Privacy Policy

Effective Date: April 7, 2026 · Last Updated: June 2, 2026

BarterSci (the “Platform”) is operated by amelix Solutions LLC, a California limited liability company doing business as BarterSci (“BarterSci,” “we,” “us,” or “our”). This Privacy Policy explains what personal information we collect, how and why we use it, with whom we share it, how we protect it, and the rights and choices available to you. It applies to information processed in connection with your use of the Platform and any related websites, applications, APIs, and services. By accessing or using the Platform you acknowledge this Privacy Policy. If you do not agree, do not use the Platform.

IMPORTANT NOTICE: BarterSci is a marketplace and social-network style venue. Content you choose to publish or transmit may be viewed, copied, screenshot, saved, archived, or shared by other users and third parties, and we cannot retrieve or delete copies once they leave our systems. DO NOT POST OR SEND ANY INFORMATION YOU CONSIDER CONFIDENTIAL, PROPRIETARY, TRADE SECRET, EXPORT-CONTROLLED, REGULATED HEALTH OR FINANCIAL DATA, OR OTHERWISE SENSITIVE UNLESS YOU HAVE A SEPARATE WRITTEN AGREEMENT (SUCH AS AN NDA) GOVERNING THE DISCLOSURE.


1) Definitions

  • “Personal Information” (also “Personal Data”) means any information relating to an identified or identifiable individual, as defined under Applicable Law (including the EU and UK GDPR, the California Consumer Privacy Act as amended by the CPRA (“CCPA”), the UK Data Protection Act 2018, Canada’s PIPEDA, the Australian Privacy Act 1988, and equivalent laws).
  • “Processing” means any operation performed on Personal Information, such as collection, storage, use, disclosure, or deletion.
  • “User Content” means information you submit, upload, publish, or transmit through the Platform, including profiles, tasks, proposals, messages, and attachments.
  • “Service Providers” means vendors, processors, or sub-processors that Process Personal Information on our behalf to operate the Platform.
  • “Applicable Law” means all data protection and privacy laws applicable to the Processing of Personal Information.

2) Who is the controller

amelix Solutions LLC (d/b/a BarterSci) is the controller (or, where applicable, the “business”) of Personal Information Processed in connection with the Platform. Our contact details are in section 17.

3) Scope and Platform role

This Privacy Policy applies to information Processed when you create an account, maintain a profile, post tasks, submit proposals, communicate with other users, or otherwise interact with Platform features. The Platform is a venue for user-to-user interactions. WE DO NOT CONTROL WHAT USERS DISCLOSE TO ONE ANOTHER OR HOW OTHER USERS HANDLE INFORMATION THEY VIEW OR RECEIVE THROUGH THE PLATFORM. To the maximum extent permitted by Applicable Law, BarterSci disclaims responsibility and liability for the conduct of users and for any use, misuse, disclosure, or misappropriation of information by any user or third party.

This Privacy Policy does not apply to third-party websites, applications, or services that you access through the Platform; those are governed by the privacy policies of the relevant third parties.

4) Information we collect

We collect information from three sources: information you provide directly, information generated automatically through your use of the Platform, and information received from Service Providers and third parties supporting Platform operations.

A. Account information

  • Name, display name, and email address
  • Authentication identifiers (user ID, sign-in method, federated identity tokens)
  • Account settings and preferences

B. Profile information

  • Bio, capabilities, skills, lab or institutional affiliation, role, and other profile fields you choose to enter
  • Profile image or avatar (if you choose to provide it)
  • Visibility settings (e.g., public vs. members-only, discoverability flags)

C. Marketplace content and collaboration data

  • Tasks you post, proposals you submit, and related metadata (timestamps, status, identifiers)
  • Attachments and files you upload
  • Information you include in titles, descriptions, and free-text fields, which may include Personal Information you choose to share

D. Messages

  • Direct messages, thread participants, and timestamps
  • Attachments you send in messages

E. Device, log, and security data

  • IP address (used for approximate city or region-level location, security, and abuse prevention)
  • Browser type and version, operating system, device identifiers, and language
  • Server logs (request URLs, status codes, referrers, timestamps)
  • Crash, performance, and diagnostic data

F. Behavior and product analytics events

To understand how the Platform is used and to improve reliability, safety, and user experience, we collect product-analytics events that record actions you take on the Platform. Each event may contain an event type, your User ID, a timestamp, and a small amount of context (such as the page or feature involved). These events are stored in an append-only collection that you cannot read, modify, or delete from the client. Each event is automatically deleted after ninety (90) days via a Time-to-Live (TTL) policy. Events are processed for the purposes set out in section 5 below and on the legal bases set out in section 6.

G. Product analytics and session replay (PostHog)

We use PostHog (https://posthog.com) for product analytics and session replay. PostHog captures events about how you interact with the Platform (clicks, page views, feature usage) and records session replays of your interactions with our pages.

  • Session replays are recorded with input masking enabled by default: passwords, message bodies, and form inputs are masked and not captured.
  • The PostHog distinct ID is linked to your BarterSci user ID on sign-in so we can associate events with your Account for support, debugging, and product improvement.
  • Data residency: PostHog data is stored in the US Cloud region.
  • If you wish to opt out of PostHog analytics and session replay, email us at support@bartersci.com and we will exclude your Account from collection. (We do not yet offer a self-serve in-product opt-out.)

H. Cookies and similar technologies

We use cookies, local storage, and similar technologies for authentication, session management, security, preferences, and limited analytics. See the Cookie Policy for details and choices.

I. Subscription, billing, and trial-abuse prevention

If you purchase a Researcher Pro subscription, start a free trial, or redeem a Founding Member offer, we store: subscription status, tier, start and end dates, cancellation status, trial eligibility flags (including a one-time-use trial flag), the Stripe customer identifier associated with your Account, and the email address you used for billing. We do not see or store payment card numbers; card data is handled by Stripe (see section 8). To protect the free-trial offering from abuse, we may query Stripe’s customer-history endpoints to determine whether the email address associated with your Account has previously been used to start or pay for a subscription, and we may compare your Account against internal records of Founding Member redemptions. Trial-eligibility decisions are necessary for the operation of the free-trial offering; you cannot opt out of these checks and still receive a free trial.

J. Verification and identity-confirmation data

If you choose to verify your identity to receive the “Verified” badge, we collect and process the following depending on the verification path:

  • ORCID OAuth: we initiate an OAuth flow with ORCID, Inc. (https://orcid.org) and, with your consent, receive your ORCID iD and public ORCID record. We may then query the Crossref public API (https://www.crossref.org) using your ORCID iD to retrieve public publication metadata associated with you. These third-party services apply their own privacy policies.
  • Institutional email confirmation: we accept verification by sending a single-use, 24-hour confirmation token to an academic or research email address you supply. We do not retain the email body after delivery; we retain the email address, a hash of the token, and the timestamp.
  • Manual review: if you submit a manual verification request, we collect the proof URL or other documentation you choose to provide, your stated affiliation, and the reviewer’s decision (approved or rejected with reason).

Verification badges are operational signals only and do not constitute professional certification, qualification, employment, licensure, or endorsement by BarterSci. See the Terms of Service for the full scope and disclaimers regarding badges. Verification status is publicly displayed on your profile while active.

K. Trust, safety, moderation, and reputation data

To operate the marketplace safely and to enforce these policies, we collect and generate the following data categories:

  • User reports: when another User reports you (or you report another User), we store the reporter’s User ID, the reported User’s User ID, a reason code, severity level (1–3), an optional free-text description (capped at 800 characters), timestamp, and moderation status (queued, reviewed, dismissed, actioned).
  • Reputation and completion score: we compute an internal completion score based on your project lifecycle outcomes (projects started, completed, ended cooperatively, ended unilaterally, ended under emergency-exit conditions). The score determines an internal tier label and badge eligibility. The score itself is not publicly displayed; the resulting public badge (such as “New” or “Reliable Collaborator”) may be shown alongside your profile.
  • Ban / suspension history: when your Account is suspended (whether automatically via the multi-strike rule described in section 11 or by a manual moderator decision), we retain an entry in an internal ledger including the reason, duration, strike number, triggering report identifier, and timestamps. This ledger is retained for up to one (1) year to support strike-escalation accounting.
  • Block and follow graph: we record block and follow relationships you establish with other Users, including timestamps. Blocked Users cannot view or contact you and are hidden from your feeds.
  • Presence and activity: we collect last-active timestamps and online presence indicators (subject to your privacy settings).
  • Connection requests and historical participants: we record connection-request lifecycles (pending, accepted, declined) and an immutable ledger of past collaboration participants to preserve long-term thread-read access for completed projects.

L. Marketing email subscription

If you subscribe to BarterSci’s public mailing list (separate from your Account), we store the email address you supplied, the subscription timestamp, a hashed IP address used solely for rate-limiting subscribe requests, and a cryptographically generated unsubscribe token. The token allows you to unsubscribe at any time through a one-click link included in every marketing email. We do not link mailing-list subscriptions to your Account unless you explicitly use the same address. You may unsubscribe at any time. We do not knowingly send marketing email to addresses that have unsubscribed.

Sensitive information — do not provide

The Platform is not designed or authorized to Process highly sensitive categories of personal data. DO NOT submit government-issued identification numbers, payment card or bank account numbers, biometric identifiers, precise geolocation, genetic data, health or medical records, racial or ethnic origin, religious or philosophical beliefs, political opinions, trade union membership, sexual orientation, sex life, criminal history, or any other “special category” data under Article 9 of the GDPR. If you choose to provide such data, you do so at your own risk and you expressly assume all responsibility for the disclosure.

5) How we use information (purposes)

  • Provide and operate the Platform (accounts, profiles, tasks, proposals, messaging, search)
  • Enable and facilitate user-to-user interactions consistent with your visibility settings
  • Maintain safety, security, and integrity (fraud, spam, and abuse detection; account protection; rate limiting; investigation of violations; enforcement of our policies)
  • Provide customer support and respond to inquiries, requests, and reports
  • Measure and improve reliability, performance, and user experience
  • Develop new features and conduct internal research and analytics
  • Send service-related communications (transactional, security, and policy notices)
  • Send product updates, announcements, and (where permitted) marketing, which you can opt out of
  • Comply with legal obligations and respond to lawful requests
  • Establish, exercise, or defend legal claims
  • Effectuate corporate transactions (mergers, acquisitions, financings, restructurings, asset sales)

6) Legal bases for Processing (EEA, UK, Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we Process your Personal Information on the following legal bases under the GDPR / UK GDPR:

  • Performance of a contract (Art. 6(1)(b)) — to provide the Platform, fulfill your account, and enable user-to-user features you request.
  • Legitimate interests (Art. 6(1)(f)) — to operate, secure, and improve the Platform; to detect and prevent fraud and abuse; to communicate with you about the service; and to defend our legal rights. Where we rely on legitimate interests, you have a right to object as described in section 11.
  • Consent (Art. 6(1)(a)) — for non-essential cookies, optional features, and certain marketing communications. You can withdraw consent at any time without affecting prior lawful Processing.
  • Legal obligation (Art. 6(1)(c)) — to comply with mandatory laws and lawful requests.
  • Vital interests / public interest (Art. 6(1)(d)/(e)) — in rare circumstances necessary to protect a person’s vital interests.

7) Public visibility and User Content

Certain User Content is inherently visible to others depending on how you use the Platform and the visibility settings you select. Profiles, tasks, and proposals may be visible to other users and, depending on settings, to the public and to search engines. Once you publish User Content, we cannot control how other users or third parties may store, copy, screenshot, archive, index, or redistribute it. YOU ACKNOWLEDGE AND AGREE THAT ANY PUBLIC OR USER-VISIBLE CONTENT IS DISCLOSED AT YOUR OWN RISK.

8) How we disclose information

  • With other users as required by Platform functionality (e.g., when you post a task, submit a proposal, or send a message).
  • With Service Providers that host, secure, and operate the Platform on our behalf, including cloud hosting and database providers (currently Google Firebase / Google Cloud), authentication providers, email and notification providers, error and performance monitoring, customer support tooling, product analytics and session replay (PostHog — see section 4.G), and payment processing (see Stripe disclosure below). Service Providers are bound by contractual obligations to Process Personal Information only on our instructions and to protect it.
  • With Stripe (payment processor). We use Stripe, Inc. (https://stripe.com) as our payment processor for subscriptions and paid features. When you purchase a subscription, you provide payment details directly to Stripe; Stripe handles all card data, and BarterSci never sees or stores credit card numbers. Stripe processes payment information as an independent controller for purposes of fraud prevention and payment-network compliance, subject to Stripe’s privacy policy. The billing entity for charges is amelix Solutions LLC (California), doing business as BarterSci.
  • With law enforcement, regulators, or other parties when we believe in good faith that disclosure is required by law or legal process, or is reasonably necessary to enforce our Terms, protect the safety, rights, or property of any user or the public, or investigate fraud, abuse, or security incidents.
  • In connection with a corporate transaction such as a merger, acquisition, financing, restructuring, bankruptcy, or sale of assets, in which case Personal Information may be transferred subject to confidentiality protections and Applicable Law.
  • With identity-verification providers. If you choose to verify your identity, we share limited information with ORCID, Inc. (https://orcid.org) and may query the Crossref public API (https://www.crossref.org) as described in section 4.J. These third-party services apply their own privacy policies. BarterSci does not control how ORCID or Crossref process data exposed through their own public records.
  • With email delivery providers. We use Google Workspace / Gmail to send transactional, security, lifecycle, and (with consent or as permitted) marketing email. Outbound email is authenticated with SPF, DKIM, and DMARC. Email content is not retained beyond the delivery window required by the underlying provider.
  • With your consent or at your direction.

We do not sell Personal Information for money. We do not knowingly “sell” or “share” Personal Information for cross-context behavioral advertising as those terms are defined under the CCPA. If we ever introduce practices that meet those definitions, we will provide the required notice and an opt-out.

9) International data transfers

The Platform is hosted in the United States. If you access the Platform from outside the United States, your Personal Information will be transferred to, stored, and Processed in the United States and other countries that may not provide the same level of data protection as your country of residence. Where required by Applicable Law, we rely on legally recognized transfer mechanisms, including the European Commission’s Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable), and we apply supplementary safeguards as appropriate. You may request a copy of the relevant transfer mechanism by contacting us at support@bartersci.com.

10) Data retention

We retain Personal Information for as long as necessary to provide the Platform and for the legitimate business purposes set out in this Privacy Policy, including safety, dispute resolution, and legal compliance. The criteria we use to determine retention periods include the nature and sensitivity of the data, the purpose of Processing, the potential risk of harm from unauthorized use or disclosure, and any applicable legal or regulatory requirements.

  • Account and profile data — for the life of the Account; removed or de-identified after deletion when feasible.
  • Marketplace content (tasks, proposals) — while published; backups may persist for a limited period after deletion.
  • Messages — until deleted by users, plus a limited backup window.
  • Server and security logs — typically 30–180 days.
  • Behavior analytics events (the user_events collection) — automatically deleted after 90 days via TTL policy.
  • Backups — Firestore point-in-time recovery retains daily snapshots for 7 days; scheduled backups for up to 7 days.
  • Records subject to legal hold — retained until the hold is released.
  • User reports — retained until resolved or for one (1) year from filing, whichever is longer, then archived or de-identified; dismissed reports are retained for audit and to support the Multi-Strike Rule.
  • Reputation / completion score — retained for the life of the Account; recomputed organically as projects transition state.
  • Ban / suspension history (banHistory ledger) — retained for one (1) year from the suspension event to support strike-escalation accounting, then archived.
  • Verification requests and decisions — retained for the life of the Account or until the request is approved or rejected, plus a reasonable audit window.
  • Block and follow relationships — retained while the relationship is active or until removed by you; tombstone records may persist for safety enforcement.
  • Subscription, billing, and Stripe customer identifiers — retained while your Account is active and for as long as needed for tax, accounting, and dispute purposes; trial-eligibility flags are retained for the life of the Account.
  • Marketing list subscriptions — retained until you unsubscribe; unsubscribe tokens are retained in hashed form for audit purposes after unsubscribe.

11) Your rights and choices

Depending on where you live, you may have the following rights with respect to your Personal Information, subject to verification and legal exceptions. You can exercise these rights by emailing support@bartersci.com or, where available, by using self-service controls inside the Platform.

  • Access the Personal Information we hold about you.
  • Correct inaccurate or incomplete Personal Information.
  • Delete your Personal Information (subject to legal exceptions and retention requirements).
  • Portability — receive your Personal Information in a structured, commonly used, machine-readable format and transmit it to another controller.
  • Restrict or object to certain Processing, including Processing based on legitimate interests and direct marketing.
  • Withdraw consent where Processing is based on consent, without affecting prior lawful Processing.
  • Human review of automated trust-and-safety decisions. BarterSci operates an automated multi-strike rule that may suspend an Account when three (3) or more independent Users file reports against that Account at severity 2 or higher within a rolling 30-day window (the “Multi-Strike Rule”). Suspensions follow an escalation ladder (first strike: 30 days; second: 90 days; third: 180 days; fourth or more: extended duration subject to manual review). The Multi-Strike Rule is an automated process based on report counts and severity. It does not produce legal effects, but it does affect your access to the Platform and is therefore disclosed as an automated decision within the meaning of Article 22 of the GDPR. You have the right to (a) obtain human review of any automated suspension, (b) express your point of view, and (c) contest the decision by emailing support@bartersci.com. We will respond within a reasonable time. We also retain the right to suspend or terminate Accounts manually with or without prior automated triggers. The Multi-Strike Rule is supplemented by human moderator review of severity-3 reports and by routine manual auditing.
  • Lodge a complaint with your local supervisory authority.

We will respond within the time limits required by Applicable Law (generally one month under the GDPR, 45 days under the CCPA, with permitted extensions). We may need to verify your identity before fulfilling a request. You will not be discriminated against for exercising your rights.

12) Notices for U.S. residents (CCPA / state privacy laws)

Categories of Personal Information collected in the past 12 months: identifiers (name, email, account ID, IP address); customer records (profile data); commercial information (Transactions and proposals you initiate); internet or other electronic activity (logs, behavior events); geolocation (city or region inferred from IP); professional or employment-related information you choose to provide; and inferences derived from the above.

Sources, purposes, and disclosures are described in sections 4, 5, and 8. We have not sold or shared (as defined by the CCPA) Personal Information in the past 12 months and have no actual knowledge of selling or sharing the Personal Information of anyone under 16.

California, Virginia, Colorado, Connecticut, Utah, Texas, and other state residents may have additional rights under their state laws, including the rights described in section 11. To exercise your rights, contact support@bartersci.com. You may designate an authorized agent to make a request on your behalf, subject to verification. California residents may also request a list of the categories of Personal Information disclosed to third parties for those third parties’ direct marketing purposes under California’s “Shine the Light” law (we do not engage in such disclosures).

13) Notices for UK and EEA residents

If you are in the United Kingdom or the EEA, you can contact us at support@bartersci.com to exercise your rights under the UK GDPR or GDPR. You also have the right to lodge a complaint with the Information Commissioner’s Office (UK) or your local supervisory authority. We do not currently maintain an establishment in the EU or UK; if and when required by Article 27 of the GDPR, we will appoint a representative and update this Privacy Policy.

14) Notices for Canadian residents (PIPEDA)

We Process Personal Information in accordance with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws. You may withdraw consent, request access, or file a complaint by contacting support@bartersci.com. You may also contact the Office of the Privacy Commissioner of Canada.

15) Notices for Australian residents (Privacy Act 1988)

We handle Personal Information consistent with the Australian Privacy Principles under the Privacy Act 1988 (Cth). You may request access to or correction of your information, or make a complaint, by contacting support@bartersci.com. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.

16) Security

We implement administrative, technical, and organizational safeguards designed to protect Personal Information against unauthorized access, loss, alteration, and disclosure. These include access controls, encryption in transit, infrastructure from security-reviewed cloud providers, security rules on database access, scheduled backups, and incident response procedures. HOWEVER, NO METHOD OF TRANSMISSION OR STORAGE IS ABSOLUTELY SECURE, AND WE CANNOT GUARANTEE ABSOLUTE SECURITY. You are responsible for keeping your credentials confidential and for all activity under your Account.

17) Children

The Platform is not directed to and is not intended for children under 18, and we do not knowingly collect Personal Information from children under 13 (or under 16 in the EEA and UK). If you become aware that a child has provided us with Personal Information, contact support@bartersci.com and we will take appropriate steps to delete the information and terminate the Account.

18) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new “Last Updated” date. If we make material changes, we will provide additional notice as required by Applicable Law. Your continued use of the Platform after the updated Privacy Policy becomes effective constitutes your acknowledgement of it.

19) Contact us

amelix Solutions LLC (d/b/a BarterSci)
Attn: Privacy
[REGISTERED AGENT ADDRESS — amelix Solutions LLC]
Email: support@bartersci.com

© 2026 BarterSci / amelix Solutions LLC. All rights reserved.