Privacy Policy
Your privacy is important to us. This policy explains how we collect, use, and protect your personal data in compliance with EU GDPR regulations.
Last updated: December 2024 | Effective: December 1, 2024
Quick Navigation
Overview
JephAi ("we," "our," or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered exam preparation platform.
This policy applies to all users of our services, including visitors to our website, registered users, and subscribers to our premium services. By using our platform, you consent to the data practices described in this policy.
This privacy policy complies with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.
Data Controller
JephAi Inc. is the data controller responsible for your personal data. Our contact details are:
For EU residents, our EU representative can be contacted at: eu-representative@jephai.com
Data We Collect
Personal Information You Provide
- • Account Information: Name, email address, password
- • Profile Data: Study preferences, exam goals, experience level
- • Payment Information: Billing address, payment method details (processed securely by Stripe)
- • Communication Data: Messages sent through our support system
- • Content: Study notes, custom materials, progress tracking data
Automatically Collected Information
- • Usage Data: Pages visited, features used, time spent studying
- • Device Information: Browser type, operating system, device identifiers
- • Log Data: IP address, access times, referring URLs
- • Analytics Data: Performance metrics, study patterns, learning progress
- • Cookies and Tracking: Session cookies, preference cookies, analytics cookies
Third-Party Data
- • Authentication Services: Google, LinkedIn (if you choose to sign in)
- • Payment Processors: Stripe payment data
- • Analytics Providers: Google Analytics (anonymized)
Legal Basis for Processing
Under GDPR, we process your personal data based on the following legal grounds:
Contract Performance
Processing necessary to provide our exam preparation services, manage your account, and process payments.
Legitimate Interests
Improving our services, security monitoring, fraud prevention, and direct marketing (with opt-out options).
Consent
Marketing communications, non-essential cookies, and optional data sharing (which you can withdraw at any time).
Legal Obligation
Compliance with tax laws, data protection regulations, and other legal requirements.
How We Use Your Data
Service Provision
- • Create and manage your account
- • Provide personalized study plans
- • Track learning progress
- • Generate AI-powered recommendations
- • Process payments and subscriptions
Communication
- • Send service updates and notifications
- • Provide customer support
- • Send marketing communications (with consent)
- • Respond to inquiries and feedback
Improvement & Analytics
- • Analyze usage patterns
- • Improve platform performance
- • Develop new features
- • Conduct research and analytics
Security & Compliance
- • Prevent fraud and abuse
- • Ensure platform security
- • Comply with legal obligations
- • Protect user rights and safety
Your Rights Under GDPR
As a data subject under GDPR, you have the following rights regarding your personal data:
Right of Access
Request a copy of your personal data we hold
Right to Rectification
Correct inaccurate or incomplete data
Right to Erasure
Request deletion of your personal data
Right to Portability
Export your data in a structured format
Right to Restrict
Limit how we process your data
Right to Object
Object to processing based on legitimate interests
How to Exercise Your Rights:
Contact us at privacy@jephai.com or use our privacy request form. We will respond within 30 days. If you're not satisfied with our response, you can lodge a complaint with your local data protection authority.
Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this policy:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Data | Duration of account + 30 days | Service provision |
| Study Progress | Duration of account + 12 months | Learning analytics |
| Payment Data | 7 years | Tax & legal compliance |
| Marketing Consent | Until withdrawn | Marketing communications |
| Anonymized Analytics | Indefinitely | Product improvement |
Data Security
We implement robust security measures to protect your personal data:
Technical Safeguards
- • TLS 1.3 encryption for data in transit
- • AES-256 encryption for data at rest
- • Multi-factor authentication
- • Regular security audits and penetration testing
- • Automated threat detection and monitoring
Organizational Measures
- • Staff training on data protection
- • Access controls and principle of least privilege
- • Data processing agreements with vendors
- • Incident response and breach notification procedures
- • Regular privacy impact assessments
In case of a data breach, we will notify relevant authorities within 72 hours and affected users without undue delay, as required by GDPR.
Contact Us About Privacy
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:
Data Protection Officer
San Francisco, CA 94105
EU Representative
Quick Actions
Policy Updates
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and through our platform. The updated policy will be effective 30 days after notification, giving you time to review the changes.
Current Version: 2.0 | Last Updated: December 2024 | Next Review: June 2025