Privacy Policy

Last updated: April 2, 2026

1. Who We Are

Aqrab ("we," "our," "us") is an AI-powered research methodology critique platform operated by Coefficients Health Analytics. Our website is aqrab.ai.

2. What Data We Collect

We collect the following types of information:

  • Account data: Email address, name (when you sign up via email, Google, or GitHub).
  • Study data: Research abstracts, study designs, and methodology descriptions you submit for critique.
  • Usage data: API call counts, critique history, timestamps, and plan/subscription status.
  • Payment data: Processed by Stripe. We store only your email, subscription status, and Stripe customer ID — never your card number.
  • Technical data: IP address, browser type, and device information for security and analytics.

3. How We Use Your Data

  • To provide methodology critiques and scoring
  • To manage your account, credits, and subscription
  • To improve our methodology critique framework and scoring accuracy
  • To send transactional emails (magic link login, billing receipts)
  • To detect and prevent abuse of our API

4. Zero Training Guarantee

Your study data is never used to train our AI models. This is a zero-training guarantee. The data you submit is processed to generate a critique, then stored only for your history access. It is not included in any model training, fine-tuning, or prompt engineering datasets.

5. Data Security

  • Encryption at rest: AES-256 for all stored study data.
  • Encryption in transit: TLS 1.3 for all communications.
  • Infrastructure: Hosted on Supabase and Vercel with SOC 2 Type II compliance.
  • Access controls: Role-based access with audit logging.

6. Data Retention

We retain your data as follows:

  • Critique history: Retained while your account is active. Deleted upon account deletion.
  • API usage logs: 90 days for rate limiting and abuse detection.
  • Billing records: 7 years as required by tax law.

You can request full data deletion by contacting us at anas@coef.health.

7. Third-Party Services

  • Stripe — Payment processing
  • Supabase — Authentication and database
  • OpenRouter / Google Gemini — AI model inference (for generating critiques)
  • Vercel — Hosting and deployment

These services have their own privacy policies. We only share the minimum data necessary for each to function.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data
  • Export your data in a portable format
  • Object to processing
  • Withdraw consent at any time

9. Cookies

We use essential cookies for authentication and theme preferences. We do not use advertising cookies. Analytics cookies (if any) can be declined via our cookie banner.

10. Contact

For privacy-related questions or data deletion requests, contact us at anas@coef.health.