Privacy Policy

Effective Date: April 7, 2026 · Last Updated: April 7, 2026

BarterSci (the “Platform”) is operated by Amelix Solutions LLC, a California limited liability company (“Amelix,” “we,” “us,” or “our”). This Privacy Policy explains what personal information we collect, how and why we use it, with whom we share it, how we protect it, and the rights and choices available to you. It applies to information processed in connection with your use of the Platform and any related websites, applications, APIs, and services. By accessing or using the Platform you acknowledge this Privacy Policy. If you do not agree, do not use the Platform.

IMPORTANT NOTICE: BarterSci is a marketplace and social-network style venue. Content you choose to publish or transmit may be viewed, copied, screenshot, saved, archived, or shared by other users and third parties, and we cannot retrieve or delete copies once they leave our systems. DO NOT POST OR SEND ANY INFORMATION YOU CONSIDER CONFIDENTIAL, PROPRIETARY, TRADE SECRET, EXPORT-CONTROLLED, REGULATED HEALTH OR FINANCIAL DATA, OR OTHERWISE SENSITIVE UNLESS YOU HAVE A SEPARATE WRITTEN AGREEMENT (SUCH AS AN NDA) GOVERNING THE DISCLOSURE.

1) Definitions

  • “Personal Information” (also “Personal Data”) means any information relating to an identified or identifiable individual, as defined under Applicable Law (including the EU and UK GDPR, the California Consumer Privacy Act as amended by the CPRA (“CCPA”), the UK Data Protection Act 2018, Canada’s PIPEDA, the Australian Privacy Act 1988, and equivalent laws).
  • “Processing” means any operation performed on Personal Information, such as collection, storage, use, disclosure, or deletion.
  • “User Content” means information you submit, upload, publish, or transmit through the Platform, including profiles, tasks, proposals, messages, and attachments.
  • “Service Providers” means vendors, processors, or sub-processors that Process Personal Information on our behalf to operate the Platform.
  • “Applicable Law” means all data protection and privacy laws applicable to the Processing of Personal Information.

2) Who is the controller

Amelix Solutions LLC is the controller (or, where applicable, the “business”) of Personal Information Processed in connection with the Platform. Our contact details are in section 17.

3) Scope and Platform role

This Privacy Policy applies to information Processed when you create an account, maintain a profile, post tasks, submit proposals, communicate with other users, or otherwise interact with Platform features. The Platform is a venue for user-to-user interactions. WE DO NOT CONTROL WHAT USERS DISCLOSE TO ONE ANOTHER OR HOW OTHER USERS HANDLE INFORMATION THEY VIEW OR RECEIVE THROUGH THE PLATFORM. To the maximum extent permitted by Applicable Law, Amelix disclaims responsibility and liability for the conduct of users and for any use, misuse, disclosure, or misappropriation of information by any user or third party.

This Privacy Policy does not apply to third-party websites, applications, or services that you access through the Platform; those are governed by the privacy policies of the relevant third parties.

4) Information we collect

We collect information from three sources: information you provide directly, information generated automatically through your use of the Platform, and information received from Service Providers and third parties supporting Platform operations.

A. Account information

  • Name, display name, and email address
  • Authentication identifiers (user ID, sign-in method, federated identity tokens)
  • Account settings and preferences

B. Profile information

  • Bio, capabilities, skills, lab or institutional affiliation, role, and other profile fields you choose to enter
  • Profile image or avatar (if you choose to provide it)
  • Visibility settings (e.g., public vs. members-only, discoverability flags)

C. Marketplace content and collaboration data

  • Tasks you post, proposals you submit, and related metadata (timestamps, status, identifiers)
  • Attachments and files you upload
  • Information you include in titles, descriptions, and free-text fields, which may include Personal Information you choose to share

D. Messages

  • Direct messages, thread participants, and timestamps
  • Attachments you send in messages

E. Device, log, and security data

  • IP address (used for approximate city or region-level location, security, and abuse prevention)
  • Browser type and version, operating system, device identifiers, and language
  • Server logs (request URLs, status codes, referrers, timestamps)
  • Crash, performance, and diagnostic data

F. Behavior and product analytics events

To understand how the Platform is used and to improve reliability, safety, and user experience, we collect product-analytics events that record actions you take on the Platform. Each event may contain an event type, your User ID, a timestamp, and a small amount of context (such as the page or feature involved). These events are stored in an append-only collection that you cannot read, modify, or delete from the client. Each event is automatically deleted after ninety (90) days via a Time-to-Live (TTL) policy. Events are processed for the purposes set out in section 5 below and on the legal bases set out in section 6.

G. Cookies and similar technologies

We use cookies, local storage, and similar technologies for authentication, session management, security, preferences, and limited analytics. See the Cookie Policy for details and choices.

Sensitive information — do not provide

The Platform is not designed or authorized to Process highly sensitive categories of personal data. DO NOT submit government-issued identification numbers, payment card or bank account numbers, biometric identifiers, precise geolocation, genetic data, health or medical records, racial or ethnic origin, religious or philosophical beliefs, political opinions, trade union membership, sexual orientation, sex life, criminal history, or any other “special category” data under Article 9 of the GDPR. If you choose to provide such data, you do so at your own risk and you expressly assume all responsibility for the disclosure.

5) How we use information (purposes)

  • Provide and operate the Platform (accounts, profiles, tasks, proposals, messaging, search)
  • Enable and facilitate user-to-user interactions consistent with your visibility settings
  • Maintain safety, security, and integrity (fraud, spam, and abuse detection; account protection; rate limiting; investigation of violations; enforcement of our policies)
  • Provide customer support and respond to inquiries, requests, and reports
  • Measure and improve reliability, performance, and user experience
  • Develop new features and conduct internal research and analytics
  • Send service-related communications (transactional, security, and policy notices)
  • Send product updates, announcements, and (where permitted) marketing, which you can opt out of
  • Comply with legal obligations and respond to lawful requests
  • Establish, exercise, or defend legal claims
  • Effectuate corporate transactions (mergers, acquisitions, financings, restructurings, asset sales)

6) Legal bases for Processing (EEA, UK, Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we Process your Personal Information on the following legal bases under the GDPR / UK GDPR:

  • Performance of a contract (Art. 6(1)(b)) — to provide the Platform, fulfill your account, and enable user-to-user features you request.
  • Legitimate interests (Art. 6(1)(f)) — to operate, secure, and improve the Platform; to detect and prevent fraud and abuse; to communicate with you about the service; and to defend our legal rights. Where we rely on legitimate interests, you have a right to object as described in section 11.
  • Consent (Art. 6(1)(a)) — for non-essential cookies, optional features, and certain marketing communications. You can withdraw consent at any time without affecting prior lawful Processing.
  • Legal obligation (Art. 6(1)(c)) — to comply with mandatory laws and lawful requests.
  • Vital interests / public interest (Art. 6(1)(d)/(e)) — in rare circumstances necessary to protect a person’s vital interests.

7) Public visibility and User Content

Certain User Content is inherently visible to others depending on how you use the Platform and the visibility settings you select. Profiles, tasks, and proposals may be visible to other users and, depending on settings, to the public and to search engines. Once you publish User Content, we cannot control how other users or third parties may store, copy, screenshot, archive, index, or redistribute it. YOU ACKNOWLEDGE AND AGREE THAT ANY PUBLIC OR USER-VISIBLE CONTENT IS DISCLOSED AT YOUR OWN RISK.

8) How we disclose information

  • With other users as required by Platform functionality (e.g., when you post a task, submit a proposal, or send a message).
  • With Service Providers that host, secure, and operate the Platform on our behalf, including cloud hosting and database providers (currently Google Firebase / Google Cloud), authentication providers, email and notification providers, error and performance monitoring, customer support tooling, and analytics. Service Providers are bound by contractual obligations to Process Personal Information only on our instructions and to protect it.
  • With law enforcement, regulators, or other parties when we believe in good faith that disclosure is required by law or legal process, or is reasonably necessary to enforce our Terms, protect the safety, rights, or property of any user or the public, or investigate fraud, abuse, or security incidents.
  • In connection with a corporate transaction such as a merger, acquisition, financing, restructuring, bankruptcy, or sale of assets, in which case Personal Information may be transferred subject to confidentiality protections and Applicable Law.
  • With your consent or at your direction.

We do not sell Personal Information for money. We do not knowingly “sell” or “share” Personal Information for cross-context behavioral advertising as those terms are defined under the CCPA. If we ever introduce practices that meet those definitions, we will provide the required notice and an opt-out.

9) International data transfers

The Platform is hosted in the United States. If you access the Platform from outside the United States, your Personal Information will be transferred to, stored, and Processed in the United States and other countries that may not provide the same level of data protection as your country of residence. Where required by Applicable Law, we rely on legally recognized transfer mechanisms, including the European Commission’s Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable), and we apply supplementary safeguards as appropriate. You may request a copy of the relevant transfer mechanism by contacting us at legal@amelixllc.com.

10) Data retention

We retain Personal Information for as long as necessary to provide the Platform and for the legitimate business purposes set out in this Privacy Policy, including safety, dispute resolution, and legal compliance. The criteria we use to determine retention periods include the nature and sensitivity of the data, the purpose of Processing, the potential risk of harm from unauthorized use or disclosure, and any applicable legal or regulatory requirements.

  • Account and profile data — for the life of the Account; removed or de-identified after deletion when feasible.
  • Marketplace content (tasks, proposals) — while published; backups may persist for a limited period after deletion.
  • Messages — until deleted by users, plus a limited backup window.
  • Server and security logs — typically 30–180 days.
  • Behavior analytics events (the user_events collection) — automatically deleted after 90 days via TTL policy.
  • Backups — Firestore point-in-time recovery retains daily snapshots for 7 days; scheduled backups for up to 7 days.
  • Records subject to legal hold — retained until the hold is released.

11) Your rights and choices

Depending on where you live, you may have the following rights with respect to your Personal Information, subject to verification and legal exceptions. You can exercise these rights by emailing legal@amelixllc.com or, where available, by using self-service controls inside the Platform.

  • Access the Personal Information we hold about you.
  • Correct inaccurate or incomplete Personal Information.
  • Delete your Personal Information (subject to legal exceptions and retention requirements).
  • Portability — receive your Personal Information in a structured, commonly used, machine-readable format and transmit it to another controller.
  • Restrict or object to certain Processing, including Processing based on legitimate interests and direct marketing.
  • Withdraw consent where Processing is based on consent, without affecting prior lawful Processing.
  • Not be subject to automated decision-making producing legal or similarly significant effects (we do not currently engage in such processing).
  • Lodge a complaint with your local supervisory authority.

We will respond within the time limits required by Applicable Law (generally one month under the GDPR, 45 days under the CCPA, with permitted extensions). We may need to verify your identity before fulfilling a request. You will not be discriminated against for exercising your rights.

12) Notices for U.S. residents (CCPA / state privacy laws)

Categories of Personal Information collected in the past 12 months: identifiers (name, email, account ID, IP address); customer records (profile data); commercial information (Transactions and proposals you initiate); internet or other electronic activity (logs, behavior events); geolocation (city or region inferred from IP); professional or employment-related information you choose to provide; and inferences derived from the above.

Sources, purposes, and disclosures are described in sections 4, 5, and 8. We have not sold or shared (as defined by the CCPA) Personal Information in the past 12 months and have no actual knowledge of selling or sharing the Personal Information of anyone under 16.

California, Virginia, Colorado, Connecticut, Utah, Texas, and other state residents may have additional rights under their state laws, including the rights described in section 11. To exercise your rights, contact legal@amelixllc.com. You may designate an authorized agent to make a request on your behalf, subject to verification. California residents may also request a list of the categories of Personal Information disclosed to third parties for those third parties’ direct marketing purposes under California’s “Shine the Light” law (we do not engage in such disclosures).

13) Notices for UK and EEA residents

If you are in the United Kingdom or the EEA, you can contact us at legal@amelixllc.com to exercise your rights under the UK GDPR or GDPR. You also have the right to lodge a complaint with the Information Commissioner’s Office (UK) or your local supervisory authority. We do not currently maintain an establishment in the EU or UK; if and when required by Article 27 of the GDPR, we will appoint a representative and update this Privacy Policy.

14) Notices for Canadian residents (PIPEDA)

We Process Personal Information in accordance with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws. You may withdraw consent, request access, or file a complaint by contacting legal@amelixllc.com. You may also contact the Office of the Privacy Commissioner of Canada.

15) Notices for Australian residents (Privacy Act 1988)

We handle Personal Information consistent with the Australian Privacy Principles under the Privacy Act 1988 (Cth). You may request access to or correction of your information, or make a complaint, by contacting legal@amelixllc.com. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.

16) Security

We implement administrative, technical, and organizational safeguards designed to protect Personal Information against unauthorized access, loss, alteration, and disclosure. These include access controls, encryption in transit, infrastructure from security-reviewed cloud providers, security rules on database access, scheduled backups, and incident response procedures. HOWEVER, NO METHOD OF TRANSMISSION OR STORAGE IS ABSOLUTELY SECURE, AND WE CANNOT GUARANTEE ABSOLUTE SECURITY. You are responsible for keeping your credentials confidential and for all activity under your Account.

17) Children

The Platform is not directed to and is not intended for children under 18, and we do not knowingly collect Personal Information from children under 13 (or under 16 in the EEA and UK). If you become aware that a child has provided us with Personal Information, contact legal@amelixllc.com and we will take appropriate steps to delete the information and terminate the Account.

18) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new “Last Updated” date. If we make material changes, we will provide additional notice as required by Applicable Law. Your continued use of the Platform after the updated Privacy Policy becomes effective constitutes your acknowledgement of it.

19) Contact us

Amelix Solutions LLC
Attn: Privacy
[REGISTERED AGENT ADDRESS — Amelix Solutions LLC]
Email: legal@amelixllc.com

© 2026 BarterSci / Amelix Solutions LLC. All rights reserved.