1. Introduction

Quantum Tutoring ("we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the Quantum Tutor AI web application (the "Service"). Please read this policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

The Service is offered only to persons located in the United States. If you access the Service from outside the United States, you do so on your own initiative and are responsible for compliance with local laws, and you agree that we may terminate your access if we determine you are not located in the United States.

We may revise this Privacy Policy at any time by posting the updated version on our Service. Your continued use of the Service after such posting constitutes your acceptance of the revised Privacy Policy. We will alert you about any changes by updating the "Last updated" date of this Privacy Policy.

2. Information We Collect

We may collect information about you in various ways when you use our Service. This information includes:

• Personal Information:
  • Authentication Data: When you register or log in via OAuth (e.g., Google) or email/password, we collect information such as your email address, name, and profile picture (if provided by you or the OAuth provider). We use this to create and manage your account, identify you, and personalize your experience.
  • Payment Information (Stripe): When you purchase a subscription, Stripe collects your card number, CVC, expiration date, ZIP/postal code, and tax-related data. We receive from Stripe a tokenised payment identifier, the last four digits of your card, card brand, and your billing country / state for our records. We do not store or process your full card details on our servers. We store the card brand and last four digits for your receipting and account-management purposes.
  • User Content: We store the content of your chat messages, including any text you type and images you upload ("User Content"), to provide conversation history, continuity, and to enable the Service's features. This User Content may unintentionally include personal information if you choose to share it.
• Usage Data:
  • Service Metrics: Information our servers automatically collect when you access the Service, such as your IP address, browser type, operating system, access times, message counts, query types, session information, and the pages you viewed directly before and after accessing the Service.
  • Subscription Tier Information: We track your subscription tier (e.g., Starter, Pro, Master) and message usage to enforce daily limits and manage your subscription.
  • Analytics Data: We use third-party analytics tools to collect data about how visitors interact with our website and Service. This includes pages visited, time spent on site, referring sources, general geographic location, device information, and other usage statistics. This data is often aggregated and anonymized.
• Feedback and Correspondence: Information you provide when you contact us with questions, feedback, or for customer support.

3. How We Use Your Information

Having accurate information about you helps us provide a smooth, efficient, and personalized experience. Specifically, we may use information collected about you through the Service to:

• Create and manage your account.
• Authenticate you and maintain your session.
• Provide, operate, and maintain our Service.
• Generate and display your chat history within your interface.
• Store, process, and display images you upload as part of your User Content.
• Enforce daily usage limits based on your subscription tier.
• Process subscription payments, manage billing and renewals, and detect or prevent fraudulent transactions.
• Communicate with you, including responding to your comments, questions, and requests; providing customer service and support; and sending you technical notices, updates, security alerts, and administrative messages.
• Monitor and analyze trends, usage, and activities in connection with our Service to improve service quality, user experience, and monitor system health.
• Track daily active users and overall system performance.
• Improve AI Tutoring Quality and Develop New Features: To improve our AI tutoring quality, develop new features, and refine our systems, we may analyze User Content (including chat messages and images). This analysis may involve automated tools. We may also review User Content as necessary to maintain and improve the Service, ensure compliance with our Terms, or comply with applicable law. We strive to use aggregated or de-identified data for these improvement purposes whenever feasible.
• Prevent fraudulent transactions, monitor against theft, and protect against criminal activity.
• Comply with legal obligations and enforce our Terms of Service.

4. Data Sharing & Disclosure

We may share information we have collected about you in certain situations. Your information may be disclosed as follows:

• By Law or to Protect Rights: If we believe releasing information about you is necessary to respond to legal process, investigate or remedy potential violations of our policies, or protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation.
• Third-Party Service Providers: We may share your information with third-party vendors, service contractors, and other third parties who perform services for us or on our behalf and require access to such information to do their work. Categories of these providers include:
  • AI Model Providers
  • Cloud Computing and Storage Providers
  • Analytics Providers
  • Payment Processors (currently Stripe, Inc., which may process data in the U.S. or other jurisdictions under its own compliance frameworks)
  These service providers are contractually obligated to keep your information confidential and use it only for the purposes for which we disclose it to them.
• Aggregated or De-identified Data: We may share aggregated or de-identified information, which cannot reasonably be used to identify you, for various purposes, including research, analytics, or improving our services.
• With Your Consent: We may disclose your personal information for any other purpose with your consent.

We do not sell your personal information to third parties.

5. Data Retention

• We will retain your personal information for as long as necessary for the purposes set out in this Privacy Policy, to operate or improve the Service, as required by law (for example, for tax, accounting, or other legal requirements), or when business needs no longer require retention, at our sole discretion. We may delete data at any time in our sole discretion.
• Chat History: Chat histories may be stored to provide the Service. You may have options within the Service to manage or delete your chat history (e.g., using a "Reset Chat" feature). Deleting your chat history through such features will remove it from our active databases, subject to our backup and archival practices.
• Uploaded Images: Images you upload may be retained as long as they are part of your User Content or as needed for Service operation and improvement. Deleting chat messages containing an image or using features to reset your chat may also initiate the deletion of associated images from active storage, subject to our technical capabilities and backup cycles (e.g., encrypted snapshots containing images may be retained for 30 days before automatic deletion).
• Authentication Data: Retained as long as your account exists with us. If you delete your account, this data will be deleted or de-identified, subject to legal retention needs and our standard data lifecycle management.
• Billing Records: Stripe retains card and transaction data pursuant to its legal obligations. We keep the tokenised payment identifier and subscription history for as long as your account is active and for up to seven (7) years thereafter, as required under U.S. tax and accounting regulations.
• Upon request for account deletion, we will take reasonable steps to delete or de-identify your personal information from our active systems in accordance with our data retention policies and applicable law, unless we are legally required or have a legitimate business need to retain it.

6. Your Rights and Choices

You may have certain rights regarding your personal information depending on your location and applicable law. To request access to or deletion of your personal information that we hold, please contact us at [email protected]. We will respond to your request in accordance with applicable law and our internal policies. We may need to verify your identity before processing your request.

Please note that we are not subject to the California Consumer Privacy Act (CCPA/CPRA) at this time.

Cookie Controls: Most web browsers are set to accept cookies by default. You can usually choose to set your browser to remove or reject cookies. If you choose to remove or reject cookies, this could affect certain features or services of our Service.

7. Data Security

• We implement appropriate administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, use, alteration, and disclosure.
• All data is stored in Google Cloud services, which employ strong security measures.
• All communications between your browser and our Service are encrypted using HTTPS/TLS.
• Stripe is PCI DSS Level 1 certified; Google Cloud is SOC 1/2/3 compliant.
• While we implement appropriate security measures, please be aware that no security measures are perfect or impenetrable, and we make no guarantee of security. No method of data transmission can be guaranteed against any interception or other misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties.

8. Data Breach Notification

In the event of a data breach involving personal information, we will notify affected users and, where required by law, regulators, within any legally required timeframe. We will take all reasonable steps to reduce the impact of any such breach.

9. Cookies and Tracking Technologies

• Essential Cookies: We use cookies necessary for the Service to function properly, including for authentication, session management, and security. These cookies cannot be disabled through our Service settings.
• Functionality and Analytics Cookies: We and our service providers may use cookies and similar technologies to collect and analyze information about how you use our website and Service (e.g., pages visited, time spent). This helps us understand usage patterns, improve the Service, and provide relevant features.
• Your Consent: By using the Service, you consent to our use of cookies as described in this policy.
• Managing Cookies: You can typically manage cookie preferences through your browser settings. For more information on how to control cookies, check your browser or device's help material. Disabling certain cookies may affect the functionality of the Service.

10. Children's Privacy

Our Service is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have unintentionally collected personal information from a child under 13 without verified parental consent, we will take steps to delete that information as soon as possible.

If you are a parent or guardian and believe that your child under 13 has provided personal information to us without your consent, please contact us immediately at [email protected]. We will work with you to delete this information from our records. Parents have the right to review the information collected from their child (if any was unknowingly collected from a child under 13), request its deletion, and refuse to allow further collection or use of their child's information.

If you are between the ages of 13 and 18 (or the age of majority in your jurisdiction), you may only use the Service with the involvement and consent of a parent or legal guardian who agrees to be bound by our Terms of Service and this Privacy Policy on your behalf. By using the Service, you represent that your parent or legal guardian has consented to your use and to this Privacy Policy.

11. Service Location and Data Processing

Our Service is hosted and operated in the United States and is offered only to persons located in the United States. By using the Service, you acknowledge that your information will be processed in the United States as described in this Privacy Policy. If you are accessing the Service from outside the United States, you do so on your own initiative and are responsible for compliance with local laws. By using our Service, you consent to your information being transferred to our facilities and to the facilities of those third parties with whom we share it as described in this Privacy Policy, all located in the United States.

12. Changes to This Privacy Policy

We may revise this Privacy Policy at any time. The updated version will be indicated by an updated "Last updated" date at the top of this policy and will be posted on our Service. Your continued use of the Service after such posting constitutes your acceptance of the revised Privacy Policy. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions or comments about this Privacy Policy, or if you wish to exercise your privacy rights, please contact us at:

Quantum Tutoring
California, USA
Email: [email protected]