Privacy Policy

Last updated: January 2025

1. Information We Collect

We collect information you provide directly to us, such as when you:

  • Create an account or subscribe to our service
  • Upload content (YouTube URLs, PDF documents) for AI-powered question generation
  • Complete practice questions, assessments, and SAT simulations
  • Contact us for support, feedback, or technical assistance
  • Participate in surveys, beta testing, or promotional activities
  • Join our Discord community or social media platforms

Types of information collected:

  • Personal Information: Full name, email address, profile information, and preferences
  • Account Information: Username, encrypted password, subscription details, billing information
  • Educational Content: Uploaded documents, YouTube URLs, generated questions, study materials
  • Learning Analytics: Practice scores, time spent, progress tracking, performance metrics
  • Technical Data: IP address, browser type, device information, operating system, screen resolution
  • Communication Data: Support tickets, feedback messages, community interactions
2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and continuously improve our AI-powered SAT preparation platform
  • Generate personalized practice questions and study materials using advanced AI algorithms
  • Track your learning progress, performance analytics, and provide detailed insights
  • Process payments, manage subscriptions, and handle billing inquiries
  • Send you important technical notices, platform updates, and security alerts
  • Respond to your inquiries, provide customer support, and resolve technical issues
  • Develop new features, enhance user experience, and optimize platform performance
  • Ensure platform security, prevent fraud, and protect user data
  • Conduct research and analytics to improve educational outcomes
  • Comply with legal obligations and regulatory requirements
3. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties, except:

  • Service Providers: We may share information with trusted third-party service providers who assist us in operating our platform, including payment processors (Stripe), cloud storage providers (AWS), analytics services (Google Analytics), email services, and AI processing services
  • Educational Partners: We may share anonymized, aggregated learning data with educational research institutions to improve SAT preparation methodologies
  • Legal Requirements: When required by law, regulation, court order, or legal process, including responding to government requests
  • Safety and Security: To protect the rights, property, or safety of CurioLearn, our users, or others, including preventing fraud and security breaches
  • Business Transfers: In connection with any merger, sale of assets, acquisition, or other business transaction
  • Consent: With your explicit consent for any other purpose not covered in this policy
4. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Data Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256 encryption)
  • Security Assessments: Regular penetration testing, vulnerability assessments, and security audits
  • Access Controls: Multi-factor authentication, role-based access controls, and principle of least privilege
  • Monitoring & Detection: 24/7 security monitoring, intrusion detection systems, and automated threat response
  • Infrastructure Security: Secure cloud infrastructure (AWS), regular security patches, and disaster recovery plans
  • Employee Training: Regular security awareness training and strict confidentiality agreements
  • Incident Response: Comprehensive incident response procedures and breach notification protocols
5. Data Retention

We retain your information for as long as necessary to:

  • Provide our services and maintain your account (while your account is active)
  • Comply with legal obligations, regulatory requirements, and resolve disputes
  • Improve our services, develop new features, and conduct research
  • Maintain security and prevent fraud (typically 7 years for financial records)

Data Retention Periods:

  • Account Data: Retained while your account is active, deleted within 30 days of account closure
  • Learning Analytics: Retained for 3 years to track long-term progress and improve services
  • Billing Information: Retained for 7 years as required by financial regulations
  • Support Communications: Retained for 2 years for quality assurance and dispute resolution

You may request deletion of your account and associated data at any time by contacting us at privacy@curiolearn.co. We will process your request within 30 days.

6. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request access to your personal information and receive a copy of your data
  • Correction: Update or correct inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (right to be forgotten)
  • Portability: Request a copy of your data in a structured, machine-readable format
  • Opt-out: Unsubscribe from marketing communications and promotional emails
  • Restrict Processing: Limit how we use your information in certain circumstances
  • Object: Object to processing of your personal information for direct marketing
  • Withdraw Consent: Withdraw your consent for data processing where consent is the legal basis

To exercise these rights, please contact us at privacy@curiolearn.co. We will respond to your request within 30 days and may require verification of your identity.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential Cookies: Remember your login status, preferences, and maintain session security
  • Analytics Cookies: Analyze usage patterns, track performance, and improve our services
  • Functional Cookies: Provide personalized content, recommendations, and enhanced user experience
  • Security Cookies: Ensure platform security, prevent fraud, and detect suspicious activity
  • Marketing Cookies: Deliver relevant advertisements and measure campaign effectiveness (with your consent)

Cookie Management: You can control cookie settings through your browser preferences. Note that disabling certain cookies may affect the functionality of our platform. You can also manage your cookie preferences through our cookie consent banner.

8. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take immediate steps to delete such information and notify the child's parent or guardian.

COPPA Compliance: We comply with the Children's Online Privacy Protection Act (COPPA) and similar international regulations. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@curiolearn.co.

Age Verification: Users between 13-17 years of age may use our service with parental consent. We recommend parental supervision for all users under 18.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States, where our servers are located. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.

Data Transfer Safeguards: We implement appropriate technical and organizational measures to ensure your data is protected during international transfers, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by relevant data protection authorities
  • Binding Corporate Rules for multinational transfers
  • Certification schemes and codes of conduct

GDPR Compliance: For users in the European Union, we comply with the General Data Protection Regulation (GDPR) and provide additional rights and protections as outlined in this policy.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page with an updated "Last updated" date
  • Sending you an email notification to the address associated with your account
  • Displaying a prominent notice on our platform
  • Providing additional notice for significant changes that may affect your rights

Your continued use of our service after any changes to this Privacy Policy constitutes acceptance of the updated terms. If you do not agree with the changes, you may close your account or contact us to discuss your concerns.

11. Contact Us

If you have any questions about this Privacy Policy, your data rights, or our privacy practices, please contact us:

  • Email: privacy@curiolearn.co
  • Data Protection Officer: dpo@curiolearn.co
  • Support: support@curiolearn.co
  • Discord Community: Join our Discord server

Response Time: We aim to respond to all privacy-related inquiries within 30 days. For urgent matters, please use our Discord community for faster assistance.

Regulatory Authority: If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with your local data protection authority.