Privacy Policy

Last Updated: December 3, 2025

1. Introduction & Data Controller

StudySite.ai ("we," "our," or "us") is operated by Martlet Solutions, LLC, a Texas limited liability company. We are the data controller responsible for your personal information and are committed to protecting your privacy in compliance with applicable data protection laws.

This Privacy Policy explains how we collect, use, share, and protect information when you use our AI-powered learning platform at studysite.ai (the "Platform").

Data Controller & Privacy Contact

Martlet Solutions, LLC

Privacy Officer: privacy@studysite.ai

General Support: support@studysite.ai

Texas, USA

2. Information We Collect

2.1 Account Information

When you create an account (via our authentication provider, Clerk), we collect:

  • Email address
  • Name (first and last)
  • Profile photo (if provided)
  • Authentication credentials (managed securely by Clerk)

2.2 Learning Data

When you use our AI tutoring system, we collect:

  • Learning conversations: Your chat messages with AI tutors for assessing mastery and personalizing instruction
  • Progress data: Learning objectives completed, skills mastered, assessment results
  • Study patterns: Time spent learning, session frequency, engagement metrics
  • Code submissions: Programming exercises and solutions (if applicable)

2.3 Platform Support Data

When you use our platform help chat (Sherpa Assistant):

  • Help conversations and support requests
  • Feature usage and navigation patterns

2.4 Usage Information

  • Device information (browser type, operating system)
  • IP address and general location
  • Pages visited and features used
  • Error logs and diagnostic data

3. How We Use Your Information

We use your information to:

3.1 Provide Educational Services

  • Deliver personalized AI tutoring and adaptive learning
  • Assess your mastery of learning objectives using AI analysis
  • Track your progress and generate insights
  • Adapt curriculum difficulty to your skill level

3.2 Improve the Platform

  • Analyze usage patterns to enhance features
  • Train and improve AI models (using aggregated, anonymized data)
  • Fix bugs and optimize performance

3.3 Communicate with You

  • Send important platform updates and notifications
  • Respond to support requests
  • Provide educational tips and progress reports

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following lawful bases:

Data CategoryLegal BasisExplanation
Account InformationContractNecessary to provide the educational services you signed up for
Learning ConversationsContractCore to delivering AI tutoring services
Progress & Assessment DataContractEssential for tracking learning outcomes and providing personalized instruction
Usage AnalyticsLegitimate InterestTo improve platform performance and user experience
Cookies (Essential)ContractRequired for authentication and platform functionality
Cookies (Analytics)ConsentOnly with your explicit opt-in via cookie banner
Marketing CommunicationsConsentOnly with your explicit opt-in
Security & Fraud PreventionLegitimate InterestTo protect our platform and users from abuse

Your Right to Object: Where we rely on legitimate interest, you have the right to object. Contact us at privacy@studysite.ai to exercise this right.

5. Third-Party Services & Data Recipients

We share your data with the following categories of third-party service providers (sub-processors) who help us operate the Platform:

CategoryProviderData SharedPurpose
AI ServicesOpenAILearning conversations, questions, codeAI tutoring, mastery assessment
AuthenticationClerkEmail, name, profile photo, auth tokensUser authentication, account management
Code ExecutionE2BCode submissions onlySecure sandbox for programming exercises
Cloud HostingRenderAll platform data (encrypted)Application hosting, database storage
DatabasePostgreSQL (via Render)All user and learning dataData persistence, encrypted at rest
CachingRedis (via Render)Session tokens, temporary dataPerformance optimization

No Data Selling

We do NOT sell your personal data to any third party. We do NOT share data with advertisers or data brokers.

5.1 OpenAI Data Processing

Your learning conversations are processed by OpenAI to generate tutoring responses. Under our enterprise agreement:

  • OpenAI does not use your data to train their models
  • Data is processed in real-time and not retained beyond 30 days for abuse monitoring
  • OpenAI acts as a data processor under our instructions

6. Data Retention

Our retention policy balances educational needs with privacy protection.

6.1 Learning Conversations

  • Active learning sessions: Retained while you're actively learning
  • Inactive sessions: Deleted after 90 days of inactivity
  • Reason: Our AI has already extracted mastery assessments; raw chats are no longer needed

6.2 Platform Help Chats

  • Retention: 30 days after creation
  • OpenAI Threads: 30 days (per OpenAI's policy)

6.3 Learning Progress Data

  • Progress summaries: Retained for the duration of your enrollment
  • After unenrollment: Aggregated anonymously for analytics (1 year)
  • Account deletion: All personal progress data is deleted

6.4 Account Information

  • Retention: Until you delete your account
  • Deletion: Permanently removed within 30 days of deletion request

7. Your Privacy Rights

7.1 Rights Under GDPR (EU Users)

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Data Portability: Receive your data in machine-readable format
  • Right to Object: Object to certain processing activities
  • Right to Restrict Processing: Limit how we use your data

7.2 Rights Under CCPA (California Users)

  • Right to Know: What personal information we collect and how we use it
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: We do not sell your personal information
  • Right to Non-Discrimination: Equal service regardless of privacy choices

7.3 How to Exercise Your Rights

You can exercise your privacy rights through our self-service Privacy Settings page, where you can:

  • Export your data in JSON or CSV format
  • Delete specific data (activity, Sherpa sessions, learning sessions)
  • Request account deletion with a 30-day grace period
  • Manage consent and sharing preferences
  • Configure data retention periods

For additional assistance, contact us at support@studysite.ai

8. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in Transit: All data transmitted over HTTPS/TLS 1.3
  • Encryption at Rest: PostgreSQL databases encrypted with AES-256
  • Authentication: Secure authentication via Clerk with multi-factor authentication support
  • API Security: Rate limiting, JWT authentication tokens, and role-based access controls
  • Infrastructure: Hosted on Render.com with SOC 2 Type II compliance
  • Regular Updates: Automated security patches and dependency updates

8.1 Data Breach Notification

In the event of a data breach that affects your personal information:

  • Regulatory Notification: We will notify relevant supervisory authorities within 72 hours of becoming aware of a breach (as required by GDPR)
  • User Notification: We will notify affected users without undue delay via email and/or in-app notification
  • Information Provided: Nature of the breach, data affected, steps we're taking, and recommended actions for you
  • Documentation: We maintain records of all breaches and our response actions

9. Automated Decision-Making & Profiling

GDPR Article 22 Disclosure

Our platform uses AI to analyze your learning and provide personalized instruction. This section explains how.

9.1 How We Use AI Analysis

Our AI tutoring system performs automated analysis of your learning activity:

  • Mastery Assessment: AI analyzes your responses to determine if you've mastered learning objectives
  • Personalized Instruction: Content difficulty and teaching approach adapt based on your performance
  • Progress Tracking: Automated tracking of completed objectives and skill development
  • Struggling Student Detection: Identifies when you may need additional support

9.2 Impact and Consequences

These automated decisions affect your experience in the following ways:

  • Which learning content and activities are presented to you
  • The difficulty level of questions and exercises
  • Progress reports shared with your instructor (if enrolled in a section)
  • Recommendations for additional practice or review

9.3 Your Rights Regarding Automated Decisions

Under GDPR, you have the right to:

  • Request Human Review: Ask for a human to review any automated assessment
  • Express Your View: Contest an automated decision and provide additional context
  • Obtain Explanation: Understand the logic behind automated assessments
  • Opt-Out: Request that certain automated processing be limited (may affect service quality)

To exercise these rights, contact us at privacy@studysite.ai

10. Children's Privacy (COPPA Compliance)

Educational Platform with School Consent Model

StudySite.ai is an educational platform designed for K-12 and higher education. We comply with the Children's Online Privacy Protection Act (COPPA) for users under 13 years of age.

10.1 School Consent (Ages Under 13)

For students under 13, we rely on schools and teachers acting in loco parentis (in place of parents) to provide consent for educational use:

  • Instructor-Mediated Access: Students under 13 may only access the platform through instructor-created accounts or access codes provided by their school
  • School Authorization: Schools and instructors consent to data collection for educational purposes
  • No Self-Registration: Children under 13 cannot independently create accounts
  • Educational Use Only: All data collection is limited to educational purposes

10.2 Information Collected from Children

For users under 13, we collect only the minimum information necessary for educational purposes:

  • Username or student identifier (often provided by school)
  • Learning activity data (responses, progress, assessments)
  • Usage data (time spent, modules accessed)
  • We do NOT require: Full name, email, address, or phone number unless school provides it

10.3 Parental and School Rights

Parents and schools have the following rights regarding children's information:

  • Review: Request to review the personal information collected from the child
  • Delete: Request deletion of the child's personal information
  • Revoke Consent: Refuse further collection or use of the child's information
  • Export: Receive a copy of the child's data in machine-readable format

To exercise these rights, schools or parents should contact us at support@studysite.ai with the student's identifier and proof of authorization.

10.4 No Behavioral Advertising

Student Privacy Protected

We do NOT serve behavioral advertising to students of any age. We do NOT sell student data. We do NOT build advertising profiles. All data use is strictly for educational purposes.

10.5 Data Security for Children

We take extra precautions to protect children's information:

  • Encrypted transmission and storage of all data
  • Minimal data collection (only what's necessary for education)
  • Automatic deletion after 90 days of inactivity
  • No public student profiles or social features that expose children
  • Restricted third-party access (only educational tools like OpenAI for tutoring)

10.6 Instructor Responsibilities

Instructors who create student accounts represent and warrant that:

  • They have proper authorization from their school or educational institution
  • They have obtained necessary consents as required by their institution's policies
  • They will only use the platform for legitimate educational purposes
  • They will not share student data inappropriately

Important for Parents

If your child's school is using StudySite.ai and you have questions about your child's data, you may contact your child's school or contact us directly at support@studysite.ai. You have the right to review, delete, or request changes to your child's information at any time.

11. International Data Transfers

Our services are operated from the United States. If you access the platform from outside the U.S., your information will be transferred to, stored, and processed in the United States.

11.1 Transfer Safeguards

For users in the European Economic Area (EEA), UK, or other regions with data transfer restrictions, we implement the following safeguards:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Data Processing Agreements: We have DPAs with all sub-processors that include Standard Contractual Clauses (SCCs)
  • Access Controls: Strict role-based access limits who can view personal data
  • Data Minimization: We only transfer data necessary for the service

11.2 Your Consent

By creating an account and using our platform, you explicitly consent to the transfer of your personal data to the United States. You may withdraw this consent at any time by deleting your account, though this will prevent you from using our services.

12. Cookies and Tracking

We use cookies and similar technologies. Here's a summary:

CategoryPurposeRequired?
EssentialAuthentication, security, basic functionalityYes (cannot be disabled)
FunctionalPreferences, language, theme settingsOptional (consent required)
AnalyticsUsage patterns, performance monitoringOptional (consent required)

You can manage your cookie preferences via our cookie banner or in Privacy Settings. See our full Cookie Policy for details.

13. How We Obtain Consent

13.1 Account Creation

When you create an account, you consent to our processing of your data as described in this policy. This consent is obtained through:

  • Clear presentation of this Privacy Policy during signup
  • Checkbox acknowledgment that you have read and agree to the policy
  • Link to this policy in our Terms of Service

13.2 Cookie Consent

For non-essential cookies, we obtain explicit consent through:

  • Cookie consent banner on first visit
  • Granular options to accept/reject each cookie category
  • Ability to change preferences at any time

13.3 Withdrawing Consent

You can withdraw consent at any time by:

Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy with a new "Last Updated" date
  • Sending an email notification to registered users
  • Displaying a prominent notice on the platform

Your continued use of the platform after changes indicates your acceptance of the updated policy.

15. Contact Us

For privacy-related questions, concerns, or to exercise your rights:

Martlet Solutions, LLC

StudySite.ai Privacy Team

Privacy Officer: privacy@studysite.ai

General Support: support@studysite.ai

Texas, USA

We aim to respond to all privacy inquiries within 30 days. For GDPR-related requests, we will respond within the legally required timeframe.

Back to Home