// Trust & Security Report
Scholarcy Limited (UK company; acquired by Texthelp Group, October 2024; Texthelp rebranded to Everway in January 2025)
AI research-summarization tool that converts papers, articles, book chapters and videos into interactive 'flashcard' summaries. Sub-products: free web Article Summarizer, Scholarcy browser extension, paid individual Scholarcy Plus, and Scholarcy Library (institutional license, priced from ~$8,000/year, FTE-based). A separate Scholarcy metadata/synopsis API existed for publishers but is described in current terms as a historical/legacy product no longer commercially available (IP now held by Everway).
Certifications held
1
Maturity
Growth
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on scholarcy.com“Scholarcy allows you to request details of personal information held about you under the Data Protection Act 2018 and the UK General Data Protection Regulations (UK GDPR)... store data via secure third party servers within the EEA.”
> Show 8 unconfirmed / not-held certifications
source: scholarcy.comNo public evidence. Scholarcy's own /security page describes AWS hosting, encryption, and code-scanning tools (Dependabot, Snyk, Secrets Scanner) but makes no mention of a SOC 2 report or audit.
source: scholarcy.comNo public evidence on scholarcy.com. Note: parent company Everway (formerly Texthelp, which acquired Scholarcy in Oct 2024) is reported elsewhere to hold ISO 27001, but this is a group-level claim on Everway's own trust/compliance pages, not a statement on Scholarcy's own domain, and its scope over the standalone Scholarcy product is unconfirmed.
source: scholarcy.comNo public evidence. Scholarcy is a general research/academic summarization tool, not marketed for handling protected health information; no HIPAA statement found on scholarcy.com.
source: scholarcy.comThey do not store credit card or any other sensitive information; payment services are handled by Stripe. This indicates PCI scope is offloaded to Stripe rather than a direct Scholarcy PCI DSS attestation; no such attestation is published.
source: scholarcy.comNo public evidence found on scholarcy.com.
source: scholarcy.comNo public evidence found on scholarcy.com.
source: scholarcy.comNo public evidence; Scholarcy is not marketed as a US federal government product.
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Not offered
Data region
EEA (privacy policy states data is stored via secure third-party servers within the EEA); infrastructure hosted on AWS per the security page.
Could not confirm from a verified vendor-domain (scholarcy.com) source whether uploaded/processed documents are used to train Scholarcy's AI/ML models. IMPORTANT: a search-engine synthesis of 'Scholarcy privacy policy AI training' returned quoted language about training AI/ML models 'developed by Scholarly' — this text belongs to a different, similarly-named company ('Scholarly.so' / scholarlysoftware.com, a separate AI research/faculty-management product), not to Scholarcy Limited. That result was identified as a likely identity conflation and excluded from this assessment. No standalone Data Processing Agreement (DPA) page was located on scholarcy.com; the privacy policy states both parties will comply with 'Data Protection Legislation' but does not present a self-serve DPA document.
// Security controls
Encryption in transit and at rest
Scholarcy's security page states data is encrypted at rest and in transit for all customers.
scholarcy.comHosting infrastructure
Hosted on Amazon Web Services (AWS); application deployed via containers running on AWS-managed services, using AWS ecosystem security protocols.
scholarcy.comCode / dependency security tooling
Uses Dependabot, Snyk, and a secrets scanner to secure software code, scripts, and containers through the development process.
scholarcy.comBrowser extension review
The Scholarcy browser extension has passed the automated and manual security review processes of the Google, Microsoft, and Mozilla extension stores (store vetting, not an independent third-party security certification).
scholarcy.comPayment data handling
Scholarcy does not store credit card or other sensitive payment information; payments are processed by Stripe.
scholarcy.com// Products & data scope
data: Individual documents/URLs a user submits for summarization; up to a limited number of free summaries per month.
No account-level enterprise controls; same underlying privacy policy as paid tiers.
data: User's uploaded documents, saved flashcards, notes, and library collections.
Unlimited summarization, enhanced summaries, note-taking, and export features.
data: Organization-wide document libraries, shared collections, integrations with Google Drive, Dropbox, RSS, and reference managers.
Priced from roughly $8,000/year based on FTE count; no separate/stronger security claims found for this tier versus the consumer product on scholarcy.com.
data: Bulk document metadata and synopsis extraction for publishers/aggregators.
Referenced in current terms of service as a legacy/historical product no longer commercially available; intellectual property now held by Everway. Treat as not currently offered.
// What to watch
- Identity-conflation risk found and excluded: a search for Scholarcy's AI-training data policy returned quoted language belonging to 'Scholarly' (scholarly.so / scholarlysoftware.com), a different, similarly-named company. That content was NOT used in this assessment, but the risk of future conflation between 'Scholarcy' and 'Scholarly' should be flagged for anyone doing follow-up research.
- Parent-company cert ambiguity: Scholarcy was acquired by Texthelp Group (Oct 2024), which rebranded to Everway (Jan 2025). Everway/Texthelp is reported elsewhere to hold ISO 27001 and to be COPPA/FERPA/GDPR compliant at the group level, but Scholarcy's own site does not claim these certifications and it is unconfirmed whether the Everway ISO 27001 scope extends to the standalone Scholarcy product/domain. Do not list ISO 27001 as held for Scholarcy without direct vendor-domain confirmation.
- No standalone DPA (Data Processing Agreement) document was located on scholarcy.com; institutional customers should confirm DPA availability directly with Scholarcy/Everway sales.
- AI-training posture on user-submitted documents (papers, PDFs) could not be confirmed from a verified vendor-domain source; this is a material gap for research/institutional customers concerned about confidentiality of unpublished or sensitive manuscripts.
// At a glance
Pricing model
Freemium: free tier (limited monthly summaries) plus paid individual subscription (~$9.99/month or ~$90/year) and institutional licensing (from ~$8,000/year by FTE).
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Scholarcy Limited (UK company; acquired by Texthelp Group, October 2024; Texthelp rebranded to Everway in January 2025)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-09. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
scholarcy.com