Privacy Policy

Last updated: 2026-05-25. This is an initial technical draft and is not a substitute for review by qualified legal counsel before public launch.

1. What we collect

Endo Lab is designed to collect as little as possible. We do not require an account. We do not set tracking cookies or fingerprinting beacons. The site sets no cookies at all; any session-persisted state (such as a non-commercial-use acknowledgement for restricted records, or your institutional library settings) lives in your browser's localStorage and never leaves your machine.

We use Umami, a self-hosted, privacy-friendly analytics tool, to count aggregate page views. Umami stores no cookies and does not track individuals across sites. It reports aggregate counts only (visits per page, referrer source, country, browser family) — never anything tied to a specific person. Umami honours the Do Not Track browser signal.

1a. Institutional library access ("Find at my library")

The "Find at my library" feature lets you open a paper through your university or institution's link resolver. The three values you can configure (your library's link-resolver URL, an optional LibKey library ID, and an optional EZproxy prefix) are stored exclusively in your browser's localStorage. They are never POSTed to Endo Lab, never logged on our server, and never visible to anyone but you. Clicking the button opens your library's resolver in a new tab; from that point on, authentication happens between your browser and your library — Endo Lab is no longer in the loop and never sees your library credentials, IDs, or session tokens.

2. Server access logs

For abuse detection, capacity planning, and basic security, the server records one log entry per request containing:

• HTTP method and URL path (no query string — search terms are not logged)
• Response status code and duration in milliseconds
• Anonymized client IP — for IPv4 we zero the last octet (e.g. 198.51.100.0); for IPv6 we zero the last 80 bits
• User-Agent string
• Timestamp

Anonymized log entries are retained for 90 days. We do not store the un-anonymized IP at any point. We do not share access logs with third parties. We do not perform behavioural profiling.

3. Search queries

To protect researchers querying for sensitive topics, the literal text of search queries is not written to any persistent log. Aggregate counters (e.g. "how many search requests per day") may be retained in anonymous form for capacity planning.

4. GDPR rights for EU and UK visitors

If you are based in the European Union, the European Economic Area, or the United Kingdom, you have rights under the General Data Protection Regulation (GDPR), including the right to access, correct, or erase any personal data we hold about you, and the right to lodge a complaint with your local data protection authority. Because Endo Lab does not maintain user accounts and anonymizes IPs at write time, in most cases there is no personal data to access or erase. If you have any concern, you may write to the operator at the contact address below and we will respond within 30 days.

5. Third parties

Records displayed on Endo Lab originate from public upstream APIs (OpenAlex, PubMed, Crossref, Europe PMC, Unpaywall, PMC, SciLite, ClinicalTrials.gov, WHO ICTRP, NIH RePORTER, EU CORDIS). Endo Lab does not transmit any visitor data to these upstreams when serving a page; the upstream calls happen on a separate server-side ingestion schedule.

AI-backed surfaces (chat, fact-check, paper summaries, yes/no verdict) send the text you enter to third-party LLM providers — currently OpenAI for most generations and Google Gemini for the fact-check multimodal path. These providers process your input to generate the response and may retain inputs for up to 30 days for abuse monitoring under their standard terms. Endo Lab itself does not retain the conversation content beyond the request lifecycle.

If you are a clinician: do not enter identifiable information about your patients into any Endo Lab surface. Endo Lab is a researcher tool, is not designed for clinical use, and does not have a Business Associate Agreement (BAA) or equivalent data processing agreement with the third-party LLM providers.

6. Children

Endo Lab is intended for adult researchers and is not directed at children under 13 (or 16, in jurisdictions where that is the applicable age). We do not knowingly collect data from children.

7. Changes to this policy

Updates will be reflected by the "last updated" date at the top of this page. Material changes will be announced on the home page.

8. Contact

Privacy questions or data-subject requests: [email protected].