← Home

Privacy Policy

What we collect, why, who sees it, and how to delete it.

Last updated · 2026-05-23

Effective 2026-05-23. This Privacy Policy explains how Plinth ("we", "us") collects, uses, shares, and protects information when you use the Service at plinthprep.com and any related Plinth client. It also explains your rights under U.S. state privacy laws (including California, Virginia, Colorado, Connecticut, Utah, and others), under the EU/UK General Data Protection Regulation (GDPR) where applicable, and under Canadian PIPEDA.

By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, do not use the Service.

1. Who we are

"Plinth" refers to John Ryu, doing business as Plinth, operating from the State of Washington, United States. For the purposes of EU/UK GDPR, Plinth is the data controller of personal data processed in connection with the Service. The contact for privacy matters is admin@plinthprep.com.

2. What we collect

We collect the minimum personal data needed to operate the Service. The categories below are exhaustive — if it isn't listed, we don't collect it.

2.1 Account data

  • Email address — to identify your account and send transactional messages.
  • Hashed password (if you sign up with a password) — never stored in plain text.
  • Account creation date and last sign-in timestamp.
  • Display name and exam target date if you choose to set them (optional).

2.2 Payment data

  • Stripe customer ID — an opaque identifier issued by Stripe.
  • Purchase metadata — date, amount, currency, product, transaction ID, refund history, and the buyer's country and postal code (used for sales-tax determination only; not used for marketing).
  • We do NOT store your full card number, CVC, or full billing address. Those are held by Stripe under PCI-DSS.

2.3 Usage data (generated by your use of the Service)

  • Quiz sessions, mock-exam attempts, individual question answers, and time spent.
  • Flashcard interactions (which cards you've seen, current Leitner box, review streak).
  • Weak-spot analyses derived from your answer history.
  • Module / lesson completion status.
  • Cumulative streak counters and dashboard statistics.

Usage data is scoped to your account; we use it to make the Service work for you, not to profile you for advertising.

2.4 Technical data

  • IP address — captured by our hosting provider (Vercel) and by Stripe at the point of transaction, used for fraud prevention, abuse detection, and rough geolocation for tax purposes.
  • Device, browser, and operating system information — as included in standard HTTP request headers.
  • Diagnostic logs — automatically generated when something errors. These may include the IP address, timestamp, request path, and stack trace. Logs are retained at most 30 days and used only for debugging.

2.5 Communication data

2.6 What we explicitly do NOT collect

  • Your real name (unless you choose to set a display name).
  • Phone number, mailing address, date of birth, government ID, or biometric information.
  • Browsing history outside of plinthprep.com.
  • Cross-site behavioral tracking data. We do not use Google Analytics, Meta Pixel, TikTok Pixel, Hotjar, FullStory, or any similar third-party analytics or session-replay service.
  • Inferred demographic categories (age, gender, household income).

3. How we collect it

SourceWhat's collected
Directly from youEmail, password (hashed), display name, exam target date, communications you send.
AutomaticallyIP address, device/browser, error logs, in-app usage events that the Service writes back to your account.
From StripeStripe customer ID, transaction confirmation, billing country and postal code, refund and dispute events via webhook.

4. Why we use it

  • Provide the Service. Authenticate you, sync your progress, render your dashboard, schedule flashcard reviews, generate mock exams and weak-spot drills.
  • Process payments. Forward your payment information to Stripe; receive purchase and refund confirmations; grant or revoke lifetime entitlement.
  • Compute and remit sales tax based on your billing location, as required by jurisdictions where we hold an active tax registration.
  • Send transactional messages. Sign-up confirmation, password reset, refund confirmation, security alerts. We do not send marketing or promotional email.
  • Provide support. Respond to your inquiries; look up your account when you contact us.
  • Maintain security and prevent abuse. Rate-limit suspicious activity, detect credential stuffing, investigate chargeback fraud, defend the integrity of the question pool against scraping.
  • Comply with law. Respond to lawful requests from courts, regulators, and government agencies; produce records to defend our legal rights; satisfy tax-record-keeping obligations.
  • Improve the Service. Aggregate, de-identified statistics about how the Service is used (e.g., which questions are most frequently missed) inform content improvements. These aggregates do not identify individuals.

5. Legal bases for processing (EU/UK)

If you are in the EU or UK, our legal bases under GDPR are:

  • Performance of a contract (Art. 6(1)(b)) — to provide the Service you purchased.
  • Compliance with a legal obligation (Art. 6(1)(c)) — to retain financial records, respond to lawful authority, remit sales tax.
  • Legitimate interests (Art. 6(1)(f)) — to maintain security, prevent abuse, and improve the Service. We balance these interests against your rights and freedoms.
  • Consent (Art. 6(1)(a)) — where required by law (e.g., for any non-essential cookie or optional analytic if we ever introduce one).

6. Who we share it with

We share personal data only with the vendors below, only as needed to operate the Service. We do not sell personal data. We do not share personal data with advertisers, data brokers, or unrelated third parties.

VendorRoleData they receive
Stripe, Inc. (US)Payment processing & taxEmail, IP, billing country and postal code, card details (held by Stripe; never reach us)
Supabase, Inc. (US)Database & authenticationAccount data + usage data — encrypted at rest
Vercel, Inc. (US)Hosting & CDNIP, user-agent, request logs (≤30 days)
Resend, Inc. (US)Transactional emailEmail address + the content of transactional messages we send you

Other disclosures. We may also share personal data:

  • Pursuant to legal process — subpoena, court order, regulatory demand, or where we believe disclosure is necessary to protect our or others' rights, safety, or property.
  • In a business transaction — if Plinth is acquired, merged, or transfers substantially all its assets, your data may transfer to the successor entity, subject to the protections of this Policy.
  • With your direction or consent.

7. International data transfers

The Service is operated from the United States. If you are located outside the United States, your personal data will be transferred to and stored in the United States. We rely on the following safeguards:

  • EU/UK to US transfers: We rely on the EU Standard Contractual Clauses (SCCs) in place with our US vendors (Stripe, Supabase, Vercel, Resend).
  • UK transfers: The UK International Data Transfer Addendum to the SCCs applies where relevant.
  • Canada: Disclosures to US service providers are made consistent with PIPEDA.

8. Retention

DataRetention period
Account dataUntil you delete your account, then deleted within 30 days.
Usage data (quiz, flashcard, dashboard state)Same as account data.
Cleared / deleted study data (recovery archive)While Plinth is in pre-launch, we retain these rows in an access-restricted recovery archive indefinitely so accidental clicks can be undone. At public launch we expect to introduce a fixed retention window (target: 90 days from the delete event) with an automated purge. While in the archive, the data is hidden from your dashboard and remains restorable via Settings → “Recover recently deleted”. You may request earlier purge at any time. See 8.1.
Payment metadata (transaction records)Up to 7 years after the transaction, as required by U.S. tax law (IRS §6501) and state tax authorities.
Diagnostic logs30 days, after which they are deleted automatically by Vercel.
Support emailsUp to 24 months from the last reply, then deleted.
BackupsEncrypted snapshots are retained for up to 30 days; deletions from primary storage propagate to backups on the next snapshot rotation.

8.1 Recovery archive (cleared / deleted study data)

When you press “Clear local data” or “Delete all my data” in Settings, your quiz sessions, flashcard progress, study streaks, and a snapshot of your profile metadata (display name, exam target) are moved to a recovery archive instead of being immediately purged. This lets you reverse an accidental click via Settings → “Recover recently deleted”.

Specifically:

  • Visibility. Archived rows are hidden from your dashboard, history, scoring, and any other user-facing surface. Your readiness, streaks, and weak-spot analytics recompute as if the data were gone.
  • Access. Archived rows are stored in access-restricted tables readable only by Plinth administrators (for support-driven recovery) and by you via the “Recover recently deleted” flow.
  • Use. The archive is used only to support data recovery on your request and to operate the Service. It is not used for analytics, training, marketing, or any other purpose.
  • Retention & deletion. While Plinth is in pre-launch, archived rows are retained indefinitely so we can still help users recover from accidental clicks during this early phase. At public launch we plan to introduce a fixed retention window (target: 90 days from the delete event) with an automated nightly purge, and we will update this Section accordingly before that change takes effect.
  • Right to erase sooner. You can request earlier deletion of your archived data at any time by emailing admin@plinthprep.com; we will purge it within 30 days of the request, subject to legal retention requirements (see Section 8 for payment / log retention).

9. Security

We use industry-standard safeguards appropriate to the sensitivity of the data we hold:

  • TLS 1.2+ on every connection between you, our infrastructure, and our vendors.
  • Passwords stored as Argon2id hashes (via Supabase Auth). Plaintext passwords are never stored, logged, or transmitted outside the TLS-protected sign-in moment.
  • Stripe handles all card data; Plinth's systems never see card numbers or CVCs.
  • Access to production data is restricted to authenticated administrators and protected by least-privilege controls.
  • Encrypted at rest (vendor-managed) and in transit.

No system is 100% secure. We cannot guarantee absolute security. If you believe your account has been compromised, contact support@plinthprep.com immediately.

10. Cookies and similar technologies

Plinth uses a small set of strictly-necessary cookies. We do not use advertising, analytics, or cross-site tracking cookies. We do not embed third-party ad pixels or session-replay tools.

CookiePurposeDurationSet by
sb-…-auth-tokenKeeps you signed inSession + 7-day refreshSupabase Auth (essential)
plinth-theme / plinth-aestheticRemembers your visual preference1 yearPlinth (essential UX)
plinth.splash.seenBoot splash plays only once per tabSession onlyPlinth (essential UX)

Third-party cookies during checkout. When you are routed to or interact with Stripe Checkout, Stripe sets cookies under its own cookie policy, primarily for fraud prevention. These cookies are not under Plinth's control. They are essential for processing your payment.

How to clear or block cookies. Standard browser controls let you delete or block any cookie. Blocking the Supabase auth cookie will sign you out. We do not implement a separate cookie banner because we do not set non-essential cookies; under EU and UK ePrivacy rules, consent banners are required only for non-essential cookies.

11. Your rights

Regardless of where you live, you may exercise these rights by emailing admin@plinthprep.com. We respond within 30 days (or sooner where required by law). We may require reasonable verification that you are the account holder before fulfilling a request.

RightWhat it means
AccessReceive a copy of all personal data we hold about you, in machine-readable JSON.
Correction / RectificationAsk us to correct inaccurate or incomplete data.
Deletion / ErasureAsk us to delete your account and associated personal data. We retain financial records as legally required (see Section 8).
PortabilityReceive your data in a structured, commonly-used, machine-readable format (JSON), or have it transmitted to another controller where technically feasible.
RestrictionAsk us to limit our use of your data in specific circumstances.
ObjectionObject to processing based on our legitimate interests; we will reassess.
Withdraw consentWhere we rely on consent, you can withdraw it at any time. Withdrawal does not affect the lawfulness of prior processing.
Lodge a complaintIf you are in the EU/UK, you may complain to your local Data Protection Authority. We'd appreciate the chance to address your concern first.

You will not be discriminated against for exercising these rights. We do not offer financial incentives for personal data.

12. California residents (CCPA / CPRA)

If you are a California resident, you have the rights under the California Consumer Privacy Act of 2018 ("CCPA"), as amended by the California Privacy Rights Act of 2020 ("CPRA"):

  • Right to know what personal information we collect, use, share, and disclose.
  • Right to delete personal information we hold about you.
  • Right to correct inaccurate personal information.
  • Right to opt out of "sale" or "sharing" of personal information. Plinth does not sell or share personal information as those terms are defined in the CCPA. We do not engage in cross-context behavioral advertising.
  • Right to limit the use of sensitive personal information. We do not collect sensitive personal information as defined by the CCPA (we do not collect SSN, driver's license, financial-account numbers beyond Stripe's records, precise geolocation, race, religion, union membership, or biometric data).
  • Right to non-discrimination for exercising these rights.

Categories of personal information collected, sources, purposes, and recipients are listed throughout this Policy. To submit a CCPA request, email admin@plinthprep.com with the subject "California Privacy Request" and we will verify your identity (typically by confirming control of the email associated with your account). Authorized agents may submit requests on your behalf with documented authorization.

13. EU and UK residents (GDPR)

In addition to the rights listed in Section 11, you have the right under GDPR to:

  • Lodge a complaint with the Data Protection Authority in your country.
  • Not be subject to automated individual decision-making, including profiling, that produces legal or similarly significant effects. Plinth does not make automated decisions of this kind.

The Plinth representative for EU/UK data-subject requests is admin@plinthprep.com. We have not appointed a Data Protection Officer because the scope of our processing does not require one under Article 37, but we treat privacy inquiries with the same seriousness.

14. Children

The Service is not directed at children under 16, and we do not knowingly collect personal data from children under 16. If you believe a child has provided personal data to Plinth, contact admin@plinthprep.com and we will delete the account and associated data promptly.

15. "Do Not Sell" and Do Not Track

We do not sell personal data. We honor the Global Privacy Control (GPC) signal where applicable: if your browser sends GPC, we treat it as an opt-out request under CCPA and similar laws.

We do not currently respond to legacy Do Not Track (DNT) browser headers because there is no industry consensus on how to interpret them. Our practices described in this Policy apply regardless of DNT.

16. Data-breach notification

If we determine that a breach of personal data poses a risk to your rights and freedoms (e.g., unauthorized access to your account information), we will notify affected users without undue delay, typically within 72 hours of discovery, by email to the address on file, and we will notify the appropriate supervisory authority where required by law.

17. Changes to this policy

We may update this Privacy Policy. Material changes will be announced via in-product notice or email to the address on file, with at least 14 days' advance notice before the change takes effect. The "Effective" date at the top of this page reflects the current version.

18. Contact

Privacy questions, data-subject requests, and complaints: admin@plinthprep.com.

Operator: John Ryu, doing business as Plinth, Washington, United States.