← Back

Privacy Policy

1. Plain-English summary

LabLogger is an electronic lab notebook. We store the entries, files, samples, tasks, and account information you give us so we can provide the service. We use Google’s Gemini AI to classify, clean up, and answer questions about your content — those API calls are not used to train Google’s public models. We do not sell your data, ever. Your entries are visible only to you, members of any lab you join, and people you explicitly share with.

2. Who we are

“LabLogger”, “we”, “us” references the operating entity behind lab-logger.com. Contact: privacy@lab-logger.com.

3. What we collect

3.1 Account information

3.2 Notebook content

3.3 Operational + diagnostic data

3.4 Access

This deployment does not collect payment information. Legacy plan fields can remain in the database for compatibility with migrated records, but they do not control feature access.

4. How we use your data

5. How AI features handle your content

When you save an entry, ask Jethro a question, click AI organize on a folder, or import a PDF/image, the relevant content is transmitted to Google Gemini (model: 2.5 Flash) over the Gemini API for processing.

6. Sharing & visibility within LabLogger

7. Subprocessors

We rely on the following service providers to operate LabLogger. Each has its own privacy practices linked below.

ProviderRoleData sharedRegion
SupabaseDatabase hosting (Postgres)All notebook content, account data, audit logUS (configurable)
VercelApp hosting + serverless functionsRequest bodies during processingUS
Google (Gemini API)AI classification, OCR, Q&AEntry text, file content sent to AI featuresGlobal (Google data centers)
ResendTransactional emailEmail content + recipient addressUS
LiveblocksReal-time collaborative editingEntry document state when actively co-editedUS
SentryError monitoring (production only)Stack traces, hashed user IDUS

We will provide 30 days’ notice before adding a new subprocessor that materially changes the data flow.

8. Your rights

8.1 Access, correction, export

You can review and edit most data directly from the app. You can export your entries as PDF, DOCX, LaTeX, Markdown, or Jupyter-compatible JSON at any time. To request a full data export (everything we store about you), email privacy@lab-logger.com; we’ll respond within 30 days.

8.2 Deletion

You can delete your account from Settings. On deletion:

8.3 GDPR (EU/UK/EEA users)

If you reside in the EU/UK/EEA, you have the rights of access, rectification, erasure (“right to be forgotten”), restriction of processing, data portability, and the right to object to processing for legitimate interests. Email privacy@lab-logger.com to exercise any of these. We act as the data controller for account data and as a processor for content you create on behalf of your lab/employer.

8.4 California (CCPA / CPRA)

California residents have the right to know what personal information we collect, to delete it, to correct it, and to opt-out of sale. We do not sell personal information.

9. Security

10. Children’s privacy

LabLogger is not directed at children under 13 (or 16 in the EU/UK). If we discover that a child created an account, we will delete it. Undergraduate users 13+ are welcome but should review these terms with a parent or guardian where required by local law.

11. Cookies

We use essential cookies only — a NextAuth session token (HTTP-only) to keep you signed in, an active-organization cookie for lab switching, and an invite-code cookie used during sign-up. We do not use third-party advertising, retargeting, or tracking cookies.

12. International transfers

Our infrastructure is hosted in the United States. If you access LabLogger from outside the US, you consent to the transfer and processing of your data in the US under standard contractual clauses (where applicable to your jurisdiction).

13. Changes

We may update this Privacy Policy. Material changes will be announced via email and an in-product notice 30 days before they take effect for existing accounts.

14. Contact

General privacy inquiries, deletion requests, GDPR/CCPA requests, and law-enforcement inquiries: privacy@lab-logger.com.