Zenaique
Legal

Privacy policy

Last updated: 2026-06-02

What we collect

When you sign up: email, name (if provided via Google), profile image (Google). When you practice: your attempts, scores, time-stamps, mastery per topic, streak, and your self-reported confidence.

What we don't collect

We don't fingerprint you. We don't sell data. We don't run third-party ad trackers. Our auth secrets stay server-side. AI eval requests on short-answer attempts go to our AI evaluation model; we cache the result but never share the raw text with any other vendor.

Cookies

We set: a session cookie (NextAuth JWT), a CSRF cookie, and a per-session unlock-tracking cookie for free tier users. No third-party analytics cookies.

Subprocessors

  • Supabase, database hosting (your account + attempt data)
  • Vercel, application hosting (request logs)
  • Resend, transactional email (sign-in magic links, weekly digest)
  • Our AI evaluation model: text only on short-answer attempts; raw answer text is not shared with any other vendor
  • Dodo Payments, subscription billing (no card data is stored on our side)
  • Upstash, Redis for rate limiting (IP + counters; no PII)

Your rights

Email hello@zenaique.com to export or delete your data. We respond within 7 business days.