Privacy Policy

Effective date: April 26, 2025

1. Information We Collect

When you create an account we collect your email address and, optionally, your display name. If you subscribe to a paid plan, payment is processed by Dodo Payments — we never store your card details.

We automatically collect usage data such as pages visited, exam sessions started, features used, and performance telemetry to improve the product. This data is associated with your account when you are signed in, and with an anonymous session ID otherwise.

2. How We Use Your Information

  • To provide, operate, and improve the Exam Coach service.
  • To send transactional emails (e.g. password reset, payment receipts).
  • To personalise your study experience and track your progress.
  • To detect and prevent fraud or abuse.
  • To comply with legal obligations.

We do not sell your personal data to third parties and do not use it to serve third-party advertising.

3. Cookies and Tracking

We use strictly necessary cookies to maintain your authenticated session. We may use analytics cookies (e.g. Vercel Analytics) to understand aggregate usage patterns. No cross-site tracking cookies are set.

4. Data Sharing

We share data only with the following categories of sub-processors:

  • Supabase — authentication and database hosting.
  • Dodo Payments — payment processing.
  • Anthropic / OpenAI — AI tutor responses (your questions are sent to generate answers; we do not store them on third-party servers beyond the API call).
  • Vercel — application hosting and edge infrastructure.

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account, your personal data is deleted within 30 days, except where we are required to retain it for legal or tax purposes (e.g. payment records for 7 years).

6. Your Rights

Depending on your jurisdiction you may have the right to access, correct, export, or delete your personal data. To exercise any of these rights, email us at privacy@examcoach.io.

EEA/UK users: we process your data on the basis of contract performance (to deliver the service) and legitimate interests. You have the right to lodge a complaint with your local supervisory authority.

7. Security

All data is transmitted over TLS. Passwords are hashed by Supabase Auth and never stored in plain text. We follow industry-standard practices to protect your information, but no system is 100% secure.

8. Children

Exam Coach is not directed at children under 16. We do not knowingly collect data from anyone under 16. If you believe we have collected data from a child, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated by email or a prominent notice on the site at least 14 days before they take effect.

10. Contact

Questions? Email privacy@examcoach.io.