Privacy Policy
Effective Date: March 7, 2026
1. Information We Collect
Information You Provide
- Account data: Email address, name, password (hashed)
- Payment data: Processed and stored by Stripe. We never see or store your full credit card number.
- Study data: Quiz responses, flashcard progress, study session history
- Uploaded content: Chart work photos submitted to the AI checker
Information Collected Automatically
- Usage analytics: Pages visited, features used, session duration (via PostHog)
- Device info: Browser type, operating system, screen size
- Cookies: Authentication session cookies and analytics cookies
2. How We Use Your Information
- Provide and improve the Service
- Track your study progress and generate personalized recommendations
- Process payments and manage your account
- Send transactional emails (welcome, trial reminders, receipts)
- Analyze usage patterns to improve our product
- Respond to support requests
3. Third-Party Services
We share data with these services only as necessary to operate:
| Service | Purpose | Data Shared |
|---|---|---|
| Stripe | Payments | Email, payment info |
| Neon (PostgreSQL) | Database | Account & study data |
| PostHog | Analytics | Usage events, device info |
| Anthropic (Claude) | AI features | Study content, chart photos |
| Resend | Email delivery | Email address |
| Vercel | Hosting | Request logs |
4. Data Retention
We retain your account and study data as long as your account is active. You may request deletion at any time. Upon account deletion, we remove your personal data within 30 days. Anonymized analytics data may be retained indefinitely.
5. Your Rights
You have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Export your study progress data
- Opt out of analytics tracking
6. California Residents (CCPA)
California residents have additional rights under the CCPA, including the right to know what personal information is collected and the right to request deletion. We do not sell personal information. To exercise your rights, email us at info@nailthetest.com.
7. Children's Privacy & COPPA Compliance
NailTheTest serves high school and college students, including users under 18. We take the following measures to protect younger users:
- Users under 13: We do not knowingly collect personal information from children under 13 without verifiable parental consent. If you are under 13, you must have a parent or guardian create an account on your behalf using the Parent Dashboard.
- Users 13-17: We encourage parental involvement through our Parent Dashboard, which allows parents to monitor study progress without accessing the student's account directly.
- Minimal data collection: We collect only what is necessary for the service to function: email, name, and study progress. We do not collect location data, phone numbers, or social media profiles from any users.
- AI interactions are not stored: Conversations with the AI tutor are processed in real-time and are not permanently stored or used for training. Student names are not sent to the AI provider.
- No behavioral advertising: We do not serve targeted ads to any users. Analytics data is used only to improve the product.
- Parental rights: Parents may review, request deletion of, or refuse further collection of their child's data at any time by emailing info@nailthetest.com.
If you believe a child under 13 has provided us with personal information without parental consent, contact us immediately and we will delete it.
8. Security
We use industry-standard security measures: passwords are hashed with bcrypt, data is encrypted in transit (TLS), and payment processing is handled by PCI-compliant Stripe. No system is 100% secure — use a strong, unique password.
9. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be communicated via email. The effective date at the top reflects the latest revision.
10. Contact
Privacy questions? Email info@nailthetest.com.