Skip to content

Privacy Policy


This privacy notice applies only to the and explains our practices concerning the collection, use, and disclosure of visitor information. Visitor information collected by will be used only as outlined in this privacy notice.

Other units at the university may collect and use visitor information in different ways. Therefore, visitors to other university websites should review the privacy notices for the particular sites they visit. is not responsible for the content of other websites or for the privacy practices of websites outside the scope of this notice.


Because Internet technologies continue to evolve rapidly, may make appropriate changes to this notice in the future. Any such changes will be consistent with our commitment to respecting visitor privacy, and will be clearly posted in a revised privacy notice.

Collection and Use

Data-objects allows you to upload neuroimaging data and store them on your project. All data stored in public projects can be accessed by users, and data stored in private projects can be accessed by the project members. User can also choose to publish data on private project through brainlife publications.

The ownership of all data uploaded, stored on remains with the original owner of the data and retains all copyright and license attributes. The data generated within would belong to the project members. allows administrators to access uploaded and generated data-objects stored in private projects when users request for troubleshooting or for investigating suspicious activities and other limited occasions.

Data Security

The archive data is currently stored on OSiRIS, the NSF founded distributed storage infrastructure. We are also exploring the use of OSN in the coming months. Only the brainlife administrator is authorized to access these storage systems, however, administrators of these storage systems may have access to the data. provides their users several shared computing resources including's own slurm clusters running on Jetstream, and various other XSEDE resources. These shared resources are enabled to all users by default, and when you submit jobs on brainlife, the data must be transferred to these remote computing resources. The data transfer between resources is encrypted by ssh/sha2 protocol with ssh keys encrypted by PBKDF2/sha512 algorithm.

The staged data and any data derivatives generated by Apps may be persisted up to 30 days (or shorter) on remote resources during which the administrators of those resources may have access to the data. All shared resources uses a single login account ("brlife") and only the brainlife service (amaretti) and the platform administrators have access to this account. brainlife platform then allows authorized users access to the data that belongs to the projects.

For monitoring and auditing information, please see "General Security" below.

Metadata will not use user's data to conduct any research activities unless you explicitly give permission to do so, however, we retains the right to collect "metadata" from users, including platform usage, number of contributions to the platform, and apps executed will be used to provide platform functionalities and to advance reproducible neuroscience research. We may also share this metadata anonymously and securely with our partners and collaborators in order to improve the platform functionality and user experience. Data collected from users will be ongoing, as long as you are registered for or actively using the platform. While we do aggregate personally identifiable information, no personally identifiable information will be shared with other entities, organizations, or within our research.

Passive/Automatic Collection

When you view pages on our site, the web server automatically collects certain technical information from your computer and about your connection including:

  • your IP address
  • the domain name from which you visit our site
  • user-specific information on which pages are visited
  • aggregate information on pages visited
  • the referring website
  • the date and time of visit
  • the duration of visit
  • your browser type
  • your screen resolution
  • Asset accessed on the platform

Continued use of our website indicates consent to the collection, use, and disclosure of this information as described in this notice.

This technical information is retained in detail for up to 180 days.

Active/Manual/Voluntary Collection

Other than automatically collected technical information about your visit (described above, or cookies, described below), we may ask you to provide information voluntarily, such as through forms or other manual input—in order to make products and services available to you, to maintain and manage our relationship with you, including providing associated services or to better understand and serve your needs. This information is generally retained as long as you continue to maintain a relationship with us. Your providing this information is wholly voluntary. However, not providing the requested information (or subsequently asking that the data be removed) may affect our ability to deliver the products or service for which the information is needed. Providing the requested information indicates your consent to the collection, use, and disclosure of this information as described in this notice. Information we may actively collect could include:

  • the email addresses of those who communicate with us via email
  • institution, name, biography and other public user profile information.
  • information volunteered by the visitor, such as preferences, survey information and/or site registrations

Information Used For Contact

The email address you provide during signup process will be used to identify you, and to send you newsletters and other information materials. The Brainlife team might contact you using that email address.

Information Sharing

We do not share any aggregate, non-personally identifiable information with other entities or organizations.

We do not share any personally identifiable information with other entities or organizations, except when legally required to do so, at the request of governmental authorities conducting an investigation, to verify or enforce compliance with the policies governing our website and applicable laws, or to protect against misuse or unauthorized use of our website.

Except as described above, we will not share any information with any party for any reason.

Except as provided in the Disclosure of Information section below, we do not attempt to use the technical information discussed in this section to identify individual visitors.


A cookie is a small data file that is written to your hard drive that contains information about your visit to a web page. If you prefer not to receive cookies, you may configure your browser not to accept them at all, or to notify and require approval before accepting new cookies. Some web pages/sites may not function properly if the cookies are turned off, or you may have to provide the same information each time you visit those pages.

Our site does not use cookies to store information about your actions or choices on pages associated with our site.


This site is not directed to children under 13 years of age, does not sell products or services intended for purchase by children, and does not knowingly collect or store any personal information, even in aggregate, about children under the age of 13. We encourage parents and teachers to be involved in children’s Internet explorations. It is particularly important for parents to guide their children when they are asked to provide personal information online.

Use of Third Party Services

This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses cookies (described above) to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including possibly your IP address) will be transmitted to and stored by Google.

For more information, please visit Google’s Privacy Policy.

Updating Inaccurate Information

In some cases, we will grant visitors the ability to update or correct inaccuracies in the information that we maintain.

Visitors may correct inaccuracies in:

  • contact information that we have on file

Visitors can have this information corrected by:

  • sending us email at the listed address
  • visiting us at the following URL:

Disclosure of Information

Other than sharing your information with other appropriate university personnel and units to ensure the quality, functionality, and security of our website, or manage your relationship with us, we will not disclose personally identifiable information about your use of the site except under the following circumstances:

  • With your prior written (including email) consent
  • When we have given you clear notice that we will disclose information that you voluntarily provide
  • With appropriate external parties, such as law enforcement agencies, in order to investigate and respond to suspected violations of law or university policy. Any such disclosures shall comply with all applicable laws and university policies.

General Security

Due to the rapidly evolving nature of information technologies, no transmission of information over the internet can be guaranteed to be completely secure. While both Indiana University and University of Texas are committed to protecting user privacy, we cannot guarantee the security of all information users transmit to university sites, and users do so at their own risk.

We have appropriate security measures in place in our physical facilities to protect against the loss, misuse, or alteration of information that we have collected from you at our site. For example, the data centers that house the Brainlife services are protected by multiple layers of physical access control including smart cards and/or biometric scanners.

In case of unauthorized access, we monitor all user Logins and activity and collect audit logs for up to 90 days and store them on a dedicated monitoring server. The log includes information such as authentication requests, data upload/download requests, job submissions, etc.

We will comply with all applicable federal, state and local laws regarding the privacy and security of user information.

Indiana University is not responsible for the availability, content, or privacy practices of non-university sites. Non-university sites are not bound by this site privacy notice policy and may or may not have their own privacy policies.

Privacy Notice Changes

From time to time, we may use visitor information for new, unanticipated uses not previously disclosed in our privacy notice.

We will post the policy changes to our website to notify you of these changes and provide you with the ability to opt out of these new uses. If you are concerned about how your information is used, you should check back at our website periodically.

Visitors may prevent their information from being used for purposes other than those for which it was originally collected by sending us an email at the listed address below.

Contact Information

If you have questions or concerns about this policy, please contact us.

ATTN: Franco Pestilli
The University of Texas at Austin
108 E Dean Keeton St, Austin, TX 78712
Department of Psychology

If you feel as though this site’s privacy practices differ from the information stated, you may contact us at the listed address or phone number.

If you feel that this site is not following its stated policy and communicating with the owner of this site does not resolve the matter, or if you have general questions or concerns about privacy or information technology policy at The University of Texas at Austin