Privacy Policy
Effective Date: March 7, 2026
1. Information We Collect
Information You Provide
- Account data: Email address, name, password (hashed)
- Payment data: Processed and stored by Stripe. We never see or store your full credit card number.
- Study data: Quiz responses, flashcard progress, study session history
- Uploaded content: Chart work photos submitted to the AI checker
Information Collected Automatically
- Usage analytics: Pages visited, features used, session duration (via PostHog)
- Device info: Browser type, operating system, screen size
- Cookies: Authentication session cookies and analytics cookies
2. How We Use Your Information
- Provide and improve the Service
- Track your study progress and generate personalized recommendations
- Process payments and manage your account
- Send transactional emails (welcome, trial reminders, receipts)
- Analyze usage patterns to improve our product
- Respond to support requests
3. Third-Party Services
We share data with these services only as necessary to operate:
| Service | Purpose | Data Shared |
|---|---|---|
| Stripe | Payments | Email, payment info |
| Neon (PostgreSQL) | Database | Account & study data |
| PostHog | Analytics | Usage events, device info |
| Anthropic (Claude) | AI features | Study content, chart photos |
| Resend | Email delivery | Email address |
| Vercel | Hosting | Request logs |
4. Data Retention
We retain your account and study data as long as your account is active. You may request deletion at any time. Upon account deletion, we remove your personal data within 30 days. Anonymized analytics data may be retained indefinitely.
5. Your Rights
You have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Export your study progress data
- Opt out of analytics tracking
6. California Residents (CCPA)
California residents have additional rights under the CCPA, including the right to know what personal information is collected and the right to request deletion. We do not sell personal information. To exercise your rights, email us at info@nailthetest.com.
7. Children's Privacy
NailTheTest is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact us and we will delete it.
8. Security
We use industry-standard security measures: passwords are hashed with bcrypt, data is encrypted in transit (TLS), and payment processing is handled by PCI-compliant Stripe. No system is 100% secure — use a strong, unique password.
9. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be communicated via email. The effective date at the top reflects the latest revision.
10. Contact
Privacy questions? Email info@nailthetest.com.