Your papers.
Your questions.
We don't sell your data. We don't train models on your library. You can delete everything, anytime.
LAST UPDATED · MAY 2026 · v1.3
The TL;DR
For people who don't read privacy policies — even if they should.
- Your library is yours. We store your PDFs to serve them back to you. We do not train models on them. We do not share them with third parties.
- We log what's needed to run the product. Account info, usage events, billing data — kept for as long as you have an account.
- You can delete it all. One click in Settings → Delete account. Everything is removed within 30 days.
- We process data in the US and EU. With standard contractual clauses for cross-border transfers.
- No surprises.If we ever change anything material, we'll email you before it takes effect.
Three categories
Account data, content data, usage data.
Account data. Name, email, password hash, organization, billing details. Provided by you on signup. Used to authenticate, bill, and contact you about your account.
Content data. PDFs you upload, folders, notes, comments, chat messages, generated literature reviews. Stored encrypted at rest. Used only to provide the product to you and the people you share with.
Usage data. Pages visited, features used, error logs, device and browser metadata, IP address. Used to operate the service, debug issues, and improve features. Aggregated for analytics; never sold.
And what we don't
Five short rules.
- To run the product. Indexing your library, answering your questions, generating reviews, syncing folders.
- To bill you (Researcher and Lab plans). Payments are handled by Lemon Squeezy, our Merchant of Record — they process the card, collect tax/VAT, and issue invoices. We never see your card number.
- To support you.If you email us, we read it. We don't read your library to “help” you proactively.
- To improve the product.Aggregated usage signals (e.g. “X% of users use the citation network this week”) — never tied to your content.
- Never: sell your library, share your documents or chats with advertisers, or train external models on your private corpus. On our marketing site (literica.ai) we load the Google ad tag using Consent Mode v2— no advertising cookies and no user-identifying data are shared with Google unless you click “Accept all” on the cookie banner, and the tag never runs inside the product.
GDPR / CCPA
Access, correct, export, delete.
Depending on where you live, you have rights under the GDPR, the UK GDPR, the CCPA, and similar frameworks. You can:
- Access a copy of the personal data we hold about you
- Correct inaccurate data via Settings or by emailing us
- Export your library as a zip of original PDFs plus a JSON archive of your chats and reviews
- Delete your account and all associated data
- Object to certain processing or withdraw consent
Email privacy@literica.ai. We respond within 30 days.
The minimum
Session, preference, basic analytics, opt-in ads.
Inside the app we use a small number of first-party cookies: a session cookie to keep you logged in, a preference cookie to remember your theme, and self-hosted analytics that does not set cross-site trackers. You can disable analytics in Settings → Privacy.
On our marketing site (literica.ai) we additionally load the Google ad tag on every page, using Google’s Consent Mode v2. By default it runs in consent-denied mode: no advertising cookies are stored, no user-identifying data is sent to Google, and personalised retargeting is disabled. The tag does send Google a small, anonymous “ping” on each page load (timestamp, page URL, consent state) so Google can verify installation and produce modelled, aggregated conversion estimates. When — and only when — you click “Accept all” on the cookie banner, we grant full consent and Google Ads conversion tracking activates. The tag is never loaded inside the product. To withdraw consent, clear cookies for literica.ai and choose “Essential only” the next time you see the banner, or email privacy@literica.ai.
Reach the DPO
For privacy questions or complaints.
Data Protection Officer · privacy@literica.ai
If you are in the EU and feel your concern is not adequately addressed, you may lodge a complaint with your local data protection authority.