Privacy Policy

Last updated: 18.03.2026

1. Introduction

SciFork SARL ("SciFork," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, process, and disclose your information when you access or use the SciFork Insight platform (the "Service"). By using the Service, you acknowledge that your personal data will be processed as described in this Privacy Policy.

Data Roles and Business Users (B2B): When users upload documents that may contain personal data, the user acts as the Data Controller and SciFork SARL acts as a Data Processor. If you are using the Service on behalf of a company or organization to process documents containing the personal data of third parties (such as clients or employees), your use of the Service is additionally subject to our Data Processing Agreement (DPA), available at scifork.com/insight/legal/dpa. By accessing the Service, business users explicitly agree to be bound by the DPA as incorporated herein.

2. Information We Collect

To provide our AI-assisted document retrieval service, we collect the following types of information:

Account Information: Name, email address, and authentication credentials when you register.
Billing Information: Payment details processed by our third-party payment provider (we do not store full credit card numbers on our servers).
User Content (Documents & Data): The PDF documents you upload to create your knowledge bases, as well as the text, metadata, and structural information extracted from them.
AI Interactions (Queries & Outputs): The search queries, prompts, and questions you submit to the Service, along with the AI-generated responses and your interaction with document references.
System Logs and Usage Data: IP addresses, browser types, metadata, access times, and diagnostic data collected automatically for security and performance monitoring.

3. How We Use Your Information

We use your data strictly to provide and improve the Service, specifically to:

Create, index, and manage your custom document knowledge bases.
Process your queries using Generative AI to return grounded, referenced answers based only on your uploaded documents.
Authenticate your access and securely allow you to download source documents.
Maintain the security, logical isolation, and stability of our infrastructure.
Comply with legal and regulatory obligations.

We do not use your data for advertising or profiling purposes.

4. Legal Basis for Processing

Where applicable under the EU General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP), we process personal data on the following legal bases:

Performance of a contract: to provide access to the Service and its features.
Legitimate interests: to ensure security, prevent abuse, maintain service reliability, and improve the Service.
Consent: where you have explicitly granted it for specific processing activities (e.g., non-essential analytics or marketing communications).
Legal obligations: to comply with applicable laws and regulatory requirements.

5. Data Sharing, Sub-Processors, and AI Processing

SciFork Insight relies on third-party cloud infrastructure to perform advanced document indexing and AI generation.

Authorized Sub-Processors: We engage select third-party vendors to assist in delivering the Service. A current, publicly accessible list of our authorized Sub-processors is available at scifork.com/insight/legal/subprocessors.
Zero Training Policy: To the best of our knowledge and per our contractual agreements with our sub-processors, your uploaded PDFs, queries, and generated responses are processed securely and are not used to train public or foundational AI models.
Data Isolation and Access Control: Your documents are indexed within a secure, centralized data store. When you query your knowledge base, the Service programmatically restricts the search and AI generation to retrieve context only from documents associated with your authenticated account.
Team Members and Shared Access: If an Account Owner utilizes the Team Member feature, they explicitly authorize SciFork SARL to expose the contents of their uploaded documents to invited users. This includes displaying AI-generated query responses and allowing Team Members to download original source documents. The Account Owner acts as the controller for this data sharing.

6. Data Location and International Transfers

We are committed to strict data residency requirements. The storage of your uploaded documents and the machine learning processing (AI generation) are conducted within the European Economic Area (EEA) and/or Switzerland, or subject to appropriate safeguards such as Standard Contractual Clauses where required. We ensure that any sub-processors we use adhere to strict data processing agreements compliant with the Swiss FADP and EU GDPR.

7. Data Retention and Deletion

We retain data only for as long as necessary, aligned with our Terms of Service:

Active Deletion: If you manually delete a specific document, it is immediately rendered inaccessible and permanently deleted from our active indexing servers within thirty (30) days.
Account Termination: Upon account deletion, all User Content, including uploaded PDFs and chat histories, is permanently deleted from active servers within thirty (30) days.
System Backups: To ensure stability, deleted data may remain securely encrypted in our system backups for a period of up to sixty (60) days before being permanently overwritten.
System Logs: Technical logs are retained securely for a period of up to ninety (90) days for security and diagnostic purposes before being automatically deleted.

8. Data Security

We implement robust technical and organizational measures to protect your data, including User Content and personal information, against unauthorized access, loss, destruction, or alteration. These measures include:

Encryption: All data is encrypted in transit (using TLS/HTTPS) and encrypted at rest within our secure databases.
Access Controls: We employ strict logical access controls, authentication requirements, and metadata filtering to ensure data isolation between individual user accounts and teams.
Sub-Processor Obligations: We legally bind all our authorized Sub-processors (available at scifork.com/insight/legal/subprocessors) to maintain equivalent or stricter security, confidentiality, and data protection standards.

While these measures are meticulously designed to restrict access to authorized data, no system, application, or cloud infrastructure can guarantee absolute isolation or 100% security.

9. Your Privacy Rights

Under the Swiss FADP and EU GDPR, you have the right to:

Access the personal data we hold about you.
Rectify inaccurate or incomplete data.
Delete your personal data (the "right to be forgotten").
Restrict or Object to certain processing of your data.
Receive your personal data in a structured, commonly used, and machine-readable format (Data Portability). Upon request, this typically includes a JSON export of your account data and the return of your original uploaded PDF files.

Timeframe: To exercise any of these rights, please contact us. We will respond to all legitimate data subject requests within thirty (30) days of receipt.

10. Cookies and Session Management

The Service uses cookies and similar technologies that are strictly necessary for authentication, session management, security, and operation of the platform. Because these cookies are essential to the functioning of the Service, they do not require user consent under applicable laws. If we introduce non-essential cookies or analytics tools (e.g., performance monitoring or behavioral tracking) in the future, appropriate consent mechanisms will be implemented prior to their use.

11. Changes to this Privacy Policy

We reserve the right to update this Privacy Policy to reflect changes in our Service or legal requirements. If we make material changes, we will provide you with reasonable advance notice—typically at least thirty (30) days before the changes take effect—via the email address registered to your account and/or through a notification within the app. Your continued use of the Service after the effective date constitutes your acceptance of the updated Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us at:
SciFork SARL
Chemin des Mines 2, 1202 Genève, Switzerland
Email: legal@scifork.com