Privacy Policy

We collect information you provide directly to us when you create an account (email address, name, password hash), subscribe to a plan (billing details processed securely — we never store raw card numbers), or contact support. When you use the desktop application, all signal data, experiments, preprocessing configs, and trained models are stored locally on your machine. We do not collect or transmit this data unless you explicitly choose to upload it to a project or publish to the Community Hub. Usage analytics (crash reports, feature usage counts) are collected only with your consent and contain no personally identifiable information.

Account information is used to authenticate you, manage your subscription, and send transactional emails (receipts, password resets, plan change confirmations). Team and project data you upload is used solely to provide the collaboration features you requested. We do not analyse, sell, or use your research data for any other purpose. We may use anonymised, aggregated usage statistics to improve the product.

Your account data is stored on servers located in the European Union (or as specified in your enterprise agreement). All data in transit is encrypted with TLS 1.3. Passwords are stored as bcrypt hashes, we cannot recover your password. Team dataset uploads are verified with SHA-256 checksums on both upload and download to detect any tampering or corruption in transit. We retain account data for the duration of your account plus 30 days after deletion, at which point all personal data is permanently purged.

We do not sell your personal information. We share data only with: • Our payment processor, for billing and subscription management • Email service providers, for transactional emails only • Cloud infrastructure providers, under strict data processing agreements If required by law, we may disclose information in response to a valid legal order. We will notify you unless legally prohibited from doing so.

If you are in the European Economic Area, you have the right to access, correct, export, or delete your personal data at any time. You can exercise these rights from your account settings or by emailing privacy@bcinexus.io. You may also object to processing, request restriction of processing, or lodge a complaint with your local data protection authority. We respond to all verified requests within 30 days.

Our website uses strictly necessary cookies to maintain your session and remember your authentication state. We do not use advertising or tracking cookies. Analytics cookies (if you opt in) are first-party only and anonymised. You can manage cookie preferences at any time via the cookie settings banner or your browser settings.

BCINexus is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will delete it immediately.

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you by email or in-app notice at least 14 days before any material change takes effect. Your continued use of the service after that date constitutes acceptance of the new policy.

For privacy-related questions, data requests, or concerns, contact us at: Email: privacy@bcinexus.io Address: BCINexus Ltd., Data Protection Officer