Privacy Policy

CertVector is operated by Equilibelle App Solutions. This Privacy Policy explains how CertVector collects, uses, discloses, retains, and protects information when you use our website, certification practice tools, study plans, AI tutor, community features, support forms, billing flows, and related services.

CertVector is designed for certification exam preparation. Our service is not intended for storing sensitive personal information such as government identification numbers, health information, financial account numbers, or employer-confidential material. Do not submit that type of information into practice answers, support requests, community posts, or the AI tutor.

Account and authentication data: email address, sign-in code status, session identifiers, account creation time, last login activity, selected courses, dashboard course access, study profile preferences, target exam dates, and notification preferences.

Learning activity: practice answers, missed questions, saved questions, simulation attempts, readiness scores, domain performance, study streaks, badges, calendar reminder settings, offline-save preferences, and review queue activity.

Course feedback and community content: question reports, AI tutor reports, support requests, course reviews, pass-story submissions, forum posts, comments, replies, votes, moderation status, and any files or text you choose to submit.

Billing and entitlement records: Stripe customer IDs, checkout session IDs, subscription IDs, plan interval, course entitlement, payment status, cancellation status, renewal dates, and webhook history. CertVector does not store full payment card numbers.

AI tutor data: question context, your selected answer, explanations, follow-up prompts, tutor responses, usage counters, rate-limit events, abuse-prevention signals, and error logs needed to operate and improve the tutor experience.

Technical and usage data: IP address, browser and device information, approximate location derived from technical signals, pages viewed, referring pages, timestamps, cookie consent status, theme settings, language preferences, local storage state, PWA/offline cache status, and security logs.

Communications: emails you send to us, support form details, unsubscribe preferences, and records of service, billing, security, or product-update messages.

We use information to create and secure accounts, send sign-in codes, provide practice sessions and simulations, personalize study plans, show readiness analytics, save progress, operate AI tutor features, moderate community content, process support requests, and manage billing and course entitlements.

We also use information to detect abuse, prevent scraping or exam-dump behavior, debug production issues, maintain service reliability, measure product usage, improve question quality, comply with legal obligations, and communicate service, billing, security, and policy updates.

We may send optional newsletters, product updates, or marketing messages only according to your consent and communication preferences. Marketing emails should include an unsubscribe mechanism. Service, security, billing, and account emails may still be sent when needed to operate your account.

Where required by law, we rely on appropriate legal bases such as performance of a contract, your consent, legitimate interests in operating and securing the service, and compliance with legal obligations. You may withdraw consent where processing depends on consent, but some account features may no longer work after withdrawal.

CertVector uses necessary cookies and local storage for sign-in sessions, cookie consent, language settings, theme settings, account navigation, billing redirects, PWA install state, and saved offline study resources.

If optional analytics, advertising, or marketing tools are added, they should only run according to the consent and preference controls available at that time. You can also clear cookies, site data, and offline caches through your browser settings.

Offline study tools may cache selected public pages, guides, resources, and sample content on your device. Removing browser site data or using the offline tools controls will remove cached study pages from that device.

The AI tutor receives the question context, your answer state, relevant explanation material, objective references, and your follow-up prompt so it can generate a study-focused response. Tutor output may be imperfect and should be treated as learning assistance, not professional advice or official exam guidance.

Do not include passwords, API keys, employer data, customer data, confidential documents, personal identification numbers, or other sensitive information in AI tutor prompts. CertVector may log tutor requests, responses, errors, and reports to enforce usage limits, investigate abuse, improve prompts, and review flagged explanations.

Payments and billing portals are handled by Stripe. Stripe may collect payment method details, billing information, tax information, fraud-prevention signals, and transaction records under its own policies. CertVector stores the Stripe identifiers and subscription state needed to grant or revoke course access.

If you contact us about billing, we may review Stripe customer, checkout, subscription, invoice, and webhook records linked to your account email so we can troubleshoot entitlement or payment issues.

We share information with service providers that help operate CertVector, including hosting, database, email delivery, payment processing, AI processing, security, monitoring, analytics, support, and infrastructure providers. These providers are permitted to process information only as needed to provide services to CertVector or as otherwise allowed by law.

We may disclose information if required by law, subpoena, court order, payment-network requirement, tax obligation, or a good-faith security, fraud, or safety investigation. We may also disclose information during a merger, acquisition, financing, reorganization, or sale of assets, subject to reasonable confidentiality protections.

We do not sell personal information. We do not knowingly share personal information for cross-context behavioral advertising. If that changes, we will update this policy and provide legally required choices.

When you post in community areas, submit a course review, report a question, or provide a pass story, the content may be visible to other users or to administrators depending on the feature. Public display of testimonials or pass stories should only happen with your consent and after moderation.

Do not post confidential information, exam-dump content, copyrighted material you do not have permission to share, personal data about other people, or content that violates our Terms.

We keep account, learning, entitlement, and support records for as long as needed to provide the service, resolve disputes, maintain security, comply with legal obligations, and preserve legitimate business records. Billing and tax records may be kept longer where required by law.

We may retain de-identified or aggregated metrics, such as domain-level correctness rates, content quality statistics, and anonymized peer benchmarks, after account deletion because they no longer identify a specific user.

You can request account deletion or data access by contacting us. Some information may remain in backups for a limited period or be retained when legally required, necessary for security, or needed to resolve billing or abuse issues.

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information. You may also have the right to withdraw consent, unsubscribe from marketing emails, or lodge a complaint with a privacy regulator.

California residents and residents of other U.S. states with privacy laws may request access, correction, deletion, portability, and information about certain disclosures. We do not sell personal information or knowingly share it for cross-context behavioral advertising.

Canadian users may contact us about access, correction, consent, safeguards, and accountability questions under applicable Canadian privacy laws. European Economic Area and UK users may contact us about GDPR/UK GDPR rights, including access, rectification, erasure, portability, objection, restriction, and consent withdrawal.

To exercise privacy rights, email support@certvector.com from the account email where possible. We may need to verify your identity before completing a request.

We use reasonable administrative, technical, and organizational safeguards designed to protect information from unauthorized access, loss, misuse, alteration, or disclosure. No internet service can guarantee absolute security.

You are responsible for keeping your email account secure because CertVector uses email-based sign-in. Contact us promptly if you believe your CertVector account or sign-in email has been compromised.

CertVector and its service providers may process information in countries other than where you live. Those countries may have data protection laws that differ from your local laws. Where required, we use appropriate safeguards for cross-border processing.

CertVector is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided information to CertVector, contact us so we can review and delete it where appropriate.

We may update this Privacy Policy as CertVector changes. Material changes will be posted on this page with a new effective date, and we may provide additional notice through the product or email when appropriate.