← Back to home

Privacy Policy

Last updated: March 15, 2026

1. Information We Collect

We collect: email address (required for test results), test responses and timing data, IP address and browser information, payment information (processed by Stripe — we never store card details), account information (name, email) if you register, and usage analytics.

2. How We Use Your Data

Your data is used to: deliver test results and CEFR analysis, generate AI-powered feedback and recommendations, detect and prevent cheating (behavioral analysis), improve question quality and scoring algorithms, send test results via email, process payments through Stripe, and provide progress tracking for registered users.

3. AI Processing

Your test answers are sent to Anthropic's Claude AI for analysis. This includes question texts and your selected answers but not your personal identifying information. AI-generated feedback is stored in our database linked to your test session.

4. Data Storage

Data is stored on secure servers. Test sessions are retained indefinitely for registered users (for progress tracking) and for 12 months for guest users. You may request deletion at any time.

5. Data Sharing

We do not sell your personal data. We share data with: Stripe (payment processing), Anthropic (AI analysis — anonymized), email service providers (sending results), and analytics tools (aggregated, non-personal data). Future B2B: organization administrators may see aggregated team results.

6. Cookies

We use essential cookies for: session management, CSRF protection, and theme preferences. Optional cookies: analytics (Google Analytics). You can manage cookie preferences through the banner on your first visit.

7. Your Rights

You have the right to: access your personal data, correct inaccurate data, delete your account and all associated data, export your test history, opt out of marketing emails, and withdraw consent for optional data processing.

8. Data Retention

Account data: retained until you delete your account. Test sessions: retained for progress tracking. Guest test data: automatically deleted after 12 months. Payment records: retained as required by law (typically 7 years).

9. Security

We implement industry-standard security measures including: HTTPS encryption, hashed passwords (bcrypt), Stripe PCI-compliant payment processing, rate limiting on sensitive endpoints, and regular security audits.

10. Children

The Service is not intended for children under 13. We do not knowingly collect data from children. If you believe we have, contact us for immediate removal.

11. International Users

The Service is operated globally. By using it, you consent to data processing in the jurisdiction where our servers are located. For EU users: we comply with GDPR requirements including data minimization and right to erasure.

12. Changes

We may update this Privacy Policy at any time. We will notify registered users of significant changes via email. Continued use constitutes acceptance.

13. Contact

For privacy-related questions or data requests, contact us at privacy@fluentmood.com.

← HomeTerms of Service