Privacy Policy

1. Information We Collect

When you use StudySense, we collect the following categories of information:

• Account data — your email address, display name, and profile photo provided through Firebase Authentication (email/password or Google sign-in).
• Study data — flashcard decks, cards, quiz results, study sessions, language tutoring sessions and messages, vocabulary lists, and daily activity records that you create while using the service.
• Usage analytics — anonymized interaction data collected through Google Analytics 4 (GA4), such as page views, feature usage frequency, and session duration. This data is aggregated and cannot be used to identify you personally.

2. How We Use Your Information

• Provide the service — we use your account and study data to deliver core functionality including spaced repetition scheduling, AI-generated flashcards, language tutoring, document Q&A, and personalized analytics.
• Improve the app — aggregated usage analytics help us understand which features are most valuable and where the experience can be improved.
• Maintain security — we use authentication data to enforce access controls and protect your account from unauthorized access.

We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. AI Processing

StudySense uses frontier AI models from leading providers to power features such as flashcard generation, language tutoring, document Q&A, and quiz distractor creation. When you use these features, relevant content (such as your uploaded text, chat messages, or card content) is sent to the AI provider through our server-side proxy (Firebase Cloud Functions). Your content is never sent directly from your browser to any third-party provider.

Under our agreements with AI providers, content submitted through their APIs is not used to train their models and is not stored beyond the time needed to process your request. All AI requests are authenticated and rate-limited on our servers. We apply content moderation and input sanitization to all AI interactions for safety.

4. Data Storage & Security

Your data is stored in Google Cloud Firestore with authentication-scoped access controls. Every database query is restricted to your user ID, meaning no user can read or modify another user's data. Firestore security rules enforce field-level validation on all write operations.

All data is encrypted in transit using TLS. Firestore provides encryption at rest by default. We use Firebase Authentication to verify your identity before granting access to any data.

A persistent local cache is enabled on your device to provide offline access to your study materials. This cache is managed by the Firebase SDK and stored in your browser's IndexedDB.

5. Cookies & Analytics

StudySense uses Google Analytics 4 (GA4) to collect anonymized usage data. GA4 may set cookies in your browser to distinguish unique users and throttle request rates. These cookies do not contain personally identifiable information.

We also use localStorage to persist your preferences (such as theme and study goals) locally on your device. This data never leaves your browser.

You may be shown a consent banner on your first visit. You can manage your cookie preferences at any time through your browser settings. Disabling cookies will not affect core app functionality.

6. Your Rights

You have the right to:

• Access your personal data — all your study data is visible within the app at any time.
• Export your data — you can export your flashcard decks and study history from the Settings page.
• Delete your account and all associated data — you can request account deletion from the Settings page. Upon deletion, all your data (decks, cards, sessions, vocabulary, and activity records) will be permanently removed from our servers.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated data is permanently deleted from Firestore and cannot be recovered. Anonymized analytics data collected by GA4 is retained according to Google's standard data retention policies and cannot be linked back to your account after deletion.

8. Children's Privacy

StudySense is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can take appropriate action to remove that data.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will update the “Last updated” date at the top of this page. We encourage you to review this policy periodically. Your continued use of StudySense after any changes constitutes acceptance of the updated policy.

10. Contact

If you have any questions about this Privacy Policy or our data practices, please contact us at support@studysense.app.