Privacy Policy

Last updated: March 17, 2026

DeskReview.ai provides guide-driven manuscript readiness checks designed for authors, reviewers, and editors. We take privacy seriously, particularly given the confidential and unpublished nature of academic manuscripts.

1. Who We Are

DeskReview.ai is operated as a Dutch sole proprietorship (eenmanszaak) established in the Netherlands and registered with the Netherlands Chamber of Commerce (KVK).

• Trade name: DeskReviewAI
• KVK number: 99821966
• Contact: contact@deskreview.ai

Unless stated otherwise in this Privacy Policy, DeskReview.ai acts as the data controller for the personal data described here.

DeskReview.ai does not require user registration and does not create user accounts.

2. What Data We Process

2.1 Uploaded Manuscripts

When you upload a manuscript (PDF), its content is processed solely to generate a manuscript readiness analysis and feedback report. This may include manuscript text, page numbers and document structure, and extracted quotations linked to PDF locations.

Manuscripts are processed transiently and are not retained by DeskReview.ai.

2.2 Generated Reports

• Stored locally in your browser’s storage on the device and browser you are using
• Not transmitted back to DeskReview.ai after generation
• Not accessible to DeskReview.ai or other users

You may delete stored reports at any time using your browser or provided controls.

2.3 Payment Data

Where payment is required, payments are handled by a third-party payment provider. DeskReview.ai does not store or process payment card details.

3. What We Do Not Collect

• We do not require registration or user accounts.
• We do not use analytics, tracking pixels, or behavioral tracking tools.
• We do not track users across sessions or websites.
• We do not build user profiles.
• We do not store manuscripts or reports on our servers.

4. Google OAuth and Connected Gemini Accounts

If you choose to connect DeskReview.ai to your Google Gemini account, DeskReview.ai receives and uses Google OAuth credentials solely to provide the Gemini-powered manuscript analysis workflow you requested.

• DeskReview.ai does not request access to your Gmail, contacts, calendar, or Google profile information.
• DeskReview.ai stores an encrypted Google OAuth refresh token in a secure, HttpOnly, SameSite=Strict cookie on your device so the service can continue to access your connected Gemini capability.
• This cookie is used only to support your connected Gemini session and is not used for analytics, advertising, profiling, or cross-site tracking.
• The encrypted OAuth cookie is removed when you disconnect your Google account and may also expire automatically over time.
• DeskReview.ai does not sell, share, or transfer your Google OAuth credentials to advertisers, data brokers, or unrelated third parties.

5. Use of Large Language Models

DeskReview.ai uses Gemini developer APIs to assist with manuscript analysis.

• Manuscript content is sent to the model only for the requested analysis.
• If you connect DeskReview.ai to a Google Gemini account on Google’s free tier, prompts, uploaded manuscript content, and related outputs sent to Google may be used by Google to improve its products, in accordance with Google’s own terms and policies.
• If you use a paid Gemini plan, Google states that submitted content is not used to improve its products.
• DeskReview.ai does not control Google’s downstream use of data once content is sent through your connected Google account. Users handling confidential, unpublished, or sensitive manuscripts should review Google’s current data-use terms carefully and choose the Google plan that fits their privacy requirements.
• DeskReview.ai does not fine-tune or retrain models using user-submitted content.

6. Purpose and Legal Basis (GDPR)

We process data solely to perform the service you explicitly request.

Legal basis: Article 6(1)(b) GDPR — performance of a contract.

No consent for marketing, tracking, or profiling is requested or required.

7. Data Retention

• Manuscripts are processed transiently and not retained.
• Reports persist only in your local browser storage.
• If you connect a Google Gemini account, the encrypted OAuth cookie may remain on your device until you disconnect, clear site data, or the cookie expires.
• You control retention and deletion.

DeskReview.ai maintains no centralized archive of manuscripts or reports.

8. Data Sharing and Third Parties

Data is shared only with the LLM API provider, strictly for analysis, and with payment providers, strictly for payment processing.

If you connect your Google Gemini account, Google acts as the OAuth provider and Gemini service provider for the requested analysis flow.

DeskReview.ai does not sell, rent, or share data with advertisers, analytics providers, or data brokers.

9. Security Measures

• Encrypted data transmission (HTTPS)
• Minimal data processing by design
• No centralized storage of manuscripts or reports
• Encrypted storage of the Google OAuth refresh token in a secure, HttpOnly cookie when you connect your Gemini account

The security of locally stored reports depends on the security of your device and browser.

10. Your Rights

Under the GDPR, you have the right to request information about how your data is processed, delete locally stored reports at any time, and contact us with privacy-related questions or concerns.

Because DeskReview.ai does not store manuscripts or reports centrally, most data control remains entirely with you.

11. Changes to This Policy

This policy may be updated to reflect service or legal changes. The current version will always be published on this website.

12. Contact

For privacy-related questions: privacy@deskreview.ai