GDPR is the EU regulation that governs how personal data is collected and used. Scheria is built around research collaboration, which means handling some personal data — accounts, messages — and, separately, the research datasets that researchers bring to the platform. This page explains, in plain terms, what the GDPR protects and where Scheria fits. It is informational, not a binding policy.
What the GDPR covers
Personal data is any information relating to an identifiable person — a name, an email, an ID number, but also things like IP addresses or location traces. The GDPR sets out how that data may be handled: every use needs a lawful basis, data should be minimised to what the purpose requires, it may only be used for the purpose it was collected for, and it must be kept secure. The regulation protects people who are in the EU regardless of where the organisation processing their data is located.
Your rights over your data
The GDPR gives you a defined set of rights over your personal data: access (obtain a copy), rectification (correct it), erasure (have it deleted), portability (receive it in a usable format), restriction (pause its use while a question is open), and objection (refuse certain uses). On Scheria these rights apply to the personal data held in your account. To exercise any of them, email us at contact@scheria.io and we will action the request.
Where Scheria sits
Scheria stores your account profile, the One-Pagers and project briefs researchers publish, direct-message threads, and the operational and audit logs needed to run the platform. The research datasets a researcher brings are different. For those, the researcher is the data controller (GDPR Art. 4(7)) and Scheria acts as a processor (Art. 4(8)): Scheria processes those datasets on the researcher's instructions and does not repurpose them for its own ends. For data-protection questions, write to contact@scheria.io.