At CertStud, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our platform.
1. Information We Collect
1.1 Personal Information
When you create an account or use our services, we may collect:
Name and email address (through Clerk authentication)
Profile information you choose to provide
Payment information (processed securely by Clerk Billing powered by Stripe - we do not store credit card details)
Billing address and payment method details (stored by Stripe, not on our servers)
Subscription plan information and billing history
Communication preferences and notification settings
1.2 Usage Information
Study progress and performance data
Practice exam scores and completion times
Learning activities and time spent on platform
Device information and browser type
IP address and location data
1.3 Analytics Information
We use Google Analytics to understand how users interact with our platform. This includes page views, session duration, and user flow patterns.
2. How We Use Your Information
We use the information we collect to:
Provide and maintain our certification study platform
Process your subscription and payments
Track your study progress and provide personalized recommendations
Send you important updates about your account or our services
Improve our platform and develop new features
Provide customer support and respond to your inquiries
Analyze usage patterns to enhance user experience
Comply with legal obligations
3. How We Share Your Information
3.1 Service Providers
We work with trusted third-party service providers who help us operate our platform:
Clerk: User authentication, account management, and subscription metadata storage. View Clerk Privacy Policy
Stripe (via Clerk Billing): Payment processing for subscriptions. All payment card information is handled exclusively by Stripe, a PCI-DSS compliant payment processor. We never have access to your complete card details. View Stripe Privacy Policy
Google Analytics: Website analytics and performance monitoring to improve user experience
AWS Amplify: Cloud hosting infrastructure for secure data storage and platform delivery
Database Provider: Secure storage of your study progress and account information
These service providers are contractually obligated to protect your information and use it only for the purposes we specify.
3.2 Legal Requirements
We may disclose your information if required by law or in response to valid legal requests.
3.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
4. Data Security
We implement appropriate technical and organizational security measures to protect your personal information:
SSL/TLS encryption for all data transmission
Secure cloud infrastructure with automated daily backups
Multi-factor authentication and access controls
Regular security audits and vulnerability monitoring
Employee training on data protection and privacy practices
Payment Security: All payment processing is handled by Stripe, a PCI-DSS Level 1 certified provider. We never store, process, or have access to complete payment card information
Encryption at rest for sensitive data in our databases
Automated threat detection and response systems
While we implement industry-standard security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your information.
5. Your Rights and Choices
You have the following rights regarding your personal information:
Access: Request information about the personal data we hold about you
Correction: Update or correct inaccurate personal information
Deletion: Request deletion of your personal information (subject to legal requirements)
Portability: Request a copy of your data in a structured format
Opt-out: Unsubscribe from marketing communications at any time
To exercise these rights, please contact us through our contact form or account settings.
6. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience:
Essential Cookies: Required for basic platform functionality
Analytics Cookies: Help us understand how you use our platform
Preference Cookies: Remember your settings and preferences
You can control cookie preferences through your browser settings.
7. Data Retention
We retain your personal information for as long as necessary to provide our services and comply with legal obligations:
Account information: Until account deletion plus 30 days for backup recovery
Study progress data: Until account deletion or upon request (you can export your data at any time)
Subscription data: Until account deletion plus 30 days; subscription history retained while account is active
Payment and billing records: Retained for 7 years as required by tax and accounting regulations
Transaction records: Maintained by Stripe according to their retention policies and legal requirements
Analytics data: Anonymized and aggregated data retained indefinitely for platform improvement
Support communications: Retained for up to 3 years for quality assurance and dispute resolution
After the retention period, we securely delete or anonymize your personal information. You can request early deletion of certain data types, subject to legal and regulatory requirements.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data during international transfers.
9. Children's Privacy
Our platform is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
Posting the new Privacy Policy on this page
Sending an email notification to registered users
Providing notice through our platform
Contact Us About Privacy
If you have any questions about this Privacy Policy or our data practices, please contact us through ourcontact form.
