Pilot notice. This policy is prepared for pilot readiness and may be refined during beta review.

Privacy Policy

Phinder helps companies, public-sector actors, and researchers find relevant research expertise. This page explains how Phinder AB processes personal data during the pilot phase.

Controller

Phinder AB is the controller for the processing described here. For privacy questions, contact [email protected].

What We Collect

• Researcher profile information derived from publicly available academic metadata and related identifiers needed to describe research expertise.
• Anonymous search records, such as the search query, interpreted query, generated recommendations, and basic quality metrics. These records are not linked to the person making the search.
• Claim and portal data when a researcher chooses to claim or manage a profile, such as ORCID iD, claim status, proof events, and contact preferences the researcher provides.
• Temporary verification information when ORCID is not available or not linked, such as publicly available institutional contact or researcher identifiers used only to verify profile control.

Why We Process Data

We process public academic metadata to make research expertise searchable. We process anonymous search records to improve matching quality. We process claim and portal data so researchers can verify, manage, and control their profiles.

The legal bases are legitimate interest for profile generation from public academic metadata and anonymous quality logging, and performance of a requested service for portal and claim workflows.

Retention

Anonymous search records are kept only as long as needed for product quality work and are then deleted or aggregated. Claim and contact preference data is kept while the account or claim remains active, or while needed for audit and abuse-prevention purposes. Temporary verification information is used for the claim process and is not retained for general profile generation.

Researcher profile information is refreshed or removed when source data, claim state, or a valid rights request requires it.

Your Rights

You can request access, rectification, erasure, restriction, objection, or portability where those rights apply under applicable data protection law. You can also complain to Integritetsskyddsmyndigheten (IMY), the Swedish data protection authority.

Service Providers

Phinder uses hosting, database, email, and AI infrastructure providers to operate the service. Only the data needed for each workflow is sent to each provider.