LoginSign Up

Privacy Policy

Last updated: May 2026

1. Data We Collect

When you create an account we collect:

  • Account data: username, email address, hashed password.
  • Academic data (uploaders only): university, campus, country, field of study, degree type.
  • Usage data: papers viewed and downloaded, upload activity — stored in aggregate.
  • Technical data: IP address (for rate limiting only, not stored permanently), browser type.

We do not collect payment card details, government IDs, or biometric data.

2. How We Use Your Data

  • To provide and improve the Paper Shelf service.
  • To verify your identity and maintain account security.
  • To display your public uploader profile (username, university, paper count, views).
  • To attribute uploaded papers to your account.
  • To send transactional emails (password reset, report notifications) — no marketing without explicit consent.

3. Storage & Security

Account data is stored in a PostgreSQL database hosted by Neon.tech. Paper PDFs are stored on Cloudflare R2 object storage. Both providers maintain industry-standard encryption at rest and in transit.

Authentication tokens (JWTs) are stored in browser memory and a secure httpOnly cookie — never in localStorage or exposed to third-party JavaScript.

4. Your Rights

  • Access: request a copy of the data we hold about you.
  • Correction: update your account details in Settings at any time.
  • Deletion: delete your account from Settings — this removes your profile and anonymises (not deletes) papers you uploaded so other students can still access them.
  • Portability: request an export of your account data via email.

5. Cookies

We use one cookie: ps-refresh — an httpOnly, Secure, SameSite=None cookie that stores your JWT refresh token. No third-party tracking cookies are used.

6. Contact

For privacy-related questions or data requests, email privacy@thepapershelf.com or use the Contact page.