Sign In

Privacy Policy

Last updated: March 31, 2026

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and authentication method (email/password or Google). If you sign in with Google, we receive your Google profile name, email, and profile photo URL.

Payment Information

Payments are processed by Stripe. We do not store your credit card number, CVC, or billing address. We store your Stripe customer ID to manage your subscription.

Usage Data

We track which lessons you have completed and which resources you have favorited. This data is tied to your user ID and used to provide progress tracking and personalized features.

2. How We Use Your Information

  • Authenticate you and manage your account
  • Process payments and manage subscriptions
  • Track your course progress and favorites
  • Send transactional emails (purchase confirmations, etc.)
  • Improve the Platform

We do not sell your personal data. We do not use your data for advertising.

3. Third-Party Services

We use the following third-party services:

  • Firebase Authentication — identity management and session tokens
  • Cloud Firestore — database for user data, enrollments, and progress
  • Stripe — payment processing and subscription management
  • Vimeo — video hosting (embedded with DNT enabled and cookies disabled)
  • Vercel — hosting and deployment

Each service has its own privacy policy. We configure these services to minimize data collection where possible (e.g., Vimeo DNT mode, YouTube no-cookie domain).

4. Cookies

We use a single HttpOnly session cookie (__session) for authentication. This cookie is essential for the Platform to function and cannot be opted out of. We do not use tracking cookies, analytics cookies, or advertising cookies.

5. Data Retention

Your data is retained as long as your account is active. When you delete your account, all personal data, progress, favorites, and enrollment records are permanently removed from our systems. Stripe may retain payment transaction records as required by financial regulations.

6. Your Rights

You have the right to:

  • Access your data — visible on your Settings page
  • Delete your account and all associated data at any time from Settings
  • Cancel your subscription at any time
  • Export — contact us for a copy of your data

7. Security

We implement security measures including: HttpOnly session cookies with server-side verification, Stripe webhook signature validation, server-side access control for all content, input validation on all user-supplied data, security headers (HSTS, X-Frame-Options, X-Content-Type-Options), and Firestore security rules denying all client-side access.

8. Children’s Privacy

The Platform is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or a notice on the Platform.

10. Contact

Privacy questions? Reach out via Discord or through the links on our About page.