Privacy Policy

Last updated: June 13, 2026

1. Introduction

MyEzSAT ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our educational platform. This policy applies to all users, including students, parents, and educators. Because our platform is designed for minors, we follow COPPA (Children's Online Privacy Protection Act) and FERPA (Family Educational Rights and Privacy Act) principles.

2. Information We Collect

2a. Information You Provide

  • Account information: name, email address, password (hashed)
  • Profile information: avatar selection, username
  • SAT scores you voluntarily enter for personalization
  • Messages sent to friends through the platform
  • Notes and study content you create

2b. Automatically Collected Information

  • Practice session data: questions answered, accuracy, time spent
  • Learning progress: XP earned, topics studied, streaks
  • Usage data: pages visited, features used, session duration
  • Device information: browser type, operating system (no device identifiers stored)

2c. Information We Do NOT Collect

  • Payment or financial information (no purchases required)
  • Precise geolocation
  • Biometric data
  • Social Security numbers or government IDs

3. How We Use Your Information

  • Educational service delivery: Personalize practice, generate recommendations, track progress
  • AI tutoring: Your question interactions are sent to Google Gemini API to generate responses. We do not share personal identifiers with AI providers.
  • Account management: Authentication, password recovery, account security
  • Safety and moderation: Detect and prevent abuse, enforce community guidelines
  • Service improvement: Analyze usage patterns to improve features (aggregated, anonymized)
  • Communications: Service updates, security alerts (no marketing without explicit consent)

4. Children's Privacy (COPPA)

Our Service is designed for students aged 13 and older. We do not knowingly collect personal information from children under 13. If you believe your child under 13 has created an account, contact us immediately at privacy@myezsat.com and we will delete the account.

For users aged 13–17:

  • Parents/guardians can request access to, correction of, or deletion of their child's data
  • Social features (messaging, friends) are limited to direct connections only — no public profiles visible to strangers
  • We do not serve targeted advertising to any users
  • Parental controls are available through the parent account feature

5. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

  • Service providers: Supabase (database/auth), Google Gemini (AI responses), Vercel (hosting). All under data processing agreements.
  • Legal requirements: If required by law, court order, or to protect safety
  • Other users: Your username and level are visible on leaderboards if your privacy setting is "public". Stats are only shared per your privacy preferences.

6. Data Security

  • Passwords are hashed and never stored in plain text
  • All data is transmitted over HTTPS/TLS encryption
  • Database access is restricted to authorized personnel only
  • We conduct regular security reviews
  • In case of a data breach, we will notify affected users within 72 hours

7. Your Rights and Choices

  • Access: Request a copy of your personal data
  • Correction: Update incorrect information in account settings
  • Deletion: Request account deletion — your data will be permanently removed within 30 days
  • Privacy settings: Control who sees your stats (public / friends only / private)
  • Data portability: Request an export of your practice history and progress data
  • Opt-out: Disable social features or leaderboard participation at any time

To exercise these rights, contact privacy@myezsat.com.

8. Data Retention

  • Active accounts: data retained while account is active
  • Deleted accounts: soft-deleted for 30 days, then permanently removed
  • Practice history: retained for the lifetime of the account to track progress
  • Messages: retained until explicitly deleted by participants

9. Cookies and Tracking

We use essential cookies only for authentication and session management. We do not use tracking cookies, advertising cookies, or cross-site tracking. We do not use Google Analytics, Facebook Pixel, or similar third-party trackers.

10. Third-Party Links

The platform may link to external resources (College Board, Khan Academy, Desmos). We are not responsible for the privacy practices of these external sites.

11. Changes to This Policy

We may update this policy periodically. Significant changes will be communicated via email and in-app notification. Continued use after changes constitutes acceptance.

12. Contact Us

For privacy inquiries, data requests, or concerns:

MyEzSAT Privacy Team
Email: privacy@myezsat.com
Response time: Within 5 business days