Privacy Policy

1. Information We Collect

We only collect email addresses to create and manage your account.

For users in the EEA, this is done based on a lawful basis under the GDPR (e.g., your consent or performance of a contract).

If a student is enrolled in a private course (not publicly listed), their email address may be required to grant access to the course.

Browser and device data may also be collected for service usage analysis, but this information is not stored separately and is never used to identify individual users.

2. How We Use Your Information

Your information is used for the following purposes:

  • To provide and operate our services
  • To personalize your experience and recommend relevant content
  • To respond to inquiries and provide customer support
  • To improve our product through usage analytics and feedback
  • To comply with legal obligations and enforce our Terms of Service
  • To fulfill obligations under GDPR and FERPA

3. Use of Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain session state and user preferences
  • Analyze traffic and user behavior on our platform
  • Enhance performance and usability

You may disable cookies through your browser settings, but some features may be limited.

4. Data Sharing and Disclosure

We do not sell your personal data. However, we may share your information with:

  • Trusted service providers who help us operate our platform (e.g., Google Analytics)
  • Authorities or legal entities when required by law or to protect our rights

Data is shared under strict agreements ensuring GDPR and FERPA compliance. For educational institutions, student data remains under institutional control and is never used for advertising or profiling.

5. Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy, or as required by law. When no longer needed, data is securely deleted or anonymized. Student data under FERPA is retained only for the duration specified by the institution and deleted upon request.

6. Data Security

We take reasonable technical and classroomal measures to protect your data from unauthorized access, loss, or misuse. Data is encrypted in transit and at rest, and hosted securely on Azure and AWS cloud servers. However, no system is completely secure, and we cannot guarantee absolute security.

7. Your Rights

You have the right to:

  • Access and review the personal information we hold about you
  • Request corrections or deletions of your data
  • Withdraw your consent at any time
  • File a complaint with a data protection authority (for GDPR)
  • Request inspection and correction of student records (for FERPA)

To exercise your rights, please contact us at the address below.

8. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in law or our services. We encourage you to review this page periodically.

9. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at contact@tutorflow.io.

For GDPR-specific inquiries, please include “GDPR Request” in the subject line.

This service is operated by Geek Haus LLC, a U.S.-based educational technology company.