Back to Search

Privacy Policy

This policy explains how Journal Metrics handles personal data for the public journal search, optional accounts, Google OAuth, email sign-up, saved journals, submission tracking, analytics, advertising, and future paid subscriptions.

Last updated: May 3, 2026

Summary

You can still use the core journal search without creating an account. Registration is optional and is used for saved journals, AI journal selection, submission tracking, usage limits, and billing status if paid plans are introduced. We do not sell personal information.

Who We Are

Service: Journal Metrics, available at https://www.journalmetrics.org.

Contact: admin@labcat.ai

For GDPR purposes, Journal Metrics is the controller for account and product data you provide. Service providers such as Supabase, Vercel, Google, AI providers, and future payment processors process data on our behalf.

Information We Collect

Account and authentication data

  • Email address, account identifiers, sign-in provider, and authentication metadata from Supabase Auth.
  • Google OAuth profile data that Google shares with Supabase, such as name and avatar, if you choose Google sign-in.
  • Optional research profile fields, including research field and institution.
  • Marketing email consent status and the time you opted in, if you choose to receive product updates or newsletters.

Product data you create

  • Saved journals and notes in your journal shortlist.
  • Submission-tracking entries you choose to add, such as dates, status, decision, rating, and notes.
  • AI journal-selection usage logs used for quota control, including daily request counts and token counts.
  • Manuscript titles and abstracts you submit to AI recommendation features; full abstracts are not stored in recommendation logs by default.
  • One-time agent recommendation purchase records, including Stripe Checkout Session IDs, access-token hashes, payment status, and the generated recommendation result.

Technical, analytics, and advertising data

  • Device, browser, IP-derived region, pages visited, and technical logs used for security and reliability.
  • Google Analytics data, subject to your cookie choices where consent is required.
  • Google AdSense cookies and advertising identifiers where advertising is enabled and permitted.

How We Use Information

Provide the service

Authenticate users, save journals, show account data, and support submission tracking.

Improve the product

Understand aggregate usage, debug failures, improve journal matching, and maintain performance.

Security and abuse prevention

Detect suspicious activity, rate-limit misuse, and protect accounts and infrastructure.

Billing and subscriptions

Maintain paid-plan, one-time purchase, access-token, and payment records if paid services are enabled.

Product updates and newsletters

With your consent, we may send you product updates and newsletters. You can withdraw consent at any time via the unsubscribe link in any email or by updating your account preferences.

GDPR Legal Bases

  • Contract: to provide account, saved-journal, tracking, and subscription features you request.
  • Legitimate interests: to secure the service, prevent abuse, maintain logs, and improve the tool.
  • Consent: for consent-based analytics and advertising cookies where required by law.
  • Legal obligation: to comply with tax, accounting, security, and lawful request obligations.

Sharing and Service Providers

We use service providers to operate Journal Metrics. These providers may process personal data only as needed to provide their services:

  • Supabase for authentication, Postgres database, and account sessions.
  • Vercel for hosting, routing, logs, and deployment infrastructure.
  • External AI providers when you submit a title or abstract for journal recommendations.
  • Third-party AI agent platforms when you choose to access Journal Metrics through an agent. Those platforms may separately process your prompts, titles, checkout actions, and returned recommendation data under their own terms and privacy policies.
  • Google Analytics and Google AdSense for analytics and advertising.
  • Stripe or another payment provider if paid subscriptions or one-time recommendation purchases are enabled.

We may also disclose information when required by law, to protect rights and safety, or in connection with a merger, acquisition, or asset transfer.

Cookies and Ads

Essential cookies support security and account sessions. Analytics and advertising cookies may be used to measure traffic and show ads. In regions where consent is required, we use consent controls before enabling analytics or advertising storage.

You can manage Google personalized ads in Google Ads Settings, use the Google Analytics opt-out add-on, or review the fuller Cookie Policy.

GDPR Privacy Rights

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete account/profile data.
  • Delete your account data, subject to legal or security retention requirements.
  • Restrict or object to processing where applicable.
  • Request a portable copy of data you provided.
  • Withdraw consent for consent-based analytics or advertising cookies.
  • Complain to your local data protection authority.

California Privacy Rights (CCPA/CPRA)

We do not sell personal information. If advertising technology is treated as "sharing" under California law, you may opt out by contacting us or using available cookie controls.

  • Know the categories and specific pieces of personal information collected.
  • Request deletion of personal information, subject to statutory exceptions.
  • Request correction of inaccurate personal information.
  • Opt out of sale or sharing of personal information for cross-context behavioral advertising.
  • Limit use of sensitive personal information if we ever collect it.
  • Receive equal service and price when exercising privacy rights.

Retention and Deletion

We keep account and profile data while your account remains active. Saved journals, submission entries, subscriptions, and usage logs are retained as needed to provide the service, enforce quotas, resolve disputes, comply with law, and maintain security. You may request account deletion by emailing us.

International Transfers

Journal Metrics is available globally. Your data may be processed in the United States or other countries where we or our service providers operate. Where required, we rely on contractual safeguards and provider data processing terms for international transfers.

Children's Privacy

Journal Metrics is intended for researchers, students, clinicians, and academic professionals. We do not knowingly collect personal information from children under 13.

Contact Us

For privacy requests, account deletion, GDPR requests, CCPA requests, or questions, email admin@labcat.ai with the subject line "Privacy Request - Journal Metrics".