Privacy Policy

EDISON SCIENTIFIC, INC. PRIVACY POLICY
Effective Oct 30, 2025

We at Edison Scientific, Inc. (“Edison Scientific”, “Edison”, “we”, “us”, or “our”) strongly respect privacy and are committed to protecting and keeping secure information that is shared with us. This Privacy Policy (the “Policy”) governs the collection, use, disclosure, storage, transfer, and other processing of any data that you share with us and sets forth our data protection and privacy practices in connection with your use of our proprietary, chat-driven AI scientific discovery platform, APIs, websites, applications, and related services (collectively, the “Services”) where Edison acts as a data controller for personal or commercial use in the case of users accessing and using the Services.The Policy does not apply in the case where Edison acts as a data processor on behalf of a commercial customer, business entity, company, or enterprise (“Enterprise”) who is the data controller. Our use of such data in that case is governed by the Enterprise agreements covering that data, in which applicable documents including, but not limited to, a Master Services Agreement (“MSA”) and Data Processing Agreement (“DPA”) will be controlling.By accessing or using the Services, you acknowledge that you have read and understood the Policy.
‍

1. Definitions
‍
For the purposes of the Policy: 

“Personal Data” means any information relating to an identified or identifiable natural person, including but not limited to name, contact information such as an email address, phone number, or address, and other identifying information that specifically belongs to said natural person.

“Input(s)” or “Input Data” means any information that you freely choose to disclose and provide in your usage of the Services, including but not limited to Personal Data, prompts, code, figures, files, and any other data.

“Output(s)” or “Output Data” means any data generated from usage of the Services as a result of Inputs, such as responses and actions generated by the Services based on your Inputs.

“Trainable Data” means data such as agent decisions and behaviors in response to Inputs (“trajectory” or “trajectories”), user interaction data such as clicks and usage behavior, and software data created as part of coding notebooks by our agents.

“Processing” means any operation or set of operations performed upon data, whether or not by automated means, including collection, recording, organization, storage, alteration, retrieval, consultation, use, disclosure, dissemination, and erasure.

“Applicable Law” means relevant statutes or regulations particular to the jurisdiction that is being referenced.
‍

‍2. Collection of Data
‍
Personal Data: we collect Personal Data that you provide to us directly, including name, email address, and phone number in the course of registering to use our Services or to receive information about our Services (“Account” or “Account Information”). We collect Personal Data that you provide as an Input to our Services. We collect Personal Data that we receive automatically from your use of our Services, including browser information, connection information, mobile operator or internet service provider, time zone setting, IP address, and the geolocation associated with your IP address.
‍Payments and Billing Data: all payments for subscriptions and credits are processed through Stripe, Inc. Edison Scientific does not collect or store your full payment card information. When you provide payment details, those are submitted directly to Stripe via a secure, PCI-DSS-compliant process. Stripe may share limited transactional data (such as payment status or billing country) with us to confirm payments, prevent fraud, and maintain your subscription. For more information on how Stripe collects and uses your billing information, please refer to Stripe’s Privacy Policy.
‍Logging and Observability Data: we collect data about our Services system health when you use them. This includes log files for error reporting if you experience an error in the course of using our Services, and this data will include the timestamp of when the error occurred, which Service the error occurred in, and any logged data provided related to the error at the time of occurrence.
‍Usage Data: we collect data on your usage of the Services, such as usage timestamps, browsing history, click history, pages viewed, and other analytical information about your interactions with the Services.
‍Cookies & Similar Technologies (“Cookies”): we currently do not implement cookies and tracking technologies on the browser.
‍Feedback Data: we collect data you freely, voluntarily, and directly send to us through email communications or through our Services via interfaces clearly designated for user feedback, which may include support ticket portals and live agent chat boxes.
‍

‍3. Uses of Data
‍
‍We use collected data for the following purposes:

- To create and administer your Account.
- To provide, maintain, and facilitate all necessary and optional Services for your Account, which is governed by the Terms of Service.
- To communicate with you, including to send you information about our Services and any Edison events.
- To facilitate payments for the Services and any other products offered by us.
- To prevent and investigate the following: fraud, abuse, and violations of Terms of Service; unauthorized access to Personal Data or the Services; and unlawful or criminal activity involving Personal Data or the Services.
- To protect our rights and others’ rights in meeting legal regulations and obligations.
- To investigate and resolve disputes and security issues.
- To debug and fix errors that impair the Services.
- To improve the Services, including model training. For model training, unless you explicitly opt out through your Account, we may use your Trainable Data as defined in Section 1 to train our models to better improve the Services, however we do not and will not intentionally train on any user’s uploaded data, such as any scientific data that may be uploaded.
- To enforce our Terms of Service and other applicable agreements.

We do not sell, use, or process your Personal Data for any advertising, promotional, or consumer characterization purposes.
‍

‍4. Data Disclosures
‍
‍We may disclose your Personal Data in the following scenarios.

“Vendors”. In order to provide, maintain,  and facilitate all necessary and optional Services for your Account, we may disclose your Personal Data to vendors such as cloud hosting providers, email communication providers, customer service vendors, content delivery providers, payment transaction processors, and other information technology providers. These Vendors, pursuant to being party to business agreements with us, will access, process, and store Personal Data in compliance with industry standards and only as necessary to perform their business functions with us.

“Government Authorities”. Pursuant to regulatory or legal requirements, we may disclose your Personal Data and other collected data with government authorities or other third parties: to comply with or act in good faith that such disclosure is necessary to comply with a legal obligation to assist with or in connection to an investigation, claim, dispute, or litigation; to defend our rights or property; to enforce contractual commitments; or as otherwise permitted or required by Applicable Law.

“Significant Corporate Event”. In the event that we undergo a material corporate event, including but not limited to a merger, acquisition, bankruptcy, or corporate business transaction involving transfer of business assets, we will disclose your Personal Data as part of due diligence processes and requirements.

“Per Individual Consent”. We will disclose personal data when you give us permission or direct us to disclose information in the course of using the Services.

“Other Third Parties You Share Information With”. Our Services may include the ability to integrate with or may provide links to websites, applications, and services managed by third parties that you can interact with. By interacting with a third party, you are disclosing information that is governed by the third party’s terms and privacy policies, and you should ensure you understand those terms and policies before proceeding to interact with them.


‍5. Rights
‍
‍In accordance with the jurisdiction in which you reside, the Applicable Laws may grant you certain statutory rights in relation to your Personal Data, including:

Right to Be Informed. You have the right to know what Personal Data is processed, the sources from which Personal Data is collected, the business or commercial purposes for collection, and the third parties that Personal Data is disclosed to.

‍Right to Access. You have the right to request a copy of Personal Data that is processed. Subject to Applicable Law, you have the right to request a copy in portable format.

‍Right to Be Forgotten. You have the right to request that we delete your Personal Data, except in cases where legal obligations require us to keep your data. You may also have the ability to delete your data from the Services through the user interface.

‍Right to Rectification. You have the right to request that we correct your Personal Data, except in cases where legal obligations require us to keep your data, and except in any Outputs generated by your Inputs.

‍Right to Objection of Processing. You have the right to object to and request a stoppage of our processing of your Personal Data. We will continue to process data as necessary if we demonstrate a compelling and legitimate need which overrides your request, such as but not limited to the establishment, exercise, or defense of legal claims. In the cases of direct marketing, you can object and opt out of future direct marketing messages using the unsubscribe mechanism contained within such direct marketing messages.

‍Right to Restriction of Processing. You have the right to restrict how we process your Personal Data in such cases of objection to processing, data accuracy disputes, unlawful processing, or when your Personal Data is no longer needed to serve its purpose for the Services. Restrictions may be temporary.

‍Right to Withdraw Consent. You have the right to withdraw your consent for processing your Personal Data in cases where we have, at a prior point in time, received your consent as a legal basis for processing. A withdrawal of consent does not invalidate the lawfulness of processing arising from the originating consent given.

‍Rights Related to Automated Decision-Making and Profiling. You have the right to not be subjected to any decisions based solely on automated processing, including profiling, which may produce legal or similarly significant effects. We do not engage in decision-making based solely on automated processing or profiling.

You may exercise these rights through your Account. If you are unable to access these rights to your Account, you may submit your request to privacy@edisonscientific.com.
‍

‍6. Children
‍
‍Our Services are neither directed towards nor intended for children under the age of 18 (“Child” or “Children”). We do not knowingly collect, use, disclose, sell, share, or distribute in any way any information from Children. If you come to the knowledge that a Child has provided any Personal Data to us while using our Services, please immediately contact us at privacy@edisonscientific.com. We will promptly investigate the matter and delete the Personal Data, if appropriate. Children must have explicit permission and supervision from a parent or legal guardian to use our Services.


‍7. Retention
‍
‍We will retain your Personal Data for as long as reasonably necessary for the purposes of providing our Services to you and other legitimate business reasons such as dispute resolutions and legal obligations, as stated in the Policy. When your collected Personal Data is no longer required, we and our Vendors will perform the required procedures for deleting, erasing, anonymizing, or destroying it as permitted and in required compliance with Applicable Laws.


‍8. Data Transfers
‍
‍In the course of accessing and using our Services, your Personal Data may be transferred to our server systems located within the United States. If your jurisdiction lies within the European Economic Area (“EEA”) or the United Kingdom, we rely on the adequacy decisions under Article 45 GDPR and, in absence of an adequacy decision, standard contractual clauses under Article 46 GDPR to ensure your Personal Data benefits from adequate data protection compliant with GDPR regulations.


‍9. Analytics
‍
‍We may process your data in an aggregated or de-identified form for the purposes of analytics to understand user behavior, the effectiveness of our Services, and overall legitimate business interests. We do not sell this processed data to third parties.


‍10. Security
‍
‍We implement commercially reasonable and appropriate administrative, organizational, and technical security measures to protect Personal Data from unauthorized access, disclosure, misuse, disclosure, alteration, or loss.
‍

‍11. Legal Bases for Processing
‍