Privacy Policy

Last updated: 3 January 2026

This Privacy Policy explains how Chameleon Check ("Chameleon", "we", "us", or "our") collects, uses, and protects your information when you use our manuscript formatting service at chameleoncheck.app.

We are committed to protecting your privacy and handling your data responsibly. We designed Chameleon so that your document content is never permanently stored.

1. Who We Are

Chameleon Check is a manuscript formatting and journal compliance checking service based in the United Kingdom. For privacy-related enquiries, contact us at privacy@chameleoncheck.app .

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (if provided)
  • Profile picture (if using social login)

Account authentication is handled by Clerk, a third-party authentication service. See their privacy policy for details on how they handle authentication data.

2.2 Document Metadata

When you check a document, we store minimal metadata to power features like usage history:

  • Filename of uploaded documents
  • A checksum (SHA-256 hash) to identify re-uploads of the same document
  • Timestamps of when documents were processed
  • Which rules and journals were checked

2.3 Usage Analytics

We use Umami, a privacy-focused analytics service, to understand how our service is used. Umami does not use cookies and does not collect personally identifiable information. We collect:

  • Pages visited
  • Features used
  • Browser type and screen size
  • Country (approximate, based on IP)

2.4 Feedback Submissions

When you submit feedback, we collect:

  • Your email address (if provided or signed in)
  • Feedback type (bug report, feature request, etc.)
  • Feedback content
  • Timestamp

3. Information We Do Not Collect

We designed Chameleon with privacy in mind. We do not collect or store:

  • Document content — Your manuscripts are processed entirely in memory and are never written to disk or permanent storage
  • Payment information — Not applicable during early access
  • Precise location data — We do not track GPS or precise location

4. How We Use Your Information

We use the information we collect to:

  • Provide and operate the service
  • Track your document processing history
  • Improve and develop new features
  • Respond to your feedback and support requests
  • Communicate service updates and changes
  • Ensure security and prevent abuse

5. Legal Basis for Processing (GDPR)

Under UK and EU data protection law, we process your data based on:

  • Contract performance — Processing necessary to provide the service you requested
  • Legitimate interests — Improving our service, ensuring security, and preventing fraud
  • Consent — Where you have given explicit consent (e.g., marketing communications)

6. Data Sharing

We do not sell your personal data. We share data only with the following service providers who help us operate Chameleon:

  • Clerk — Authentication services (US-based, with appropriate data transfer safeguards)
  • Cloudflare — Hosting and API infrastructure (global, GDPR-compliant)
  • Umami Cloud — Privacy-focused analytics (EU-based)

We may also disclose information if required by law or to protect our rights and the safety of our users.

7. Data Retention

  • Account data — Retained until you delete your account
  • Document metadata — Retained until you delete your account
  • Feedback — Retained for service improvement purposes
  • Analytics — Aggregated and anonymised, retained indefinitely

8. Your Rights

Under UK GDPR, you have the following rights:

  • Access — Request a copy of your personal data
  • Rectification — Correct inaccurate personal data
  • Erasure — Delete your account and associated data
  • Portability — Receive your data in a portable format
  • Objection — Object to certain processing activities
  • Restriction — Request limitation of processing

9. How to Exercise Your Rights

  • Delete your account — Use the account management options in your profile (provided by Clerk)
  • Data export or other requests — Contact us at privacy@chameleoncheck.app

We will respond to your request within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk .

10. Data Security

We implement appropriate security measures to protect your data:

  • All data transmitted over HTTPS/TLS encryption
  • Secure authentication via Clerk
  • No permanent storage of document content
  • Regular security reviews and updates

For more details, see our Security page.

11. International Data Transfers

Some of our service providers are based outside the UK/EEA, including in the United States. Where we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK/EU.

12. Children's Privacy

Chameleon is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at privacy@chameleoncheck.app .

13. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on our website. The "Last updated" date at the top of this page indicates when the policy was last revised.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Back to homepage