Privacy Policy

1. Introduction

Scide AI is committed to protecting your privacy. This policy explains what information we collect, how we use it, and the choices available to you. By using the Service, you consent to the practices described here. If you disagree, please do not use Scide AI.

Data Controller: SummSide (operating as Scide AI) — Contact: contact@scide-ai.com. Full legal identification is available in the Legal Notices accessible from the footer of this page. This entity is the data controller within the meaning of the EU General Data Protection Regulation (GDPR) and French Law n° 78-17 of 6 January 1978 (Loi Informatique et Libertes, as amended).

2. Information we collect

Account information

When you create an account, we collect your email address and, if you choose to provide it, your name. If you sign in through a third-party provider such as Google, we also receive the basic profile information those services share with us, along with your account preferences and settings.

Usage data

We track only aggregated usage counters per user in order to enforce plan limits (e.g. number of analyses or exports performed in the month). This data does not include IP addresses, location, device or browser information. We do not use any behavioural analytics or advertising tracking tools.

Uploaded documents

When you submit a document for analysis, it is processed by our AI systems in order to extract text and generate the report.

• Free users: the document is processed in memory for the duration of the session only and is not stored on our servers once the analysis is complete.
• Premium users: analysis results are stored on our servers to provide you with a history accessible from your workspace. The raw document content is not retained; only the analysis results and metadata are stored.

We do not share uploaded documents with third parties beyond what is strictly necessary to provide the analysis.

Responsibility for uploaded content: You are solely responsible for the content of the documents you submit. You agree not to upload documents containing non-anonymized personal data (patient names, identifying health data, etc.). If your document contains such data, you must anonymize it prior to submission. Scide AI cannot be held liable for the processing of sensitive data uploaded in violation of this principle.

3. How we use your information

We use the information we collect to provide and improve the Service, manage your account, authenticate your identity, communicate important updates, analyze usage patterns, detect and address security issues, and comply with applicable legal obligations.

4. AI processing and third-party services

Analyzing a document involves sending its text content to third-party AI providers for processing. We also rely on external services for authentication, database operations, and payment processing.

The third-party services we use include:

• Clerk — authentication and user management. Processes your email address, name, and authentication tokens.
• Convex — real-time database and backend infrastructure. Stores your account data, analysis results, and usage information.
• DodoPayments — payment processing and subscription management. Processes payment information when you subscribe to a paid plan.
• Google (Gemini) — AI-powered document analysis. Receives the text content of uploaded documents for the duration of the analysis. This provider may process data in the United States or other jurisdictions.

Each of these providers operates under its own privacy policy. We encourage you to review their terms if you would like more detail about how they handle data.

5. Data retention

Account data is retained for as long as your account is active. Usage counters (number of analyses and exports in the month) are reset each month and are not retained beyond that.

• Free users: documents are processed in memory and discarded once the analysis is complete. No results are stored permanently.
• Premium users: analysis history is retained for as long as your subscription is active. Upon cancellation, data is deleted within 6 months of the subscription end date, unless you request earlier deletion.

You may request deletion of your data at any time by contacting us at contact@scide-ai.com.

6. Security

We implement appropriate technical and organizational measures to protect your personal information, including encryption of data in transit via HTTPS/TLS, encryption of data at rest (including Premium users' analysis history), secure authentication mechanisms, regular security assessments, and strict internal access controls. That said, no system is entirely immune to risk, and we cannot guarantee absolute security.

7. Your rights

Depending on where you are located, you may have the right to access, correct, delete, or export your personal data, as well as to object to or restrict certain types of processing. Premium users can delete their analysis history directly from their workspace. To exercise any of these rights, contact us using the details provided at the end of this policy. We will respond to all legitimate requests within one (1) month of receipt, in accordance with Article 12.3 of the GDPR. This period may be extended by a further two months where necessary, taking into account the complexity and number of requests; in such cases, we will inform you of the extension and the reasons for the delay.

If you are located in the European Economic Area, our legal bases for processing your data include your consent, the performance of our contract with you, our legitimate business interests where they do not override your rights, and compliance with legal obligations.

Right to lodge a complaint: If you believe that the processing of your personal data infringes the GDPR or applicable national law, you have the right to lodge a complaint with your competent supervisory authority. In France, this is the Commission Nationale de l'Informatique et des Libertes (CNIL), 3 Place de Fontenoy — TSA 80715 — 75334 Paris Cedex 07 — www.cnil.fr. This right does not affect any other administrative or judicial remedy.

8. Cookies

Scide AI uses only strictly necessary cookies to maintain your authentication session via Clerk. These cookies are essential for the Service to function and do not require your consent under applicable law.

We do not use analytics, tracking, advertising, or any other non-essential cookies. Your theme preference is stored in your browser's local storage — not in a cookie — and never leaves your device.

You can manage or delete cookies through your browser settings. Disabling authentication cookies will prevent you from signing in and accessing the Service.

9. Age restriction

Scide AI is not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe such information has been collected, please contact us immediately.

10. International transfers

Your information may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States, where our sub-processors (Clerk, Convex, DodoPayments, Google) are headquartered. When such transfers occur, we ensure that appropriate safeguards are in place in accordance with Articles 44-50 of the GDPR.

In particular, where transfers are made to third countries not covered by an adequacy decision of the European Commission, we rely on Standard Contractual Clauses (SCCs) adopted by the European Commission (Decision 2021/914) as the legal basis for the transfer. You may obtain further information about these safeguards and request a copy of the relevant contractual mechanisms by contacting us at contact@scide-ai.com.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the date at the top of this page. Continued use of the Service after a change constitutes acceptance of the updated policy.

12. Contact

If you have questions about this Privacy Policy or the way we handle your data, please reach out at contact@scide-ai.com.