I've wanted to add some kind of personalisation to HubMed for a while - not for personalised search results, but for recommendations of papers you might have missed, based on articles you've read and tagged. The trouble is that I've always been wary of collecting people's searches, as knowing that's happening can make using a website less pleasant (as a subconscious feeling). Nevertheless, in order to try out recommendations HubMed needs to collect some data on what people are looking at. Storing people's searches isn't necessarily a problem - by using a web site you're generally trusting that the person running the site will have access to server logs. The worry is that someone else could get access to the server, especially when search data is linked to a personal identifier stored in a cookie.
So I've added a short privacy page - not a proper legal one, but enough of a description of what's actually stored to allow anyone to make up their mind if that's a problem. At the moment, users get an identifier stored in a cookie, which can be deleted manually from the privacy page at any time and will obviously disappear if the browser's cookies are cleared.
To improve (theoretical, so far) personalised recommendations, logging in—either manually or by tagging an article—will associate the current cookie-based identifier with the logged-in user account. This will allow data to continue to be collected even when the cookie-based identifier is changed (eg when using a different web browser or computer, or after clearing cookies). Equally, all past cookie identifiers can be dissociated from a user's account at any time via the privacy page (but hopefully no-one will want to do this often as it will wipe out useful data).