Privacy Policy

Who we are

Our website address is: http://research-says.com.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

When you use a contact or upload form on our website, we collect the following information:

  • Your name or nickname

  • Your email address

  • Your message and any uploaded file

This data is used solely for communication and service delivery, such as responding to your inquiry or editing your document. We do not use this information for marketing unless you explicitly opt in.

How long we keep your form data:

We retain form submissions for up to 90 days for customer service purposes, after which they are securely deleted. Uploaded documents are deleted permanently once the editing is complete.

We never share contact form submissions with third parties, except as necessary to process the service (e.g., via secure email or file transfer services).

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

We use the WP Statistics plugin to analyze traffic on our website. WP Statistics stores its data on our own server and does not transmit it to any third parties. Below, we describe what information we collect through WP Statistics, why we collect it, and how it is handled. If you have questions or concerns about our analytics practices, please contact us or review the WP Statistics Data Privacy guide.

We store visitors’ IP addresses in a way that may allow them to be identifiable. Specifically:

  • Collecting IP Data: Your IP address is recorded alongside your page visits, which can sometimes be used to estimate your location (country, city).
  • Why We Store IPs: This helps us detect unique visits, identify possible misuse or security issues, and gather accurate traffic data.
  • Data Protection: We keep IP records on our own server, secured and accessible only to authorized staff. We do not share them unless required by law.
  • Privacy Considerations: Since IP addresses may be considered personal data, we take reasonable measures to protect them. You can contact us regarding removal or other data rights if you feel your IP address is personally identifying.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

We do not sell, rent, or trade your personal data to any third parties.

We only share limited information (such as name or email address) with trusted services strictly for the purpose of operating the business, such as:

  • Gumroad (for processing payments, if you purchase through our site)

  • Email services (to confirm submissions or provide updates)

  • Website hosting providers (to deliver the site to your browser)

These third parties are GDPR-compliant and only access your data when absolutely necessary to provide services to you.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. This data will be deleted once the issue has been resolved.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

How we protect your data

We take data protection seriously. Our website uses HTTPS encryption, and stored data is protected with secure access controls. Only authorized personnel have access to user-submitted files and information.

Please do not include any sensitive or personally identifiable information (PII) in the documents you upload through this website or in your communication with us.

We only require:

  • Your name or nickname

  • A valid email address

  • Your document file (with identifying details removed)

We do not collect or require:

  • ID numbers (e.g., passport, national ID)

  • Personal addresses or phone numbers

  • Financial data

  • Confidential institutional information

All files are treated with confidentiality and are used solely for editing and communication purposes. If you’re unsure about what to include, feel free to contact us first. Uploaded files will be permanently deleted after the editing process is completed.

What data breach procedures we have in place

We take data protection seriously, even though we collect minimal personal information. In the unlikely event of a data breach (such as unauthorized access to our email, website, or document storage system), we will take the following steps:

  1. Immediate investigation of the breach and its scope

  2. Notification to affected users within 72 hours via email

  3. Temporary suspension of file handling or uploads, if necessary

  4. Security patching or updates to prevent further incidents

  5. Consultation with our hosting or service providers to identify the source and address vulnerabilities

Since we advise users not to submit sensitive personal data, the risk is reduced. However, we still treat your files and contact information with care and confidentiality.

What third parties we receive data from

We may receive information from platforms such as Gumroad (for payment confirmation) or Google Analytics (for website traffic insights). This information is used solely to improve user experience and fulfill services.

What automated decision making and/or profiling we do with user data

We do not perform automated decision-making or profiling. All communication is handled personally by human reviewers.

Industry regulatory disclosure requirements

We are not subject to industry-specific privacy regulations. However, we voluntarily comply with best practices for academic confidentiality and data protection.