Legal
Privacy Policy
Last updated: May 2026
Wawe AI ("Wawe", "we", "us") operates a computational drug discovery research platform. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights over it. We have written it in plain language. If you have questions, contact us at privacy@waweai.com.
1. What data we collect
- Account information — Your name, email address, and institution when you register.
- Usage data — Which spaces you use, queries submitted, and session timestamps — to improve the platform.
- Research inputs — Files and data you upload (PDB, SDF, FASTA, etc.) to run jobs. These are stored under your account and not shared.
- Device & log data — IP address, browser type, and page load times for security and performance monitoring.
- Cookies — A single session cookie to keep you signed in. No advertising or tracking cookies.
2. How we use your data
- ›To operate, authenticate, and personalise your research environment.
- ›To run the computational jobs you submit and return results to you.
- ›To send account-related emails (access approval, job completion, password changes).
- ›To monitor platform health, diagnose errors, and prevent abuse.
- ›To improve the platform based on aggregate, anonymised usage patterns.
We do not sell your data, use it for advertising, or share it with third parties except as described below.
3. Data sharing
We share data only when necessary to operate the service:
- Cloud infrastructure — We use cloud compute providers to run simulations. Data is processed in-region and not retained by providers beyond job completion.
- Scientific databases — Queries to external databases (UniProt, RCSB PDB, ChEMBL) are made on your behalf. Those services have their own privacy policies.
- Legal requirements — We may disclose data if required by law, court order, or to protect the rights and safety of users.
4. Data retention
Account data is retained for the duration of your access and for up to 30 days after account deletion. Research session history is kept for 90 days. Uploaded files are deleted 30 days after the associated job completes, unless you save them explicitly. You can request immediate deletion at any time.
5. Security
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access to production data is restricted to authorised Wawe engineers and logged. We conduct regular security reviews. No system is 100% secure — if you discover a vulnerability, please report it to security@waweai.com.
6. Your rights
Depending on your location you may have the following rights under GDPR, CCPA, or similar laws:
- ›Access — request a copy of the data we hold about you.
- ›Correction — ask us to fix inaccurate information.
- ›Deletion — request that your account and data be erased.
- ›Portability — receive your data in a machine-readable format.
- ›Objection — object to certain processing activities.
- ›Withdraw consent — opt out of non-essential data use at any time.
To exercise any right, email privacy@waweai.com. We will respond within 30 days.
7. Cookies
We use one strictly necessary session cookie (next-auth.session-token) to keep you signed in. We do not use analytics, advertising, or third-party tracking cookies. You can decline non-essential cookies via the banner shown on your first visit. Declining does not affect your ability to use the platform.
8. Changes to this policy
We may update this policy as the platform evolves. We will notify registered users by email of material changes at least 14 days before they take effect. The "last updated" date at the top reflects the most recent revision.
9. Contact
For privacy questions, data requests, or concerns — email privacy@waweai.com. For general support, use the in-app feedback form.