Version: 1.0
Last Updated: December 13, 2024
In order to use Studiq, we will ask you to provide information about your learning preferences, name, and email. We automatically collect technical data such as language settings, IP address, time zone, device type and model, device settings, operating system, internet service provider, mobile carrier, hardware ID, and other unique identifiers. We need this data to provide our services, analyze how our customers use the service, and to serve relevant content.
For improving the service and content delivery, we use third-party solutions. As a result, we may process data using solutions developed by Amazon, Meta, Apple, Google, Amplitude, Cloudflare, Supabase, Zendesk, Paddle, and Stripe. This enables us to: (1) analyze different interactions (how users engage with content, what features are most valuable); (2) serve and measure content effectiveness. Consequently, we better understand which features provide the most value and can focus on enhancing your learning experience.
Please read our Privacy Policy below to understand what we do with data Section 3, what data privacy rights are available to you Section 6, who will be the data controller Section 1, and how to manage personalized advertising Section 3.7. For any questions, contact us at [email protected].
2. CATEGORIES OF PERSONAL DATA WE COLLECT
3. FOR WHAT PURPOSES WE PROCESS YOUR PERSONAL DATA
4. UNDER WHAT LEGAL BASES WE PROCESS YOUR PERSONAL DATA
5. WITH WHOM WE SHARE YOUR PERSONAL DATA
6. HOW YOU CAN EXERCISE YOUR PRIVACY RIGHTS
8. INTERNATIONAL DATA TRANSFERS
9. CHANGES TO THIS PRIVACY POLICY
EYELLION LTD, a company registered under number HE 438880 in Limassol, Cyprus, having its registered address at Pentadaktylou, 11, 4001, will be the controller of your personal data.
We collect data you give us voluntarily (for example, when you enter your name, email). We also collect data automatically (for example, your IP address) and may receive data about you from third parties.
You provide us information about yourself during account creation and service use. This includes name, email address, quiz answers, and learning preferences.
When you use 'Sign in with Apple', we receive personal data from your Apple ID account. This data may include your name and verified email address. You may choose to share your real email address or an anonymous one using the private email relay service. For detailed information about signing in with Apple, visit their privacy documentation.
When using Facebook login, we receive data from your Facebook account, including profile image, name, and Facebook ID. Unless you opt out on the Facebook Login screen, we will also collect other data, such as email address. For more information, refer to the Facebook Permissions Reference and Facebook Data Policy. You can manage your connected apps on Facebook's Apps and Websites page.
For Google sign-in, we receive your name, email address, and profile picture from your Google Account. You can control these permissions through Google's Apps Permissions page. For more details about Google's data processing, review their Privacy Policy.
We collect data about your referring app or URL (the source where you found our service).
We collect technical data including language settings, IP address, time zone, device type and model, operating system, internet service provider, mobile carrier, hardware ID, and your interactions with advertisements within our Service.
We record your interactions with our Service, including feature usage, content engagement, session duration, and purchase activities.
We collect your Apple Identifier for Advertising (IDFA), Identifier for Vendor (IDFV), or Google Advertising ID (AAID) based on your device's operating system. These can be reset through your device settings.
For payments through our Service, financial account data is processed by our third-party providers. While we don't store complete credit card numbers, we receive transaction-related data including date, time, amount, and payment method type.
We use cookies and similar tracking technologies to enhance your experience. These include session cookies (temporary) and persistent cookies (remain until expiration or deletion). These assist in remembering your preferences and analyzing usage patterns.
We process your personal data to deliver and maintain our Service efficiently. For hosting and backend operations, we utilize Amazon Web Services (AWS), which adheres to rigorous security standards. For details, consult the AWS Data Processing Addendum.
We employ Cloudflare to optimize content delivery, enhance application performance, and provide additional security features such as DDoS protection and Web Application Firewall. Review Cloudflare's practices in their Privacy Policy.
Supabase manages our database infrastructure, ensuring secure data storage and management. For more information, refer to their Data Processing Addendum.
We process your learning preferences, quiz responses, and interaction patterns to deliver personalized educational content and recommendations tailored to your learning journey.
We process your data to secure account access and send essential notifications about security, payments, technical updates, and policy changes.
Through Zendesk, we optimize conversations between users and support agents. This includes processing emails, purchase details, and feedback to provide efficient assistance.
We employ Google Analytics and Google Tag Manager for service analysis. Review Google's practices in their Data Processing Terms.
Amplitude helps us understand user behavior and optimize features. Learn more in their Privacy Notice and Data Processing Addendum.
We utilize Reteno for marketing campaigns, enabling you to receive information about new features and special offers. You may unsubscribe through the footer of marketing emails.
We partner with platforms like Facebook Business Manager to deliver targeted advertisements. You may see our ads on Facebook or Instagram based on your interactions with our Service.
iOS: Settings → Privacy → Apple Advertising → Personalized Ads
Android: Settings → Privacy → Ads → Opt out of Ads personalization
macOS: System Preferences → Security & Privacy → Privacy → Apple Advertising → Personalized Ads
Windows: Start → Settings → Privacy → Let apps use advertising ID
Additional opt-out resources:
- Network Advertising Initiative
- Digital Advertising Alliance
- Digital Advertising Alliance (Canada)
- Digital Advertising Alliance (EU)
- Firefox
- Chrome
- Safari web and iOS
We use Paddle and Stripe for payment processing, adhering to strict financial security standards. Review Paddle's Data Sharing Addendum and Stripe's Data Processing Agreement.
We process data to maintain platform security, prevent unauthorized access, and ensure compliance with our terms of service.
We process data as required by applicable laws and regulations, including responding to legal requests from authorized authorities.
This section applies specifically to users in the European Economic Area (EEA). For each purpose described in Section 3, we process your personal data under the following legal bases:
Under this legal basis, we process data for marketing communications and push notifications. You maintain the right to withdraw consent at any time through the unsubscribe link in our emails or device notification settings.
Under this legal basis, we:
- Provide our Service according to our Terms and Conditions
- Customize your learning experience
- Provide customer support
- Process your payments
- Communicate regarding service usage
We rely on legitimate interests for:
- Service analysis and improvement, with our legitimate interest being the enhancement of user experience and feature optimization
- Advertisement personalization, with our legitimate interest being the promotion of our Service in a targeted manner
- Terms enforcement and fraud prevention, with our legitimate interest being the protection of our rights and service integrity
We process data to comply with applicable laws and regulatory requirements.
We share data with trusted third parties that assist in service operation, including:
- Hosting and backend providers (Amazon Web Services, Supabase)
- Security and performance services (Cloudflare)
- Communication providers (Zendesk, Reteno)
- Analytics services (Google Analytics, Amplitude)
- Advertising networks (Meta platforms)
- Payment processors (Paddle, Stripe)
- Development and maintenance service providers
We may share personal data to comply with legal obligations, protect our rights, respond to law enforcement requests, or address security concerns. This includes sharing information with courts, law enforcement agencies, regulatory authorities, and other public bodies when legally required.
In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of the business transaction. We will notify you of any change in applicable policies.
To maintain control over your personal data, you have the following rights:
You may review and modify personal data previously provided through the Service.
You may request erasure of your personal data as permitted by law. In cases where we must retain certain data for legal compliance, we will inform you of such obligations.
You may request limitations on the processing of your personal data or object to certain types of processing.
If you are based in the EEA, you have additional rights including:
- The right to lodge complaints with supervisory authorities
- Data portability rights to receive your data in a machine-readable format
To exercise any of these rights, please contact us at [email protected].
Our Service is designed for users aged 16 and above. We do not knowingly process personal data from individuals under 16 years of age. If we become aware that we have inadvertently collected personal information from someone under 16, we will take appropriate steps to delete such information from our records promptly. If you believe we might have collected data from or about someone under 16, please contact us immediately.
In providing our Service, we may transfer personal data to countries other than the country in which the data was originally collected. When transferring data from the European Economic Area (EEA) to countries not deemed to provide adequate data protection, we implement appropriate safeguards to protect your personal information.
For international transfers, we rely on legally approved mechanisms, including:
Standard Contractual Clauses (SCCs): When transferring personal data outside the EEA, we implement the Standard Contractual Clauses approved by the European Commission. You can review these clauses at the European Commission's official website.
We maintain strict data protection standards regardless of where your data is processed and ensure that all service providers adhere to these standards through appropriate contractual commitments.
We reserve the right to modify this Privacy Policy as our Service evolves and to maintain compliance with emerging legal requirements. When we make material changes to this policy, we will notify you through email or prominent notifications within our Service before the changes take effect. This provides you with an opportunity to review the revised policy and decide whether to continue using our Service under the updated terms.
Your continued use of Studiq after the effective date of any changes constitutes your acceptance of the revised Privacy Policy. We encourage you to review this policy periodically to stay informed about how we protect your personal information.
Under California's "Shine the Light" law (Civil Code Section 1798.83), California residents have the right to request information about how we share certain categories of personal data with third parties for their direct marketing purposes. To submit such a request, please email us at [email protected] with "California Privacy Rights Request" in the subject line. Include your full name, California residency status, and email address in your request.
We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including providing our Service, complying with legal obligations, resolving disputes, and enforcing our agreements. In determining appropriate retention periods, we consider multiple factors including:
The nature and sensitivity of the personal data, potential risks from unauthorized use or disclosure, the purposes for which we process the data and whether these purposes can be achieved through alternative means, applicable legal and regulatory requirements, and prevailing industry standards for data retention.
When personal data is no longer necessary for these purposes, we securely delete or anonymize it in accordance with our data retention policies and applicable law.
Our Service does not currently support "Do Not Track" (DNT) browser signals. While we continuously evaluate new technologies for protecting user privacy, we cannot make any guarantees regarding our future implementation of DNT or similar privacy control mechanisms. To understand how third-party services used by our platform handle DNT signals, please consult their respective privacy policies.
You can learn more about DNT at All About DNT.
For any questions, concerns, or requests related to this Privacy Policy or the processing of your personal data, please contact us at:
EYELLION LTD
Pentadaktylou, 11, 4001
Limassol, Cyprus
Registration number: HE 438880
Email: [email protected]
Website: https://studiq.app