Your Data Is Safe

Privacy & NDA Policy

We take the confidentiality of your research seriously. This page outlines how we collect, use, protect, and manage your data.

Last updated: February 2026

SOC 2 Compliant

Enterprise-grade infrastructure security

AES-256 Encryption

Data encrypted at rest and in transit

NDA Available

Formal NDA provided on request

GDPR Compliant

Full compliance with data protection law

Section 1

Data Collection

We collect only the information necessary to deliver our services. This includes your name, email address, institutional affiliation, and project details (research question, PICO framework, topic area).
When you use our pricing calculator or submit a project intake form, we store the information you provide to generate your quote and manage your project.
Payment information is processed directly by PayPal and is never stored on our servers. We retain only a transaction reference for accounting purposes.
We use standard web analytics (page views, session duration) to improve our website. These analytics do not collect personally identifiable information and can be opted out of at any time.

Section 2

Your project data is used solely to deliver the services you have requested. We do not share, sell, or license your data to any third party.
Your research question, search strategies, extracted data, and manuscript drafts remain your intellectual property at all times. We do not claim any rights over your work.
Internal communication about your project is limited to the team members directly assigned to it. No details are shared with other clients, marketing departments, or external parties.
We may use aggregated, anonymized statistics (such as average project completion time) for internal process improvement, but never in a way that could identify you or your research topic.

Section 3

All data is encrypted in transit (TLS 1.3) and at rest (AES-256) on SOC 2 Type II-compliant cloud infrastructure.
Access to project files is controlled through role-based permissions. Only your assigned project team has access to your documents.
We conduct regular security audits and vulnerability assessments. Our infrastructure is monitored 24/7 for unauthorized access attempts.
All team members undergo background checks and sign binding confidentiality agreements as a condition of employment.
Two-factor authentication is required for all staff accounts that handle client data.

Section 4

We are happy to execute a formal Non-Disclosure Agreement (NDA) before any project details are shared. Simply request an NDA during your initial inquiry and we will provide one within 24 hours.
Even without a signed NDA, all client information is treated as confidential by default. Our internal policies mirror NDA-level protections for every project.
Our standard NDA covers: project details, research questions, data, deliverables, communication records, and any proprietary methodologies you share with us.
Confidentiality obligations survive the completion of your project. We do not reference your work, institution, or topic in marketing materials, case studies, or portfolios without your explicit written consent.

Section 5

You have the right to access all personal data we hold about you. Submit a request and we will provide a complete data export within 7 business days.
You may request deletion of your personal data and project files at any time. Upon request, we will permanently delete all records within 30 days, except where retention is required by law.
You may withdraw consent for any non-essential data processing at any time without affecting the services we provide.
If you believe your data has been mishandled, you have the right to lodge a complaint with your local data protection authority. We will cooperate fully with any investigation.
We comply with GDPR, CCPA, and applicable data protection regulations regardless of your geographic location.

Section 6

For any privacy-related questions, data access requests, NDA inquiries, or concerns, please contact our Data Protection Officer.
Email: privacy@researchgold.io
We aim to respond to all privacy inquiries within 2 business days.
For urgent security concerns (such as suspected data breaches), please mark your email as URGENT and we will respond within 4 hours during business days.

Quick Navigation

We completely understand. Request a formal NDA and we will have it in your inbox within 24 hours. No project details required beforehand.