Privacy Policy
Last updated · February 2026
1. What this policy covers
This Privacy Policy explains how Peer Verify LLC, an Illinois limited liability company that operates the Arm's Length Validator service ("Peer Verify", "we", "us"), collects, uses, shares, and protects information when you use our website and the Service. It applies to all users — researchers, administrators, journal editors, and institutional buyers.
2. Information we collect
Account data: name, email, hashed password, role. Subscription data: plan, status, payment transactions (we never store full card numbers — Stripe holds those). Content you submit: candidate CV files (PDF/TXT) and evaluator names you input to run a verification. Generated content: structured CV extracts, conflict-strength scores, audit logs of admin actions. Technical data: IP address (briefly, for brute-force lockout), browser type, and standard server logs. We do NOT collect third-party tracking cookies or run advertising pixels.
3. How we use information
To deliver the Service: run analyses against ORCID, PubMed, and Google; generate Arm's Length Grids and PDF exports; surface results in your dashboard. To bill you: process Stripe checkout sessions and apply retention discounts. To communicate with you: transactional emails via Resend (password reset, win-back, account notices). To improve the Service: anonymized usage metrics, cancellation reasons, and admin smoke-test results. We never sell your data.
4. Third-party services
We share the minimum necessary data with the following processors: Stripe (payment processing — your email and the chosen plan); Resend (transactional email delivery — your email and message content); Anthropic Claude via the Emergent LLM gateway (structured CV extraction — first 15,000 characters of the CV text); ORCID public API (the candidate and evaluator names you submit, sent as a search query); PubMed E-utilities (same — author names only); Google web search (your two names plus conference keywords). None of these queries include identifying information about you the user; they only contain the candidate and evaluator names you input.
5. Cookies
We use a single httpOnly authentication cookie ("access_token") to keep you signed in. It is set with the Secure flag and the SameSite=None attribute so the app works across the K8s ingress. We do not use analytics, advertising, or cross-site tracking cookies.
6. Data retention
Account data and reports: retained while your account is active and for up to 90 days after deletion to satisfy audit and tax requirements, then permanently removed. CV file contents: stored only as extracted text in MongoDB; original PDFs are not retained server-side. Status samples: 30-day rolling window via TTL index. Login attempt logs: 15 minutes (used for brute-force lockout only). Cancellation reasons: retained for product analytics with no PII beyond the email.
7. Your rights
You can: (a) view all your reports, batches, and account data via the in-app dashboard; (b) download any report as PDF; (c) cancel your subscription at any time from the Billing page; (d) request a copy or deletion of all your data by emailing hello@armslengthvalidator.com — we'll respond within 30 days. EU/UK residents have rights under GDPR including access, rectification, erasure, restriction, portability, and objection. California residents have rights under CCPA including the right to know and right to delete. Requests are honored regardless of jurisdiction.
8. Security
Passwords are hashed with bcrypt. Authentication uses signed JWTs in httpOnly cookies. All traffic is HTTPS-only. Stripe and Resend are PCI/SOC-2 certified third-party processors. We log failed login attempts and lock accounts after 5 failures within 15 minutes. We run an internal admin smoke test that verifies every external dependency, and a public status page at /status. No system is perfectly secure, but we follow industry best practice and disclose any material breach to affected users within 72 hours of discovery.
9. International transfers
Peer Verify LLC is headquartered in the State of Illinois, United States, and our infrastructure may be hosted within the US. By using the Service from outside the US, you consent to the transfer of your information to the US, where data-protection laws may differ from those in your home country. We rely on standard contractual clauses or equivalent safeguards where required.
10. Children's privacy
The Service is intended for adult researchers and institutional staff. We do not knowingly collect data from anyone under 18. If you believe a minor has used the Service, contact us and we will delete the account.
11. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be announced to active subscribers via email at least 14 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.
12. Contact
Privacy questions, data access, or deletion requests: hello@armslengthvalidator.com. We respond within 30 days. For EU users, our European Data Protection Officer can be reached at the same address.