Back to Registration

Privacy Policy

Effective Date: January 17, 2026

At Laborate, privacy is fundamental to our mission of empowering scientific research. This Privacy Policy explains how we collect, use, and protect your personal information when you use the Laborate application (the “Services”) or visit our landing pages (the “Sites”).

Information We Collect

We collect information to provide, improve, and secure our Services.

  • Account InformationWhen you register, we collect your name, institutional email address, password, and the name of your organization.
  • Customer DataWe host the scientific data, notebook entries, and inventory lists you submit. Because Laborate uses "Institutional Accounts," your data may be accessible to the administrators of your organization.
  • Usage & Analytics DataWe monitor viewership of our landing pages and application. We automatically collect data such as IP addresses, device types, browser versions, and interaction patterns (clicks, scroll depth, and page views) via our infrastructure providers (Vercel and Supabase).
  • CookiesWe use essential cookies for authentication (keeping you logged in) and may use analytics cookies to understand how users interact with our Sites.

How We Use Your Information

  • To Provide ServiceOperating the notebook and inventory features.
  • To ImproveAnalyzing traffic and usage to optimize performance.
  • SecurityMonitoring for unauthorized access to protect scientific IP.

How We Share Information

Laborate does not sell your personal information. We share data only with:

  • Infrastructure Providers: We use Vercel and Supabase (running on AWS) to host our services. They process data only as necessary to provide these technical services.
  • Your Institution: If your account is part of an Institutional Account, your organization’s administrators have the right to access and manage your data.
  • Legal Obligations: We may disclose data if required by law or to protect the safety and rights of Laborate and its users.

Your Rights & Choices

Depending on your location (e.g., California or the EEA/UK), you may have the right to:

Access / ExportCorrectionDeletion (subject to institutional rules)

Security & International Transfers

Encryption: We use AES-256 encryption at rest and industry-standard HTTPS/TLS encryption in transit.

Cloud Security: We rely on the hardened security of Vercel and Supabase (SOC 2 compliant).

Location: Laborate is operated from the United States. Your information will be stored and processed on servers located in the U.S.

Children’s Privacy

Laborate is intended for institutional research and is not directed at children under the age of 16.

Updates

We may update this policy periodically. Material changes will be notified via the "Effective Date" or in-app notifications.

Acceptable Use Policy

Last Updated: January 17, 2026

This Acceptable Use Policy (“AUP”) describes the rules that apply to any party using the Laborate Services. Violation of this AUP may result in the immediate suspension or termination of your access.

No Inappropriate Content

Do not use Laborate to transmit or store:

  • Illegal Data: Violates laws, illegal biological research records, or stolen IP.
  • Harmful Content: Promotes violence, discrimination, or malicious misinformation.
  • Unauthorized Data: Personal health information (PHI) or prohibited sensitive data.

Prohibited Activities

Violations of LawsUsing the Services in any way that violates privacy laws, export control laws, or scientific regulations.
Reverse EngineeringAttempting to decompile, disassemble, or discover the source code or database schema of Laborate.
InterferenceNegatively impacting the performance of the Services or third-party networks (Vercel/Supabase).

Service Integrity & Security

You must not violate the technical integrity of Laborate, including:

  • Bypassing Limitations: Attempting to exploit restrictions or gain unauthorized Admin privileges.
  • Security Vulnerabilities: Probing APIs or databases without permission.
  • Disruption (DoS): Engaging in attacks that disrupt or overload our servers.
  • Harmful Code: Transmitting viruses, malware, or using bots/scrapers.
  • Unauthorized Access: Attempting to access data of another Institution.

Reporting Violations

If you become aware of any violation of this AUP, report it immediately.

daniel.huang@laborate.app