Privacy Policy

1. Introduction

Welcome to predictexam.ai ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered exam preparation platform.

This policy applies to users worldwide, including those in the European Union (EU), European Economic Area (EEA), United Kingdom (UK), United States, and other jurisdictions with data protection laws.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, and profile picture when you create an account (including via Google Sign-In)
• Study Materials: Documents, images, PDFs, and other files you upload for exam generation
• Exam Responses: Your answers to practice exams and flashcard interactions
• Payment Information: Processed securely through Stripe; we do not store credit card numbers
• Communications: Messages you send to our support team

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, exam performance statistics
• Device Information: Browser type, operating system, device identifiers
• Log Data: IP address, access times, referring URLs
• Cookies: Essential and analytics cookies (see Section 8)

3. How We Use Your Information

We use your information for the following purposes:

• Service Delivery: To generate personalized exams and flashcards from your study materials
• Account Management: To create and manage your account, process payments
• Improvement: To analyze usage patterns and improve our AI algorithms and user experience
• Communication: To send service updates, security alerts, and support messages
• Legal Compliance: To comply with applicable laws and protect our legal rights

4. Legal Basis for Processing (GDPR)

For users in the EU/EEA/UK, we process your personal data based on:

• Contract Performance: Processing necessary to provide our services to you
• Legitimate Interests: Improving our services, fraud prevention, security
• Consent: For optional analytics cookies and marketing communications
• Legal Obligation: When required by applicable laws

5. Data Sharing and Disclosure

We may share your information with:

• Service Providers:
  • Google (Firebase Authentication, Firestore Database, Cloud Storage)
  • Google Gemini AI (for exam generation - your materials are processed but not stored by Google for training)
  • Stripe (payment processing)
  • Vercel (hosting)
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal information to third parties.

6. Your Rights

6.1 For All Users

• Access: Request a copy of your personal data
• Deletion: Delete your account and all associated data via Settings
• Update: Correct inaccurate information in your account

6.2 Additional Rights (EU/EEA/UK - GDPR)

• Data Portability: Receive your data in a structured, machine-readable format
• Restriction: Request limitation of processing in certain circumstances
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time for consent-based processing
• Lodge Complaint: File a complaint with your local data protection authority

6.3 Additional Rights (California - CCPA/CPRA)

• Know: Request disclosure of personal information collected
• Delete: Request deletion of personal information
• Opt-Out: Opt out of the sale/sharing of personal information (we do not sell data)
• Non-Discrimination: Not be discriminated against for exercising your rights

To exercise these rights, contact us at privacy@predictexam.ai or use the account deletion feature in Settings.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Upon account deletion, we delete your data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, legal claims).

• Account data: Deleted upon request
• Study materials: Deleted immediately upon account deletion
• Exam history: Deleted upon account deletion
• Payment records: Retained for 7 years for tax/legal compliance

8. Cookies and Tracking

We use the following types of cookies:

• Essential Cookies: Required for authentication and security (always active)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how you use our service (with consent)

You can manage cookie preferences through our cookie banner or your browser settings.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your residence, including the United States. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data processing agreements with our service providers
• Compliance with the EU-US Data Privacy Framework where applicable

10. Data Security

We implement industry-standard security measures to protect your data:

• Encryption in transit (TLS/HTTPS) and at rest
• Secure authentication via Firebase Authentication
• Regular security assessments and updates
• Access controls and audit logging

11. Children's Privacy

Our service is not directed to children under 13 (or 16 in the EU/UK). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we may also notify you via email.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us: