Privacy Policy

1.1 Information You Provide Directly

• Account registration information, including your name, email address, and password
• Profile and preference information, including learning preferences, study goals, and onboarding selections
• User Content, including notes, documents, images, photographs, PDFs, text, and audio recordings you upload to the Service
• Communications, including emails, feedback, support requests, and survey responses you send to us
• Payment and transaction information related to your subscription, processed through Apple's App Store (we do not directly collect, process, or store your credit card or payment card information)

1.2 Information Collected Automatically

• Usage and interaction data, including features accessed, screens viewed, actions taken, sessions completed, quiz and flashcard accuracy, study session duration, and time of day of use
• Learning Data, including spaced repetition intervals, review history, card-level accuracy, topic mastery levels, forgetting curve parameters, confidence calibration scores, modality performance data, session length optimization data, and all other data derived from your interactions with the Service's learning and assessment features
• Device and technical information, including device model, operating system and version, unique device identifiers, app version, browser type, IP address, mobile network information, and general location data (city/region level) derived from IP address
• Performance and diagnostic data, including crash reports, error logs, load times, and system activity

1.3 Information from Third-Party Sources

• LMS data: If you connect your Canvas, Google Classroom, Blackboard, Schoology, or other learning management system account, we collect course information (course names, IDs), assignment information (names, types, due dates), grade and score data, and other academic data as authorized by you through the integration
• Authentication providers: If you sign in using a third-party authentication service (such as Apple Sign-In or Google Sign-In), we receive your name, email address, and unique identifier from that service

2.1 Providing and Operating the Service

• Process and analyze your User Content to generate AI-powered flashcards, quizzes, diagrams, voice explanations, and other study materials
• Build, maintain, and update your Learning Profile and personalized learning experience
• Operate the spaced repetition engine, adaptive study plans, dynamic quiz regeneration, and exam readiness predictions
• Sync with your LMS to provide deadline-aware study scheduling and grade-based calibration
• Process and manage your account and subscription

2.2 Improving the Service

• Analyze usage patterns, learning outcomes, and feature adoption to improve the Service's functionality, content quality, and user experience
• Conduct internal research and analytics using anonymized and aggregated data
• Develop new features, products, and services
• Train and improve our proprietary algorithms and models using anonymized and aggregated Learning Data (not raw User Content)

2.3 Communications

• Send service-related communications, including study reminders, weekly performance recaps, account notifications, and subscription updates
• Send promotional communications about new features or products (you may opt out at any time)
• Respond to your inquiries, feedback, and support requests

2.4 Safety and Compliance

• Detect, prevent, and address fraud, abuse, security incidents, and technical issues
• Enforce our Terms of Service and other policies
• Comply with applicable legal obligations, regulations, and governmental requests

3.1 Service Providers

We engage third-party companies and individuals to perform services on our behalf, including:

• Cloud hosting and infrastructure (Google Cloud Platform)
• AI and machine learning processing (Anthropic, Google)
• Voice synthesis (ElevenLabs)
• Payment processing (Apple, Stripe)
• Analytics and performance monitoring
• Email and communication services

These service providers have access only to the information necessary to perform their specific functions and are contractually obligated to protect the confidentiality and security of your information. They are prohibited from using your information for any purpose other than providing services to us.

3.2 LMS and Integration Partners

When you connect your LMS account, data flows between the Service and your LMS as authorized by you. We do not share your SNG Learning Data, Learning Profile, or User Content with your LMS provider or educational institution unless you explicitly choose to share it or unless required by applicable law.

3.3 Other Users

If you use collaborative features such as Study Rooms, the Marketplace, or class communities, certain information (such as your display name, shared study materials, and performance data within the shared context) may be visible to other users participating in those features. We will clearly indicate what information is shared before you participate.

3.4 Legal and Safety

We may disclose your information if we believe in good faith that disclosure is reasonably necessary to: (a) comply with applicable law, regulation, legal process, or governmental request; (b) enforce our Terms of Service or other agreements; (c) protect the rights, property, or safety of Snap N Grasp LLC, our users, or the public; or (d) detect, prevent, or address fraud, security, or technical issues.

3.5 Business Transfers

In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring or surviving entity. We will notify you via email and/or prominent notice within the Service of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

3.6 Anonymized and Aggregated Data

We may share anonymized and aggregated data that cannot reasonably be used to identify you with third parties for research, analytics, benchmarking, industry reporting, and commercial purposes. This includes aggregated learning insights, usage patterns, and educational outcome data.

4.1 How AI Processing Works

When you upload content or interact with the Service's features, your User Content and relevant contextual data are transmitted to third-party AI providers for processing. This processing is necessary to generate flashcards, quizzes, diagrams, voice explanations, and other AI-Generated Content.

4.2 What We Send to AI Providers

We transmit the minimum data necessary for content generation, which may include: the text content of your uploaded materials, image data for OCR processing, relevant portions of previous quiz results for adaptive regeneration, and contextual prompts. We do not transmit your personal account information (name, email address) to AI providers.

4.3 AI Provider Data Practices

Our AI providers process your content in accordance with their respective privacy policies and our data processing agreements. As of the effective date of this policy, our primary AI providers (Anthropic and Google) do not use API-submitted data to train their general-purpose models. We select providers that maintain appropriate security, confidentiality, and data handling practices.

4.4 Voice Data

Voice explanations are generated by transmitting text to our voice synthesis provider (currently ElevenLabs). We do not transmit your voice or audio recordings to voice synthesis providers — only the text content to be spoken. For lecture recording features, audio is transcribed using on-device or cloud-based transcription services, and the resulting text transcript is processed through the standard AI generation pipeline.

5.1 Active Accounts

We retain your account information, User Content, Learning Data, and Learning Profile for as long as your account is active and as reasonably necessary to provide the Service to you.

5.2 Account Deletion

If you delete your account or request deletion of your data, we will delete or anonymize your identifiable personal information, User Content, and identifiable Learning Data within thirty (30) days of your request, except where longer retention is: (a) required by applicable law or regulation; (b) necessary for legitimate business purposes, including dispute resolution, fraud prevention, and enforcement of our Terms; or (c) necessary to comply with our legal obligations or protect our legal rights.

5.3 Anonymized and Aggregated Data

Anonymized and aggregated data that cannot reasonably be used to identify you, including statistical learning patterns, aggregate usage metrics, and model training data derived from your interactions, may be retained indefinitely for research, analytics, product development, and commercial purposes. This data survives account deletion.

5.4 Backup and Archive

Copies of your data may persist in our backup and archive systems for a reasonable period after deletion from active systems. We will make commercially reasonable efforts to complete deletion from backup systems within ninety (90) days.

7.1 Access and Portability

You may request a copy of the personal information we hold about you in a structured, commonly used, machine-readable format.

7.2 Correction

You may request that we correct any inaccurate or incomplete personal information we hold about you.

7.3 Deletion

You may request deletion of your personal information and account. Certain data may be retained as described in Section 5.

7.4 Restriction and Objection

You may request that we restrict or cease processing your personal information in certain circumstances, subject to applicable law.

7.5 Opt-Out of Communications

You may opt out of promotional communications at any time by following the unsubscribe instructions in any promotional email or by contacting us. Service-related communications (including study reminders you have enabled and account notifications) may still be sent as necessary to provide the Service.

7.6 How to Exercise Your Rights

To exercise any of these rights, contact us at contact@snapngrasp.com. We will respond to verified requests within thirty (30) days, or as otherwise required by applicable law. We may request additional information to verify your identity before processing your request.

8.1 Age Restriction

The Service is not intended for and is not directed to children under the age of thirteen (13). We do not knowingly collect, use, or disclose personal information from children under 13.

8.2 Parental Notification

If we learn that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete such information as quickly as possible. If you believe that a child under 13 has provided us with personal information, please contact us immediately at contact@snapngrasp.com.

8.3 SNG Kids

A separate application, SNG Kids, may be made available in the future for users under the age of 13. SNG Kids will include parental consent mechanisms, age-appropriate content and privacy protections, and will comply with the Children's Online Privacy Protection Act (COPPA) and other applicable children's privacy laws. A separate privacy policy will govern SNG Kids.

9.1 California Residents (CCPA/CPRA)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

• Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected it, the business or commercial purpose for collecting it, and the categories of third parties with whom we share it.
• Right to Delete: You may request that we delete the personal information we have collected from you, subject to certain exceptions.
• Right to Correct: You may request that we correct inaccurate personal information.
• Right to Opt Out of Sale or Sharing: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.
• Right to Limit Use of Sensitive Personal Information: If we collect sensitive personal information, you may limit our use and disclosure of that information to what is necessary to provide the Service.

9.2 Virginia, Colorado, Connecticut, and Other State Residents

Residents of states with comprehensive consumer privacy laws (including the Virginia Consumer Data Protection Act, Colorado Privacy Act, Connecticut Data Privacy Act, and similar statutes) may have similar rights to access, correct, delete, and port their personal information, as well as the right to opt out of certain processing activities. To exercise these rights, contact us at contact@snapngrasp.com.

9.3 FERPA

To the extent that any information we receive through LMS integrations constitutes education records subject to the Family Educational Rights and Privacy Act ("FERPA"), we will handle such information in compliance with FERPA requirements. We will not use FERPA-protected education records for any purpose other than providing the Service as authorized by the student.