BenchMentis Privacy Policy

Last updated: May 2026

BenchMentis ("we", "our", "us") is operated by BenchMentis (benchmentis.com). This policy explains how we collect, use, and protect your personal information.

1. Information We Collect

Account Information

We collect your name, email address, and password when you create an account. Passwords are encrypted using bcrypt and never stored in plain text.

Research Data

We store content you create including lab notebook entries, saved protocols, manuscripts, research ideas, saved papers, and image analysis results. This data belongs to you and is only accessible by your account.

Usage Analytics

We use PostHog to collect anonymous usage data including:

• Pages and features visited
• Button clicks and interactions
• Feature usage frequency
• Session duration
• Device type and operating system
• Country (not precise location)

This helps us improve the product. PostHog data is anonymised and cannot identify you personally. PostHog privacy policy: posthog.com/privacy.

Crash Reports

We use Firebase Crashlytics to collect crash reports from the mobile app including:

• App version
• Device model and OS version
• Stack traces when crashes occur
• No personal data is included in crash reports

Firebase privacy policy: firebase.google.com/support/privacy.

AI Interactions

Queries sent to BenchQ and other AI features are processed by Anthropic (Claude), Google (Gemini), and Groq. These providers process your queries to generate responses. We do not sell your queries to third parties.

• Anthropic: anthropic.com/privacy
• Google: policies.google.com/privacy

Email Communications

We use Resend to send transactional emails including welcome emails and password reset emails. We do not send marketing emails without your consent. Resend privacy policy: resend.com/legal/privacy-policy.

2. How We Use Your Data

We use your information to:

• Provide the BenchMentis service
• Save your research data
• Send account-related emails
• Improve the platform
• Fix bugs and crashes
• Ensure security

We do NOT:

• Sell your data to anyone
• Share your research data with other users
• Use your data to train AI models without consent
• Send marketing spam

3. Data Storage and Security

Your data is stored in MongoDB Atlas (AWS us-east-1). We use:

• Encrypted connections (HTTPS)
• JWT authentication tokens
• bcrypt password hashing
• Per-user data isolation
• Rate limiting

Each user can only access their own data. We cannot see your lab notebook, manuscripts, or saved research without your explicit permission.

4. Data Retention

• Account data: kept until you delete your account.
• Lab notebook, protocols, manuscripts, saved papers: kept until you delete them or delete your account.
• Image analysis history: auto-deleted after 7 days. Saved analyses kept permanently until you delete them.
• Usage analytics (PostHog): retained for 1 year.
• Crash reports (Firebase): retained for 90 days.
• Session tokens: expire after 30 days.

5. Your Rights

You have the right to:

• Access your data: email support@benchmentis.com to request a copy of your data.
• Delete your account: go to Settings → Delete Account. All your data is permanently deleted within 24 hours.
• Export your data: contact support@benchmentis.com to request a data export.
• Opt out of analytics: contact support@benchmentis.com to opt out of PostHog tracking.
• Correct your data: update your profile in Settings at any time.

6. Third Party Services

BenchMentis uses these third-party services:

AI Providers

• Anthropic (Claude) — anthropic.com/privacy
• Google (Gemini) — policies.google.com/privacy
• Groq — groq.com/privacy

Analytics

• PostHog — posthog.com/privacy
• Firebase Crashlytics — firebase.google.com/support/privacy

Email

• Resend — resend.com/legal/privacy-policy

Infrastructure

• MongoDB Atlas — mongodb.com/legal/privacy-policy
• Replit — replit.com/privacy
• Cloudflare — cloudflare.com/privacypolicy

7. Cookies

BenchMentis uses only essential cookies for authentication (login tokens). We do not use advertising or tracking cookies.

8. Children

BenchMentis is intended for users aged 18 and over. We do not knowingly collect data from children under 18. If you believe a child has created an account please contact support@benchmentis.com.

9. Changes to This Policy

We will notify registered users by email if we make significant changes to this privacy policy. The "last updated" date at the top will always reflect the most recent version.

10. Contact Us

For privacy questions or data requests:

• Email: support@benchmentis.com
• Website: benchmentis.com

Response time: within 48 hours.

11. Governing Law

This privacy policy is governed by applicable data protection laws. For EU users we comply with GDPR requirements. For California users we comply with CCPA requirements.