Privacy Policy

1. Introduction

Scholar Cat ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Chrome browser extension ("Extension") and web application ("Service").

By using Scholar Cat, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this privacy policy, please do not access the Extension or Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address - Used for account authentication and communication
• Password - Stored securely using industry-standard encryption through our authentication provider (Supabase)

2.2 Scholar Data You Choose to Save

When you actively use the Extension to save scholar information, we collect and store:

• Scholar name - The name displayed on the Google Scholar profile
• Affiliation - The scholar's institutional affiliation
• Citation count - The total number of citations
• Google Scholar profile URL - The canonical URL of the scholar's profile
• Homepage URL - The scholar's personal/institutional homepage if available
• Research topics - Areas of interest listed on the profile
• Custom tags and memos - Notes you add to organize your records

2.3 What We Do NOT Collect

3. How We Use Your Information

We use the collected information solely for the following purposes:

• Account Management - To create and manage your user account
• Service Delivery - To store and synchronize your scholar records across devices
• Service Improvement - To understand usage patterns and improve our Service
• Communication - To send important service-related notifications
• Security - To detect and prevent fraudulent or unauthorized access

4. Data Storage and Security

4.1 Where We Store Your Data

Your data is stored securely in cloud databases provided by Supabase, which uses Amazon Web Services (AWS) infrastructure. Data is stored in data centers with industry-standard physical and digital security measures.

4.2 Security Measures

We implement the following security measures:

• All data transmission is encrypted using TLS/HTTPS
• Passwords are hashed using industry-standard algorithms
• JWT-based authentication for API access
• Row Level Security (RLS) ensures users can only access their own data
• Regular security audits and updates

5. Third-Party Services

We use the following third-party services to provide our Service:

We do NOT share your data with advertising networks, data brokers, or any third parties for marketing purposes.

6. Data Retention

We retain your data for as long as your account is active. You can delete your account at any time through the Settings page:

• All your saved scholar records will be immediately and permanently deleted
• Your account authentication data will be removed from our authentication provider
• This action is irreversible - please export your data before deleting your account
• Anonymized usage statistics may be retained for service improvement

7. Your Rights

You have the following rights regarding your data:

• Access - You can view all your saved data through our web application
• Correction - You can edit your scholar records at any time
• Deletion - You can delete individual records or your entire account through the Settings page
• Export - You can export all your data in JSON or CSV format through the Settings page
• Portability - Your exported data is in standard formats that can be imported into other systems

All these features are self-service and available in your account Settings. For additional requests, please contact us at the email address provided below.

8. Chrome Extension Permissions

Our Chrome Extension requests the following permissions:

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our Service, you consent to the transfer of information to countries outside your country of residence.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. GDPR Compliance (For EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to be informed about how your data is processed
• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing

Legal Basis for Processing: We process your data based on your consent (when you create an account and use our Service) and our legitimate interests in providing and improving our Service.

13. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

• Know what personal information is collected about you
• Know whether your personal information is sold or disclosed and to whom
• Say no to the sale of personal information
• Access your personal information
• Request deletion of your personal information
• Not be discriminated against for exercising your privacy rights

We do not sell your personal information.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact me: