Privacy Policy
Last updated: April 2026
1. Information We Collect
Account information: Name, email address, phone (optional), Google account ID (if using Google sign-in).
Onboarding data: Your role, industry, biggest time sink at work, AI comfort level. This is used to personalize your learning experience.
Learning data: Lesson completion status, assessment scores, time spent, assessment responses.
Payment data: Razorpay handles all payment processing. We store your Razorpay subscription ID and status but do NOT store credit card or bank details.
Curation requests: If you request a custom learning path, we store your submitted role description, challenges, and goals.
2. How We Use Your Data
- Personalization: Your domain and onboarding answers are sent to AI models (OpenAI, Anthropic) to generate personalized assessment questions. No personally identifiable information (name, email) is sent to AI providers.
- Progress tracking: To show your dashboard, unlock modules, and track completion.
- Communication: To send transactional emails (welcome, module completion, payment status) via Brevo.
- Improvement: Aggregated, anonymized data to improve curriculum and assessment quality.
3. Third-Party Services
| Service | Purpose | Data Shared |
|---|---|---|
| Neon (PostgreSQL) | Database | All account + learning data |
| Razorpay | Payments | Email, subscription details |
| OpenAI | Comprehension assessments | Domain, role, context (no PII) |
| Anthropic | Application assessments | Domain, role, context (no PII) |
| Brevo | Name, email | |
| Vercel | Hosting | Server logs (IP, user agent) |
| OAuth sign-in | Email, name, Google ID |
4. Data Retention
- Account data is retained while your account exists.
- Learning progress is preserved even after subscription cancellation.
- You may request account deletion by emailing hello@zoe.institute.
- Upon deletion, all personal data is removed within 30 days.
5. Cookies
We use essential cookies for authentication (session management). No third-party tracking cookies are used.
6. Your Rights
- Access: Request a copy of your data.
- Correction: Update your information via your account settings.
- Deletion: Request account and data deletion.
- Portability: Request your data in a machine-readable format.
Contact: hello@zoe.institute
7. Security
- Passwords are hashed with bcrypt.
- All connections use HTTPS.
- Database access is restricted to the application server.
- Razorpay webhooks are verified with signature validation.
8. Changes
We may update this policy. Material changes will be communicated via email.