automatically:

• Page views: URL path, HTTP referrer, and browser user-agent string, recorded server-side on each page visit.
• Session identifiers: A server-generated session ID stored in an HTTP-only cookie. Used to distinguish sessions without identifying you personally.
• Hashed IP addresses: We compute a one-way SHA-256 hash of your IP address truncated to 16 hex characters. We do not store raw IP addresses.
• Research assistant usage: The number of research questions submitted per day, associated with your account or a hashed IP, for quota enforcement purposes.
• Subscription status: Your current subscription tier (free, researcher, or pro) and its expiration date, if you subscribe.

2. How We Use Your Information

• To create and manage your account.
• To enforce daily usage quotas for the research assistant feature.
• To process subscriptions and verify payment status via our payment processor.
• To send transactional emails: account confirmation, welcome messages, and subscription updates.
• To send educational drip emails if you subscribed via our email list (you may unsubscribe at any time).
• To analyze site traffic and usage patterns in aggregate to improve our content and platform.
• To respond to contact form inquiries.
• To detect and block automated probes and exploit attempts for security purposes.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

3. Cookies & Tracking

We use a minimal set of cookies:

• Session cookie (axislabs.sid): HTTP-only, set by our server. Used to maintain your login session. Expires after 30 days or when you log out.
• No advertising or third-party tracking cookies are placed by Axis Research Lab.

We use server-side analytics — page view data is recorded directly on our server without loading external tracking scripts from Google Analytics, Facebook Pixel, or similar services. The fonts loaded from Google Fonts may result in a network request to Google's servers.

4. Third-Party Services

We use the following third-party services in operating this Site:

• Neon (PostgreSQL): Our database provider. User data is stored in a Neon-managed PostgreSQL database hosted in the United States. Neon Privacy Policy
• Render: Our hosting provider. The Site is served from Render's infrastructure. Render Privacy Policy
• Stripe: Payment processing for subscriptions. When you subscribe, you are directed to Stripe's checkout. We receive confirmation of payment status but do not store credit card details. Stripe Privacy Policy
• OpenAI: Powers the Library Research Assistant. Your research questions are transmitted to OpenAI's API for processing. OpenAI may retain queries per their data retention policies. OpenAI Privacy Policy
• Postmark (by ActiveCampaign): Transactional email delivery. Your email address is transmitted to Postmark to send account and subscription emails. Postmark Privacy Policy
• Google Fonts: Fonts are loaded from Google's CDN. Your browser makes a request to Google's servers which may log your IP address. Google Privacy Policy

5. Data Security

• All data is transmitted over HTTPS with TLS encryption.
• Passwords are hashed with bcrypt before storage. Plaintext passwords are never stored.
• IP addresses are stored only as one-way SHA-256 hashes. Raw IPs are not retained.
• Our database uses Neon's managed infrastructure with encryption at rest.
• Authentication tokens (JWTs) are signed and have a 30-day expiry.

No system is 100% secure. If you believe your account has been compromised, contact us immediately at info@axisresearchlab.com.

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate data.
• Deletion: Request deletion of your account and associated data.
• Opt-out: Unsubscribe from marketing emails at any time using the unsubscribe link in any email we send.
• CCPA (California residents): You have the right to know what personal information we collect, to delete it, and to opt out of sale (we do not sell personal data).
• GDPR (EU/EEA residents): You have the rights of access, rectification, erasure, restriction, portability, and objection under GDPR.

To exercise any of these rights, email us at info@axisresearchlab.com with the subject line "Privacy Request."

7. Data Retention

• Account data: Retained while your account is active and for up to 90 days after deletion.
• Email subscription data: Retained until you unsubscribe and request removal.
• Page view analytics: Retained for 24 months in aggregate form; raw session-level data retained for 90 days.
• Security block logs: Retained for 90 days for abuse analysis.

8. Children's Privacy

This Site is intended for users who are 18 years of age or older. We do not knowingly collect personal information from individuals under 18. If you believe a minor has submitted data to us, contact us at info@axisresearchlab.com and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we update the "Last updated" date at the top. Continued use of the Site after changes are posted constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

10. Contact Us

Questions, requests, or concerns about this Privacy Policy:

• Email: info@axisresearchlab.com
• Contact form: axisresearchlab.com/contact
• Mail: Axis Research LLC, Yukon, Oklahoma