Privacy Policy

1. Introduction

PrepGeeks ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our medical board exam preparation service.

Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

• Account Information: When you sign up using Google authentication, we receive your name, email address, and profile picture from Google.
• Study Data: Your answers to questions, progress tracking data, bookmarks, and review queue information.
• Support Communications: Any messages or feedback you send to us through our support channels.

2.2 Information Collected Automatically

• Usage Data: Information about how you use the Service, including pages visited, features used, and time spent studying.
• Device Information: Browser type, operating system, device type, and IP address.
• Cookies and Similar Technologies: We use cookies to maintain your session and remember your preferences.

2.3 Payment Information

Payment processing is handled by Stripe. We do not store your credit card numbers or bank account details. Stripe may collect and store payment information in accordance with their privacy policy.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process transactions and send related information
• Send you technical notices, updates, and support messages
• Track your study progress and provide personalized recommendations
• Implement spaced repetition algorithms for effective learning
• Respond to your comments, questions, and support requests
• Monitor and analyze trends, usage, and activities
• Detect, investigate, and prevent fraudulent transactions and abuse
• Comply with legal obligations

4. Third-Party Services

We share your information with the following third-party service providers:

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to:

• Comply with our legal obligations
• Resolve disputes
• Enforce our agreements

If you delete your account, we will delete your personal data within 30 days, except for anonymized audit logs retained for security purposes.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (HTTPS/TLS)
• Encryption of data at rest
• Regular security assessments
• Access controls and authentication
• Audit logging of security-relevant events

7. Your Rights (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR):

• Right to Access: You can request a copy of your personal data.
• Right to Rectification: You can request correction of inaccurate data.
• Right to Erasure: You can request deletion of your personal data.
• Right to Restrict Processing: You can request that we limit how we use your data.
• Right to Data Portability: You can request your data in a machine-readable format.
• Right to Object: You can object to our processing of your data.
• Right to Withdraw Consent: You can withdraw consent at any time.

To exercise these rights, please contact us at privacy@prepgeeks.com. You can also export or delete your data directly from your account settings.

8. Your Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You can request information about the categories and specific pieces of personal information we have collected.
• Right to Delete: You can request deletion of your personal information.
• Right to Opt-Out: You can opt out of the sale of your personal information. Note: We do not sell your personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, please contact us at privacy@prepgeeks.com or use the data export and deletion features in your account settings.

9. Cookies

We use cookies and similar tracking technologies to:

• Essential Cookies: Required for the Service to function (authentication, session management)
• Preference Cookies: Remember your settings and preferences (dark mode, exam selection)
• Analytics Cookies: Help us understand how you use the Service

You can control cookies through your browser settings. Note that disabling essential cookies may prevent you from using certain features of the Service.

10. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We take appropriate safeguards to ensure that your personal information remains protected.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: