Privacy Policy

CalcGPT (“we,” “us,” “our”) respects your privacy and is committed to protecting it. This policy explains what we collect, how we use it, and your rights under global laws.

1. Scope & Consent

By using CalcGPT or signing in (including “Sign in with Google”), you consent to this Policy and our Terms of Service.

2. COPPA (Children’s Online Privacy Protection)

CalcGPT is intended for users 13 years of age and older. We do not knowingly collect personal information from children under 13 without verifiable parental consent. If we learn that we have inadvertently collected data from a child under 13, we will delete it immediately upon discovery.

3. CIPA (Children’s Internet Protection Act)

When deployed in U.S. schools, CalcGPT enforces filtering of obscene, harmful, or pornographic content and logs Internet requests to support CIPA compliance.

4. Information We Collect

• Account Data: Name, email, Google ID token via OAuth, payment information.
• Usage Analytics: Events, page views, clicks, sessions via PostHog and cookies.
• Educational Data: Student submissions, progress, teacher feedback.
• Device & Technical: IP address, browser type, OS, device identifiers.
• Communications: Emails, support tickets, feedback messages.
• Cookies & Tracking: We use cookies and similar technologies to enhance your experience and analyze usage.

5. How We Use Your Data

• Authenticate and authorize via Google OAuth (Limited Use compliance).
• Deliver and improve AI-based tutoring features.
• Support grading workflows and personalized learning.
• Analyze platform performance, detect and fix bugs.
• Email transactional messages, feature updates, support feedback, and optional marketing (opt‑out anytime).
• Store student-generated content for personalized learning and research to improve our tools.
• Comply with legal obligations, security audits, and research.

6. Google Limited Use Disclosure

Our handling of Google user data conforms to Google’s Limited Use requirements: we use data only for user-facing features, do not sell or share it, and restrict any transfers to cases covered by user consent, legal obligation, or security purposes.

7. Data Retention & Deletion

We retain personal data only as long as necessary to provide our services or as required by law. You may request deletion of your data at any time, and we will comply within 30 days except where legal retention is mandated.

8. Your Rights & Choices

• Access & Correction: Request a copy or update your data.
• Deletion: Ask us to erase your personal data.
• Portability: Receive your data in machine-readable form.
• Opt‑Out: Unsubscribe from marketing or analytics tracking.
• Adjust Preferences: Change how we use your information for non-essential purposes via account settings or by emailing us.
• Revoke Consent: You may revoke consent for data collection/use, which may affect certain services.

To exercise any rights, email us at firleycompany@gmail.com.

9. CCPA (California Consumer Privacy Act)

California residents have the right to know what personal data we collect, request deletion, opt-out of marketing or “sale” of data (we never sell data), and receive their data in a portable format.

10. GDPR (EU General Data Protection Regulation)

EU users have the right to access, correct, delete, or restrict processing of their personal data, and to lodge a complaint with an EU supervisory authority.

11. Security & Liability

We implement industry-standard safeguards (TLS encryption, SOC 2, ISO 27001, regular penetration tests). However, we cannot guarantee absolute security; we are not liable for unauthorized access or data breaches.

12. International Transfers

Your data may be processed in the U.S. or other countries where our providers operate. We use standard contractual clauses to protect your data when transferred abroad.

13. Third‑Party Links & Services

Our website may contain links to external sites or services. This Privacy Policy does not apply to those entities, and we are not responsible for their privacy practices.

14. Compliance with Local Laws

We adhere to data protection laws applicable to the regions where we operate, ensuring the privacy and security of our users.

15. Dispute Resolution

Any disputes related to privacy will be resolved through mutual discussion. If unresolved, they may be subject to legal proceedings under applicable law.

16. Updates to This Policy

We may update this policy to reflect changes in our practices or legal requirements. The “Last updated” date below will indicate when changes occur. Significant updates will be communicated via email or in-app notice.

17. Contact Us

If you have questions or wish to exercise your rights, email us at firleycompany@gmail.com.

Last updated: May 16, 2025