Privacy Policy

1. Introduction

Welcome to Pelican Alpha ("Pelican," "we," "us," or "our"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains what information we collect, how we use it, the technology vendors who help us deliver our services, and what rights you have in relation to your information. If you have any questions or concerns about this policy, please contact us at ricardo.lee@pelicanalpha.com.

2. What Information Do We Collect?

We collect personal information that you voluntarily provide when you create an account, request access to our research products, subscribe to a paid plan, or otherwise communicate with us.

The personal information we collect may include the following:

• Contact and Identity Details: Name, institutional email address, and associated firm or role information.
• Account Authentication: We rely on passwordless email links (Resend) and Google Workspace OAuth via NextAuth. We do not store raw passwords.
• Billing Metadata: Subscription selection and Stripe customer identifiers tied to your account. Stripe stores payment instrument details on our behalf.
• Communications: Messages you send through our contact form (routed through Brevo) and any support inquiries.

We also collect certain technical information automatically when you interact with the site, including IP address, browser type, device characteristics, pages visited, and referring URLs. This data helps us secure the service and troubleshoot issues.

3. How Do We Use Your Information?

We use the information we collect to:

• Provide and improve our products: Provision accounts, deliver subscription-only research assets, and enhance the Pelican Agent experience.
• Manage subscriptions and billing: Coordinate Stripe subscription lifecycles and confirm entitlements stored in our Prisma-managed database.
• Communicate with you: Send transactional notices (Resend), respond to inbound requests (Brevo), and share product updates when permitted.
• Protect our platform: Detect abuse, enforce access policies, and comply with applicable laws and regulations.

4. What Technology Partners Do We Use?

We rely on a focused set of third-party service providers to operate Pelican Alpha. These vendors process data only to the extent necessary to deliver their contracted services:

• Hosting and Application Runtime: Vercel, Inc. serves the Next.js application and edge functions that power the web experience.
• Authentication: NextAuth (self-hosted) with Google OAuth (Google LLC) and Resend, Inc. for passwordless magic-link delivery.
• Payments and Billing: Stripe, Inc. handles subscription checkout, invoicing, and customer portal management.
• Data Storage: Prisma ORM backed by a managed relational database for core user and subscription records, along with Cloudflare R2 object storage for research assets and signed download URLs.
• Transactional Email and Support: Resend, Inc. (magic links) and Brevo (formerly Sendinblue) for contact-form routing.

We do not currently use third-party advertising networks or behavioral analytics platforms. If that changes, we will update this Privacy Policy before collecting additional data for that purpose.

5. How Do We Keep Your Information Safe?

We implement technical and organizational safeguards, including TLS encryption in transit, scoped API keys for each vendor integration, and restricted access to production credentials. No internet transmission or storage system is completely secure, so we regularly review our controls and vendor security posture.

6. What Are Your Privacy Rights?

Depending on where you reside, you may have rights to access, correct, or delete your personal information, as well as the right to restrict certain processing. California residents may exercise rights under the California Consumer Privacy Act (CCPA). To submit a request, email ricardo.lee@pelicanalpha.com with the subject line "Privacy Request".

7. Do We Make Updates to This Policy?

We may update this Privacy Policy from time to time. The "Last Updated" date at the top reflects the most recent revisions. We encourage you to review this page periodically to stay informed about how we protect your data.

8. How Can You Contact Us?

If you have questions or comments about this policy, email ricardo.lee@pelicanalpha.com or write to Pelican Alpha, 650 California Street, 7th Floor, San Francisco, CA 94108.