FirstAuthor
FirstAuthor

Privacy Policy

How we protect your privacy and handle your data

Overview

FirstAuthor ("we", "our", or "us") is operated by Dr. Philipp Münch – AI Software & SaaS (sole proprietorship) and is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website and sign up to our waitlist.

Controller: Dr. Philipp Münch – AI Software & SaaS, Geiselgasteigstr. 46, 81545 München, Deutschland

Information We Collect

  • Waitlist Information: Email address and optional details you provide (e.g., role, field, referral, campaign parameters) when you join the waitlist. We use a double opt‑in process.
  • Technical Logs: Basic technical data collected by our hosting provider for operation and security (e.g., IP address, request metadata).
  • Conversion Metrics: With your consent we trigger a Google Ads conversion event when you submit the waitlist form. Google receives pseudonymous event data (e.g., timestamp, URL, referrer) so we can measure campaign performance.

How We Use Your Information

  • To manage the waitlist and send double opt‑in confirmation emails
  • To communicate product updates and onboarding information after you confirm
  • To ensure the security and reliability of the website
  • To measure campaign performance via Google Ads conversion tracking (only after consent)

Legal Bases

  • Art. 6(1)(a) GDPR (consent) for waitlist emails via double opt‑in
  • Art. 6(1)(f) GDPR (legitimate interests) for security and prevention of abuse
  • Art. 6(1)(a) GDPR (consent) for Google Ads conversion tracking

Data Security

We implement industry‑standard security measures to protect your personal information. Data is encrypted in transit and at rest where supported by our providers. We do not use your private data to train AI models without explicit permission.

Data Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties. We may share information only:

  • With your explicit consent
  • To comply with legal obligations
  • To protect our rights and prevent fraud
  • With service providers who assist in operating our website and emails (under data processing agreements)

Processors

  • Vercel — hosting, CDN, operational logs, and cookieless analytics
  • Vercel Postgres — database for user accounts, workspaces, and references
  • Vercel Blob Storage — file storage for uploaded images and figures
  • Resend — email delivery for notifications and invitations
  • Tiptap Cloud (Tiptap GmbH, Germany) — real-time collaboration infrastructure (EU servers)
  • Google Ireland Limited — Google Ads conversion measurement (only when consent is given)

AI Service Providers (Non-EU)

When you use AI features (Style Check, AI Suggestions, Reference Chat), your manuscript content is processed by AI services located outside the European Union:

  • Anthropic (USA) — AI style checking via Claude models. We send paragraph text, section titles, and writing guidelines. Your data is not used for AI training and is subject to zero-retention policies.
  • OpenRouter (USA) — API routing for reference chat and AI suggestions. Routes requests to Anthropic's Claude models hosted on AWS Bedrock. Zero-retention policy applies.

These transfers are necessary to provide AI functionality and are conducted in compliance with GDPR requirements, relying on Standard Contractual Clauses (SCCs) and, where applicable, the EU-US Data Privacy Framework. You can disable AI features entirely in Settings → Manuscript display → AI assistance. When disabled, no manuscript content is sent to these providers. See our Data Processing page for detailed information about what data is sent and how it is protected.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your manuscripts and data
  • Withdraw consent and opt‑out of communications at any time

Cookies

We set essential cookies for authentication (e.g., fa_session). If you click "OK" on the cookie banner, we also load Google Ads conversion tracking (gtag.js), which may set additional cookies to measure waitlist signups. You can withdraw consent at any time by clearing your browser storage for firstauthor.ai and reloading the page.

Retention

We retain your email and related waitlist data until you unsubscribe or until they are no longer needed for the stated purposes. Technical logs are retained per provider policies.

Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: muench@hsph.harvard.edu
Address: Dr. Philipp Münch – AI Software & SaaS, Geiselgasteigstr. 46, 81545 München, Deutschland

Kurzfassung (DE)

Verantwortlicher: Dr. Philipp Münch – AI Software & SaaS, Geiselgasteigstr. 46, 81545 München. Wir erheben aktuell nur E‑Mail‑Adressen (optional: Rolle/Fach) für die Warteliste mittels Double‑Opt‑In. Hosting (Vercel), Datenbank (Vercel Postgres) und E‑Mail‑Versand (Resend) verarbeiten Daten in unserem Auftrag. Nach Zustimmung im Cookie-Banner setzen wir Google Ads Conversion-Tracking (Google Ireland Ltd.), um Kampagnen zu messen. Sie können Ihre Einwilligung jederzeit widerrufen und eine Löschung verlangen.

Last Updated: December 6, 2025
FirstAuthor.ai — Reproducible manuscript writing