Privacy Policy

This Policy applies to end users of the consumer Service. If you interact with us as a job applicant, vendor, or employee, separate notices may apply.

For personal data you provide directly through the Service, we generally act as the primary controller.

Information you provide: such as name, email, hashed password, optional profile photo, study content you create or import (text, images, questions), and messages to support.

Social login: if you choose Google, Facebook, or another provider, we may receive basic identifiers (e.g., name, email) as authorized by that provider.

Device and usage data: such as device type, OS, approximate IP-derived region, time zone, and event logs (pages viewed, errors, session length) to operate, secure, and improve the product.

Cookies and similar technologies: see Section 6.

Provide and personalize the Service (sign-in, sync materials, sharing according to your settings).

Operate AI/OCR features you trigger and improve reliability within technical and legal limits.

Send transactional notices (account, security) and, where permitted, product updates.

Detect abuse, protect security, and comply with law.

Use aggregated or de-identified analytics to understand performance.

Depending on your region, we may rely on: performing our contract with you; legitimate interests (security, product improvement); your consent (e.g., marketing); legal obligations.

Service providers (hosting, transactional email, payments, analytics) receive the minimum data needed and are bound by confidentiality obligations.

Legal and safety: we may disclose information when required by law, court order, or government request, or to protect rights, safety, and integrity of users and the Service.

Business transfers: in a merger, acquisition, or asset sale, data may transfer subject to safeguards; we will notify as required.

Visibility you control: when you enable public sharing or invite learners/classes, information may be accessible to invitees as you configure.

We use cookies and similar technologies to maintain sessions, remember preferences such as language, and measure errors and performance. You can block cookies in your browser; some features may not work fully.

We retain information as long as needed to provide the Service and meet legal obligations. After you delete an account or content, we delete or de-identify it per policy and law (backup copies may persist for a limited period).

We use appropriate technical and organizational measures (encryption in transit, access controls, logging). No system is perfectly secure; please protect your password and use MFA if available.

The Service is not directed at children below the age where parental consent is required in your region. If you believe a child provided data, email [email protected] so we can take appropriate steps.

Our servers or providers may be located outside your country. Where we transfer data across borders, we use appropriate safeguards under applicable law.

Depending on applicable law, you may have rights to access, correct, delete, restrict processing, object, withdraw consent, and lodge a complaint with a supervisory authority. To exercise these rights, email [email protected]; we may verify your identity before fulfilling requests.

When we make material updates, we will revise the “Last updated” date and, if appropriate, provide in-app or email notice.

Privacy questions: email [email protected].