Privacy Policy

Last Updated: November 5, 2024

1. Introduction

Classync ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered learning assistant platform.

By using Classync, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us:

  • Account Information: Email address, name, password (encrypted)
  • Profile Data: Optional profile information, preferences, and settings
  • Course Information: Course names, sections, semesters, lecture titles
  • Uploaded Content: Audio/video lecture recordings, notes, and any materials you upload
  • Quiz Responses: Your answers to AI-generated quizzes and your performance data
  • Communication: Messages you send to our support team

2.2 Automatically Collected Information

When you use Classync, we automatically collect:

  • Usage Data: Features you use, pages visited, time spent, actions taken
  • Device Information: Browser type, operating system, device type, IP address
  • Cookies and Tracking: Session data, authentication tokens, preferences
  • Performance Data: Processing times, error logs, feature usage statistics

2.3 AI Processing Data

To provide our AI-powered features:

  • Transcripts: Text transcriptions of your lecture audio/video generated by Groq Whisper API
  • Summaries: AI-generated summaries, key points, examples from your lectures (powered by OpenAI GPT-4)
  • Quizzes: AI-generated questions and answers based on lecture content (powered by OpenAI GPT-4)
  • Analysis Data: Performance analytics and personalized recommendations

3. How We Use Your Information

We use your information to:

  • Provide the Service: Process lectures, generate transcripts, create summaries and quizzes
  • Personalization: Customize your experience and provide personalized study recommendations
  • Account Management: Create and manage your account, handle authentication
  • Communication: Send service updates, respond to support requests, provide important notices
  • Billing: Process payments and manage subscriptions through Paddle
  • Improvement: Analyze usage patterns to improve features and fix bugs
  • Security: Detect fraud, prevent abuse, and protect user data
  • Legal Compliance: Comply with legal obligations and enforce our Terms of Service

4. How We Share Your Information

We do not sell your personal data. We share information only in these limited circumstances:

4.1 Service Providers

  • Supabase: Database, authentication, and file storage (data hosted in secure cloud infrastructure)
  • Groq: AI transcription processing using Whisper API. Groq does not use your data to train their models.
  • OpenAI: AI content generation for summaries, quizzes, and recommendations (GPT-4). OpenAI does not use API data to train their models per their API terms.
  • Paddle: Payment processing and subscription management. Paddle handles all payment card data; we never store your full payment information.
  • Hosting Provider: Vercel for application hosting and deployment

4.2 Legal Requirements

We may disclose your information if required to:

  • Comply with legal obligations, court orders, or government requests
  • Protect the rights, property, or safety of Classync, users, or the public
  • Investigate fraud, security issues, or Terms of Service violations

4.3 Business Transfers

If Classync is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

5. Data Storage and Security

5.1 Where We Store Data

  • Database: User accounts, course data, transcripts, and quiz data stored in Supabase (PostgreSQL)
  • File Storage: Lecture audio/video files stored in Supabase Storage with encryption
  • Geographic Location: Data stored on servers located in the United States

5.2 Security Measures

We implement industry-standard security practices:

  • Encryption: Data encrypted in transit (HTTPS/TLS) and at rest
  • Authentication: Secure password hashing (bcrypt), session management
  • Access Controls: Row Level Security (RLS) in database, role-based access
  • Monitoring: Regular security audits and vulnerability assessments
  • Backups: Regular automated backups with secure storage

However, no security system is impenetrable. We cannot guarantee absolute security of your data, and you use the Service at your own risk.

6. Data Retention

We retain your information as follows:

  • Active Accounts: Account and content data retained while your account is active
  • Deleted Accounts: Most data deleted within 90 days of account deletion
  • Legal Retention: Some data retained longer for legal, tax, or business purposes
  • Backups: Data in backups deleted according to our backup retention schedule
  • Aggregated Data: Anonymous aggregated statistics may be retained indefinitely

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Portability: Export your data in a machine-readable format
  • Opt-Out: Unsubscribe from marketing emails (service emails required)
  • Withdraw Consent: Revoke consent for data processing where applicable
  • Object: Object to certain types of data processing

To exercise these rights, contact us at classync.sup@gmail.com. We will respond within 30 days.

8. Cookies and Tracking Technologies

Classync uses cookies and similar technologies for:

  • Essential Cookies: Authentication, session management, security (required for service)
  • Functional Cookies: Remember preferences, settings, and selections
  • Analytics: Understand usage patterns and improve the service (optional)

You can control cookies through your browser settings, but disabling essential cookies may impact functionality.

9. Third-Party Services

Classync integrates with third-party services:

  • Groq: Subject to Groq's API terms and privacy policy. Groq does not use API data for training.
  • OpenAI: Subject to OpenAI's API terms and privacy policy. OpenAI does not use API data for training.
  • Paddle: Payment processing subject to Paddle's privacy policy
  • Supabase: Infrastructure subject to Supabase's privacy policy

We are not responsible for third-party privacy practices. We encourage you to review their privacy policies.

10. Children's Privacy

Classync is designed for students age 13 and older. We do not knowingly collect personal information from children under 13. If you are under 13, do not use the Service or provide any personal information.

If we learn that we have collected information from a child under 13, we will delete it immediately. If you believe we have collected information from a child under 13, please contact us at classync.sup@gmail.com.

11. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

By using Classync, you consent to the transfer of your information to the United States and other countries where our service providers operate. We take steps to ensure appropriate safeguards are in place for international transfers.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected and how it's used
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising CCPA rights

To exercise these rights, contact us at classync.sup@gmail.com with "CCPA Request" in the subject line.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right to access, rectification, erasure, and restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

Our legal basis for processing includes: consent, contract performance, legal obligations, and legitimate interests.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.

We will notify you of material changes by email or through a prominent notice in the Service. The "Last Updated" date at the top indicates when the policy was last revised. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: classync.sup@gmail.com
Website: https://classync-new.vercel.app
Subject Line: "Privacy Inquiry" or "Data Request"

We will respond to your request within 30 days.

By using Classync, you acknowledge that you have read and understood this Privacy Policy and agree to our data practices as described herein.