Privacy
Privacy at Advance Basis
Privacy-first. No third-party tracking. No browser fingerprinting. Your research is never shared or sold. This page states what that means in practice. Effective 2026-07-04; updated whenever practices change.
What we collect, and why
Your account identity comes from the sign-in provider you choose (Google or GitHub): name, email, and the provider's subject identifier. The research material you provide on purpose (briefs, uploads, intake answers) and the operational records needed to deliver and bill your work (runs, sources, claims, reports, and a billing ledger in real currency) are stored as first-party records. Server logs exist for security, reliability, and financial audit.
What we never do
No third-party analytics, trackers, pixels, or SDKs run on any page. No browser fingerprinting. No advertising. Your research content is never sold, never shared for another party's purposes, and never used to train models beyond performing the work you requested. Any measurement we run stays on infrastructure we operate, uses no cross-site identifiers, and discards IP addresses after resolving a country or region.
Cookies
Three, all essential: a session cookie, a request-forgery guard, and your theme choice. There are no marketing or cross-site cookies.
Sub-processors
Infrastructure providers include Fly.io, Neon, Cloudflare, and Amazon Web Services. All in the United States.
Research processing: U.S.-based AI inference and retrieval providers under confidentiality terms. Research material is sent to these providers only to perform the work you requested; that is service delivery under our direction, not sharing or sale. The full sub-processor list is disclosed to customers under agreement. Payment processing is handled by Stripe when you add funds to your account balance.
Google Fonts is currently the only third-party request a page makes, to load typefaces; Google receives the connecting IP address for that request and nothing else.
Retention and deletion
Your reports, documents, and drafts remain until you delete them; delete and dismiss controls are built into the product, and deleting a document also removes its stored object. Operational and billing records are retained for audit.
Transactional only: invitations and account notices, sent from mail.advancebasis.com. No marketing mail without separate consent.
Questions
Reply to any message we send, or use the request form on the landing page.