Privacy notice for Daylight access and publication.

For access applications we store name, email, affiliation, intended use, and any optional profile URL you submit.

For approved access we store status, code issue and revocation events, and basic sign-in metadata such as last successful access time and client IP.

For public Daylight outputs we publish aggregate indicators only, not row-level application records or individual access credentials.

To review whether restricted access is appropriate for a given researcher or institution.

To issue, revoke, and audit approved access credentials.

To protect the site against abuse, scraping, and repeated unauthorized access attempts.

Pending and decided access applications are retained only for Daylight governance, access review, revocation, and audit needs.

Auth events and rate-limit records are retained for operational security and may be pruned periodically.

Application details may be corrected, updated, or deleted on request where appropriate.

We do not publish personal researcher application records.

We do not expose access codes, raw auth logs, or raw listing-level public records through the site.

We do not describe protected source-level collection details on the public methods layer.