Effective date: May 8, 2026
Delphi Studio (“we,” “our,” or “us”) operates a research-grade platform for structured Delphi and consensus studies. This policy explains what information we collect, how we use it, and the choices you have. It applies to researchers, panelists, and anyone else who interacts with our service.
This policy has not yet been reviewed by legal counsel and should not be relied upon as legal advice. It is provided for transparency and will be updated before public launch.
We collect your email address when you sign in. Authentication is handled via a secure, single-use magic link — we never store your password. We may also collect your name and institutional affiliation if you provide them in your profile.
Researchers create studies, configure rounds, and import panelist lists. Panelists submit survey responses. All of this content is stored on your behalf and is yours — see “Data Ownership” below.
We automatically collect server logs, timestamps, IP addresses, browser type, and interaction events (e.g., round opened, response submitted). These are used for security, debugging, and maintaining audit trails that support research reproducibility.
When we send you transactional emails (magic links, round invitations, result notifications), our email provider may log delivery metadata. We do not use these for advertising.
We do not sell your personal data. We do not use study response data to train AI models without explicit written consent.
Study data — including questionnaire designs, panelist responses, and exported results — belongs to the researcher who created the study. We act as a data processor on your behalf. You may export your data in publication-ready formats at any time, and you may request deletion of your account and associated data.
Researchers are responsible for ensuring their use of Delphi Studio complies with applicable IRB or ethics board requirements, participant consent obligations, and institutional data governance policies. We do not serve as your IRB and do not provide legal or compliance advice.
Panelist identities are handled with care. By default, individual responses are visible only to the researcher who controls the study. Panelists are identified to each other only to the extent the researcher configures (e.g., open vs. blinded rounds). We do not publish panelist email addresses or response data to third parties.
Researchers must inform panelists of their data practices as required by applicable consent and privacy regulations.
We share data only in these circumstances:
We retain account data for as long as your account is active. Study data is retained according to your account settings. Audit log entries are retained for a minimum of three years to support research reproducibility. When you delete your account, personally identifiable information is removed within 30 days, except where retention is required by law or by our audit-log policy.
We use industry-standard security measures including TLS encryption in transit, encryption at rest, single-use authentication tokens, and role-based access controls. No system is perfectly secure; please notify us immediately if you suspect unauthorized access.
Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal data. To exercise any of these rights, contact us at privacy@delphistudio.org. We will respond within 30 days.
We use session cookies required for authentication. We do not use third-party advertising cookies or cross-site tracking. We may use privacy-respecting analytics (no fingerprinting or cross-site identity) to understand aggregate usage patterns.
We may update this policy as the platform evolves. Material changes will be announced via email and a notice on the platform at least 14 days before taking effect. Continued use after the effective date constitutes acceptance.
Questions about this policy? Email privacy@delphistudio.org or visit our Help Center.