PsyCloud
Open Studio

Privacy

PsyCloud is designed for behavioral research workflows where the study owner decides what to collect. The platform stores the operational records needed to host a run, serve participants, record telemetry, monitor progress, and export data.

Researcher accounts

Researcher accounts may include email address, display name, password hash or OAuth account link, workspace memberships, refresh tokens, verification/reset tokens, and connector setup records. OAuth access is provider-scoped when configured. Production deployments must use real secrets and explicit CORS origins.

Participant sessions

Participant runtime data can include:

  • Pseudonymous subject/session/run identifiers.
  • Recruitment references, completion codes, and provider status when a provider workflow is used.
  • Trial events, responses, timing, accuracy, branch decisions, error reports, and heartbeat/cursor state.
  • Uploaded or referenced assets needed to render the study.
  • Free-text or form responses if the study author asks for them.

PsyCloud does not require direct participant identifiers for ordinary task data. Researchers should avoid collecting direct identifiers unless the approved protocol requires them.

Cookies and tokens

The web application uses authentication and session tokens to keep researchers logged in and to let participants resume or complete a hosted session. Session tokens are hashed server-side. Token lifetimes are configuration-driven; production deployments should keep them short and rotate secrets when required.

Recruitment platforms

Prolific and MTurk workflows require platform-specific identifiers, status, and completion or review metadata. PsyCloud uses those records to create studies/HITs, verify completion, reconcile remote status, and support payment/review workflows. Researchers remain responsible for provider terms, compensation, screening criteria, and participant communications.

Researcher responsibilities

  • Use consent language that names the institution or lab responsible for the study.
  • Explain what data is collected, how it will be used, and how participants can withdraw where applicable.
  • Do not put secrets, private keys, or unapproved identifiers into study content, assets, or trial variables.
  • Review exports before sharing them; free-text fields and provider references may need redaction.
  • Use the institution-approved storage and retention plan for downloaded datasets.

Contact and deletion

In the hosted alpha, deletion and retention changes are operator-mediated. In self-hosted deployments, the local administrator controls the database, object storage, backups, and deletion procedures.

See Data Governance for retention boundaries.