Privacy Policy

The Morning Abstract collects only the information necessary to deliver your personalized research briefings:

• Account information: Email address, name (if provided via OAuth), and authentication tokens from Google or GitHub sign-in.
• Research preferences: arXiv categories, keywords, taxonomy tags, delivery time, and timezone you provide during onboarding.
• Usage data: Which digests you open and interaction timestamps to improve your briefing quality.
• Payment information: Processed securely by Stripe. We never store credit card numbers on our servers.

• Briefing generation: Your keywords and interests are matched against papers from arXiv to generate personalized digests.
• AI processing: Paper text is sent to Anthropic's Claude API for analysis. Your personal keywords are included in digest generation prompts to personalize the editorial content. No personal data beyond your first name is shared with AI providers.
• Email delivery: Your email address is shared with Resend (our email provider) solely to deliver your briefings.
• Service improvement: Aggregate, anonymized usage patterns help us improve matching quality and digest format.

The Morning Abstract accesses publicly available research papers via the arXiv API in accordance with their terms of use:

• We respect arXiv's rate limits and access guidelines.
• Paper metadata (titles, authors, abstracts) is sourced from arXiv's open access API.
• Full paper text is extracted from publicly available PDFs for AI analysis.
• We provide direct links back to arXiv for all referenced papers.
• The Morning Abstract is not affiliated with or endorsed by arXiv, Cornell University, or any paper authors.

Thank you to arXiv for use of its open access interoperability. arXiv papers are subject to their respective authors' licenses.

• Account data is stored in a PostgreSQL database hosted on secure infrastructure.
• Authentication uses industry-standard JWT tokens with secure HTTP-only cookies.
• All data in transit is encrypted via TLS/HTTPS.
• Passwords are never stored — we use OAuth and magic-link authentication only.
• Payment processing is handled entirely by Stripe (PCI DSS Level 1 compliant).

We do not sell your personal data. We share data only with:

• Anthropic (Claude API): Paper text and your first name for digest generation.
• Resend: Email address for briefing delivery.
• Stripe: Payment information for subscription billing.
• Analytics: Anonymized, aggregate usage data only.

• Access: You can view all your stored data via the Settings page.
• Correction: Update your keywords, preferences, and profile at any time.
• Deletion: Email us at privacy@morningabstract.ai to request full account deletion. We will remove all personal data within 30 days.
• Export: Request a copy of your data by emailing privacy@morningabstract.ai.
• Opt-out: Disable email digests in Settings at any time. Unsubscribe links are included in every email.

We use essential cookies for authentication (session tokens). We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

The Morning Abstract is designed for researchers and scientists. We do not knowingly collect data from anyone under 16. If you believe a minor has created an account, contact us at privacy@morningabstract.ai.

We may update this policy as our service evolves. Material changes will be communicated via email to all registered users. Continued use after notification constitutes acceptance.

For privacy questions or data requests, email privacy@morningabstract.ai