Privacy Policy

Last updated: 2025

1. Overview

This Privacy Policy explains how PrepEx ("we", "us", "our") collects, uses, and shares information when you use our website and services (the "Service").

2. Information We Collect

  • Account information: name, email address, authentication identifiers.
  • Assessment data: submissions, audio uploads, feedback, scores, and analytics.
  • Usage data: device/browser, IP address, pages viewed, interactions.
  • Billing data: payment method and transaction details processed by Stripe.
  • Support communications and preferences you provide.

3. How We Use Information

  • Provide, maintain, and improve the Service and features.
  • Personalize practice, feedback, and recommendations.
  • Process payments and manage subscriptions (via Stripe).
  • Communicate with you (e.g., service emails, notifications).
  • Ensure security, prevent abuse, comply with legal obligations.

4. Legal Bases for Processing

Where required, we process personal data on the basis of contract necessity, legitimate interests, consent, and/or legal obligation.

5. Sharing of Information

We share data with trusted processors to operate the Service, including:

  • Supabase (hosting, authentication, database, storage)
  • Stripe (payments)
  • SendGrid (email delivery)
  • Analytics and logging providers as configured

We do not sell personal data. We may disclose information if required by law or to protect rights and safety.

6. Data Retention

We retain information for as long as needed to provide the Service and for legitimate business or legal purposes. You can request deletion as described below.

7. Your Rights

  • Access, correct, or delete your information.
  • Object to or restrict certain processing.
  • Withdraw consent where applicable.
  • Data portability where applicable.

To exercise rights, contact hello@prepex.ai. We may verify your identity before responding.

8. International Transfers

We may process data in the United States and other countries. Where required, we implement appropriate safeguards for cross‑border transfers.

9. Security

We use reasonable technical and organizational measures to protect data. No method of transmission or storage is completely secure.

10. Children’s Privacy

The Service is not directed to children under 13. If you believe a child provided personal data, contact us to delete it.

11. Changes to this Policy

We may update this Privacy Policy. Material changes will be posted in the app or site. Continued use indicates acceptance of the updated policy.

12. Contact Us

For questions or requests, contact hello@prepex.ai.