Privacy Policy

1. Introduction

Welcome to Medace ("we", "our", "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services.

Medace is an educational platform that provides access to university courses, subjects, chapters, and video content. By using our app, you consent to the practices described in this policy.

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us using the information provided in the "Contact Us" section below.

2. Information We Collect

We collect several types of information from and about users of our app, including:

2.1 Personal Information

Personal information is information that identifies you as an individual or makes you identifiable. We may collect:

• Email address - Used for account registration, authentication, and communication
• Full name - Used to personalize your experience
• City/Location - Used for demographic analysis and regional content
• Password - Securely hashed for authentication

2.2 Usage Data

We automatically collect certain information about how you interact with our app:

• Course progress - Which videos you've watched and completion status
• Subscription status - Your current subscription tier and expiration
• Account balance - Credits or balance purchased through in-app purchases
• Favorite subjects - Subjects you've bookmarked
• App settings - Language preferences, notification settings

2.3 Device Information

We may collect information about your device to provide and improve our services:

• Device model and operating system - For compatibility and analytics
• Device unique identifiers - For push notifications (FCM token)
• IP address - For security, fraud prevention, and analytics
• App version - To ensure you're using a supported version

3. How We Use Your Information

We use the information we collect for various purposes, including:

• Providing and maintaining our services - To deliver educational content and manage your account
• Authentication and security - To verify your identity and protect your account
• Personalization - To tailor content based on your interests and progress
• Payments and subscriptions - To process in-app purchases via RevenueCat and manage your balance
• Push notifications - To send you updates about courses, subscriptions, or important announcements (via Firebase Cloud Messaging)
• Customer support - To respond to your inquiries and provide assistance
• Analytics and improvement - To understand user behavior and improve our app (aggregated, anonymized data)
• Legal compliance - To comply with applicable laws and regulations

4. How We Store Your Information

Medace uses Supabase as its backend infrastructure. Your personal information is stored in a PostgreSQL database hosted by Supabase.

4.1 Security Measures

• All data transmission is encrypted using HTTPS (TLS/SSL)
• Passwords are hashed using industry-standard algorithms (bcrypt)
• Database access is restricted to authorized personnel only
• We regularly review our security practices to protect against unauthorized access

4.2 Data Retention

We retain your personal information as long as your account is active or as needed to provide our services. If you choose to delete your account, we will permanently remove your personal data from our systems, except where retention is required by law or for legitimate business purposes (e.g., tax records).

5. Sharing Your Information

We do not sell, trade, or rent your personal information to others. We may share your information with:

5.1 Service Providers

• Supabase - Cloud database and authentication provider (Supabase Privacy Policy)
• RevenueCat - In-app purchase and subscription management (RevenueCat Privacy Policy)
• Firebase Cloud Messaging (FCM) - Push notification service (Firebase Privacy Policy)
• Cloud hosting providers - For infrastructure and CDN services

These service providers have access to your information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency). We may also disclose your information to protect our rights, property, or safety, or that of our users or the public.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

6.1 Access and Correction

You can update your account information at any time through the app's Edit Profile section. If you need assistance, contact our support team.

6.2 Data Portability

You have the right to request a copy of your personal data in a structured, commonly used format that can be easily transferred to another service.

6.3 Deletion

You may request deletion of your account and associated personal data. Account deletion can be initiated through the app settings or by contacting support. Note that we may retain certain information as required by law or for legitimate business purposes.

6.4 Opt-out

You can opt out of marketing communications at any time by clicking the unsubscribe link in any email or adjusting your notification settings in the app. You may also opt out of interest-based advertising through your device settings.

6.5 GDPR and CCPA Rights

If you are a resident of the European Union or California, you may have additional rights under the General Data Protection Regulation (GDPR) or California Consumer Privacy Act (CCPA), including the right to object to certain processing and to lodge a complaint with a supervisory authority.

7. Cookies and Tracking

Our mobile app does not use traditional browser cookies. However, we may use similar tracking technologies such as:

• SDK analytics - To understand app usage patterns (aggregated, anonymized)
• Device identifiers - For push notifications and analytics
• Third-party SDKs - From Supabase, RevenueCat, and Firebase which may use their own tracking mechanisms

You can control tracking by adjusting your device settings or uninstalling the app.

8. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can take appropriate action.

In some jurisdictions, users must be at least 18 years old to use our services without parental consent. We reserve the right to terminate accounts of users who provide false age information.

9. Third-Party Links

Our app may contain links to external websites or services that are not operated by us. We are not responsible for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last updated" date at the top of this page. When we make material changes, we will notify users by:

• Posting the updated policy in the app and on our website
• Sending an email notification to the address associated with your account
• Displaying a prominent notice within the app before the changes take effect

Your continued use of the app after any changes indicates your acceptance of the updated Privacy Policy. If you do not agree with the changes, you may delete your account.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

• Email: privacy@medace.app
• Website: https://medace.app
• Address: [Your Company Address Here]

We will respond to your inquiry within 30 days.