MolHub Back to app

Privacy Policy

Effective date: 2026-06-01  ·  Controller: Scar's Agent (Sole Proprietorship, Republic of Korea)  ·  Representative: Lee Seongdo  ·  Business Registration No.: 420-48-01262  ·  Contact: admin@molhub.bio

This policy explains what data MolHub collects, why, where it is stored, and the rights you have. We comply with the EU GDPR and Korea's PIPA/KISA requirements.

1. Data we collect

  • Account data: email address and, optionally, name and organization.
  • Technical data: IP address (rotated/truncated) and basic device/browser info for security and abuse prevention.
  • Usage events: actions such as searches and docking jobs run, used for quotas, billing, and aggregate analytics.
  • Your scientific data: molecules, datasets, and structures you upload or generate.

We do not collect special-category personal data and we do not knowingly collect data from children.

2. Where your data is stored

  • Authentication: Supabase (US-East) stores your login identity and profile.
  • Scientific data & compute: hosted in the EU on Hetzner (Falkenstein, Germany).

3. Subprocessors

We share the minimum data necessary with the following processors, each under a data-processing agreement:

  • Supabase — authentication and profile storage
  • Hetzner — EU hosting of science data and compute
  • Vercel — frontend hosting/CDN
  • Paddle — payment processing and tax (Merchant of Record)
  • Anthropic — natural-language query interpretation (only the query text you submit)
  • Resend — transactional email delivery (your email address, to send account and notification emails)
  • Sentry — error monitoring and diagnostics (technical error data; personal data minimized)

4. How we use data

To provide and secure the Service, enforce quotas, process payments (via Paddle), and improve the product using aggregated analytics. We do not sell your data and we do not use advertising networks.

5. Cookies

We use only essential cookies — your authentication session and CSRF protection. We do not use tracking or advertising cookies.

6. Data retention

We retain account and scientific data for the lifetime of your account. After account deletion, data is retained for 30 days (to allow recovery) and then permanently deleted. Aggregated, de-identified analytics may be retained indefinitely.

7. Your rights

You have the right to access, rectify, export, and delete your personal data, and to object to or restrict certain processing. To exercise any right, email admin@molhub.bio; we respond within 30 days. You may also lodge a complaint with your local supervisory authority (in Korea, the Personal Information Protection Commission).

8. Security

Data is encrypted in transit (HTTPS/TLS). Access to production systems is restricted and logged. No method of transmission or storage is perfectly secure, but we take reasonable measures appropriate to the risk.

9. Changes

Material changes to this policy will be notified by email or in-app before they take effect.