Privacy Policy

Effective Date: May 26th, 2025

Zettel ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

1. Information We Collect

• Personal Information: Name, email address, password (hashed), and profile information.
• Learning Data: Learning goals, curriculums, chat messages, progress, and related educational data.
• Payment Information: Processed by Stripe; we do not store payment card details.
• Usage Data: Device/browser information, analytics, and usage patterns (via PostHog and similar tools).
• Cookies: Used for authentication and session management.
• Email Activity: Email delivery and engagement data (via Resend).

2. How We Use Your Information

• To provide, personalize, and improve our services for each individual user.
• To authenticate users and secure accounts.
• To process payments and manage subscriptions (via Stripe).
• To send transactional and marketing emails (users may opt out of marketing emails).
• To analyze usage and improve platform performance.
• To comply with legal obligations and enforce our Terms of Service.

3. How We Share Your Information

• With service providers such as Supabase (authentication/database), Stripe (payments), Resend (email), and analytics providers (e.g., PostHog).
• With legal authorities if required by law or to protect our rights and users.
• We do not sell or share your personal information with third parties for their own marketing purposes.

4. Children's Privacy

Zettel is available to users under 18. We do not knowingly collect personal information from children under 13 without parental consent. If you believe we have collected such information, please contact us at [email protected].

5. User Rights & Choices

• Access, update, or delete your account and personal data.
• Opt out of marketing emails at any time.
• Request information about our data practices by contacting us at [email protected].

6. Data Security

We use industry-standard security measures, including HTTPS, secure cookies, and third-party providers (Supabase, Stripe) with strong security practices. However, no method of transmission or storage is 100% secure.

7. International Data Transfers

Your information may be transferred to and processed in countries outside your own, including the United States and the European Economic Area, where our service providers operate. We comply with applicable data protection laws regarding such transfers.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by posting the new policy on this page and updating the effective date.

9. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at [email protected].