Infosphere Technologies ("we", "us") respects your privacy. This Policy explains what personal data we collect through the MedResearch AI platform (the "Platform"), how we use it, and the rights you have. For EU/EEA users, please also see our GDPR Compliance page.
1. Information We Collect
- Account data — name, email, organisation, and credentials you provide on registration.
- Research content — the goals, hypotheses, documents and queries you submit to the Platform.
- Usage data — pages visited, features used, timestamps, and diagnostic logs.
- Technical data — IP address, browser type, and device information.
2. How We Use Your Data
- To provide, operate and secure the Platform and your account.
- To generate and return the research outputs you request.
- To improve model quality and platform reliability (using aggregated or de-identified data where feasible).
- To communicate service updates and respond to support requests.
3. On-Premise & Enterprise Deployments
For air-gapped / on-premise enterprise deployments, your research content is processed entirely within your own infrastructure and is not transmitted to us. In that configuration we do not receive your hypotheses, molecules, or targets.
4. Data Sharing
We do not sell your personal data. We share it only with (a) infrastructure providers strictly to operate the Platform, under confidentiality obligations; (b) authorities where required by law; or (c) a successor entity in the event of a merger or acquisition, subject to this Policy.
5. Public Scientific Databases
To validate hypotheses, the Platform may query public scientific databases (e.g. PubMed, Open Targets, ChEMBL, STRING, KEGG). Only non-identifying scientific terms (such as gene or disease names) are sent to these public sources — never your account identity or proprietary content.
6. Cookies & Analytics
We use essential cookies for authentication and may use privacy-respecting analytics to understand aggregate usage. You can control cookies through your browser settings.
7. Data Security & Retention
We apply encryption in transit, access controls, and audit logging. We retain personal data only as long as necessary to provide the service and meet legal obligations, after which it is deleted or de-identified.
8. Your Rights
Subject to applicable law, you may request access, correction, deletion, or export of your personal data, and object to or restrict certain processing. See GDPR Compliance for how to exercise these rights.
9. Children's Privacy
The Platform is not directed to individuals under 18, and we do not knowingly collect their data.
10. Changes & Contact
We may update this Policy; changes are posted here with a revised date. Privacy questions: skouras@infosphereco.com
This document is provided for transparency and should be reviewed by qualified legal counsel before commercial reliance.