Privacy Policy

Last updated: May 2025

In brief: We collect only what we need to run the service. Your manuscript text is sent to our AI provider to generate the review and is not stored by us. Review results are stored so you can access them later. You can request deletion of your data at any time using the contact form below.

Who we are

redpen.review is an independent academic manuscript review service. We are the data controller for personal data collected through this service. To exercise your data rights or ask questions about this policy, please use the contact form at the bottom of this page.

What data we collect and why

Account information. When you create an account we collect your email address and a securely hashed password. We use this to identify you, maintain your balance, and provide access to your review history.

Manuscript text. When you submit a manuscript, the text is extracted from your uploaded file and sent to Anthropic (our AI provider) to generate the review. We do not write your manuscript text to our database. It is processed in memory and discarded after the review is complete.

Review results. The review generated for your manuscript is stored in our database so you can access it from your dashboard. We store the filename, word count, balance used, and the review text. We do not store the original manuscript.

Payment data. When you purchase balance, payment is processed by Stripe. We receive confirmation of successful payment and the amount purchased. We do not see or store your card details.

Technical data. Our infrastructure providers (Cloudflare, Supabase) process standard request metadata as part of operating the service. This is handled under their respective privacy policies.

Your manuscript and AI processing

For researchers with unpublished work: Your manuscript text is transmitted to Anthropic's API to generate the review. According to Anthropic's API terms, inputs submitted via the API are not used to train their models. We do not retain your manuscript text after the review is generated. We recommend reading Anthropic's privacy policy directly if you have concerns about sensitive or unpublished research. If your institution has data governance requirements that restrict use of third-party AI tools, please check with them before using this service.

How long we keep your data

  • Account data (email, balance): retained while your account is active and for 12 months after your last login
  • Review results: retained for 24 months from the date of the review
  • Manuscript text: not stored, processed in memory only
  • Payment records: retained for 7 years as required by financial regulations

Third-party services

We use the following services to operate redpen.review, each with their own privacy policies:

  • Anthropic — AI provider that processes manuscript text to generate reviews
  • Supabase — database and authentication (stores account data and review results)
  • Stripe — payment processing
  • Cloudflare — hosting and content delivery

We do not sell your data to third parties and do not share it for advertising purposes.

Your rights under UK GDPR

If you are based in the UK or EU you have the right to access, correct, delete, or export your personal data, and to restrict or object to its processing. To exercise any of these rights, please use the contact form below. We will respond within 30 days.

You also have the right to complain to the Information Commissioner's Office at ico.org.uk.

Cookies

We use a session cookie to keep you signed in. We do not use advertising or third-party tracking cookies.

Changes to this policy

We will notify registered users by email of any significant changes. The date above reflects the most recent update.

Data requests and privacy questions

To request access to, correction of, or deletion of your data, or to ask any question about this policy, please use the form below.