Exetasy
Sign in

Privacy Policy

Last updated: June 3, 2026

1. Overview

Exetasy ("we," "us") respects your privacy. This policy explains what information we collect when you use exetasy.com and related services, how we use it, and your choices.

2. Information we collect

Account data: name, email, university, major, and profile preferences you provide at signup or in Settings.

Study data: courses, uploaded materials, practice session history, scores, planner events, and AI interactions needed to deliver features.

Payment data: processed by Stripe. We receive subscription status and customer IDs—not full card numbers.

Technical data: device/browser type, IP address, cookies, and usage logs for security and reliability.

3. How we use information

  • Provide and improve practice exams, labs, interviews, analytics, and coaching
  • Enforce subscription plans and usage limits
  • Process payments and send billing-related communications
  • Protect against fraud, abuse, and security incidents
  • Comply with legal obligations

4. AI processing

To generate and grade practice content, we send relevant prompts and your submitted materials to third-party AI providers (e.g., Google Gemini). Do not upload sensitive personal data you do not want processed for this purpose. We instruct providers to use data only to fulfill requests, subject to their terms.

5. Service providers

We use trusted processors including:

  • Firebase / Google Cloud (authentication, database, file storage)
  • Stripe (payments)
  • Vercel (hosting)
  • AI model providers (content generation)

These providers process data on our behalf under contractual safeguards.

6. Retention

We retain account and study data while your account is active. You may request deletion by emailing support. Some data may be retained where required for legal, tax, or fraud-prevention purposes.

7. Your rights

Depending on your location, you may have rights to access, correct, delete, or export personal data, and to object to certain processing. Contact us to exercise these rights. California residents may have additional rights under the CCPA; EU/UK users under GDPR.

8. Security

We use industry-standard measures including encrypted connections (HTTPS), Firebase security rules, server-side billing controls, and authenticated API access. No system is 100% secure; report concerns to support@exetasy.com.

9. Children

The Service is not directed at children under 13. We do not knowingly collect data from children under 13. Contact us if you believe we have done so.

10. Changes & contact

We may update this policy; the "Last updated" date will change accordingly. Questions: support@exetasy.com