Privacy Policy
Last updated: March 14, 2026
Effective date: March 14, 2026
NeroLearn ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our AI-powered learning platform at nerolearn.com. By using NeroLearn, you agree to the practices described in this policy.
1. What Information We Collect
Information You Provide
- Email address
- Password (stored as a bcrypt hash — we never store plaintext passwords)
- Display name
- Job title
- City
- Course topics you choose or enter
Information Collected Automatically
- Watch time and lesson progress
- Quiz attempts and scores
- IP address (used for country-level detection only)
- Browser type and operating system
- Pages visited (via Google Analytics 4)
What We Do NOT Collect
- Payment or financial information
- Government-issued identification
- Medical or health information
- Precise GPS location
- Biometric data
- Social media profiles
2. How We Use Your Information
- Providing and improving the NeroLearn service
- Sending account-related emails (verification, password reset)
- Showing your progress to educators in your classroom
- Improving platform features and user experience
- Providing customer support
We Do NOT
- Sell your personal data to third parties
- Use your data for advertising or ad targeting
- Train AI models on your personal data
3. How We Store Your Information
- Data is stored in PostgreSQL on secure, access-controlled servers
- All data in transit is encrypted via HTTPS/TLS
- Passwords are hashed using bcrypt
- Database access is restricted to authorized personnel only
- Regular backups are performed to prevent data loss
6. Your Rights (GDPR)
If you are located in the European Economic Area (EEA), you have the following rights:
- Access — request a copy of your personal data
- Correction — request correction of inaccurate data
- Deletion — request deletion of your personal data
- Portability — request your data in a portable format
- Objection — object to processing of your data
- Restriction — request restricted processing of your data
- Withdraw consent — withdraw consent at any time where processing is based on consent
To exercise any of these rights, email us at support@nerolearn.com. We will respond within 30 days.
7. Your Rights (CCPA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act:
- Right to Know — request what personal information we collect, use, and disclose
- Right to Delete — request deletion of your personal information
- Right to Opt-Out — opt out of the sale of personal information (note: we do NOT sell your data)
- Right to Non-Discrimination — we will not discriminate against you for exercising your rights
8. Data Retention
- Active accounts — data is retained while your account is active
- Deleted accounts — permanently deleted within 7 days of account deletion
- Course data — retained for 90 days after account deletion for recovery purposes
- Analytics data — retained for 26 months (GA4 default retention period)
- Backups — retained for 30 days, then permanently deleted
9. Children's Privacy
NeroLearn is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@nerolearn.com and we will promptly delete the information.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For significant changes, we will notify you by email. Your continued use of NeroLearn after any changes constitutes acceptance of the updated policy.
11. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, contact us:
- Email: support@nerolearn.com
- Subject line: "Privacy Request — [Your Request Type]"
- Response time: within 30 days