Skip to content

Privacy Policy

Effective date: May 15, 2026

1. Information We Collect

When you create an account, we collect your name, email address, and profile information through our authentication provider (Clerk). When you use the platform, we collect usage data including test scores, study progress, and feature interactions. When you purchase lifetime access, payment information is collected by Stripe; we receive only the confirmation that payment succeeded plus a Stripe customer reference — we never see your full card number.

2. How We Use Your Information

  • Provide and personalize your study experience
  • Track your progress and generate performance analytics
  • Send important account and service notifications
  • Process payments and refunds
  • Improve our platform based on usage patterns
  • Respond to your feedback and support requests

3. Third-Party Services

We use the following third-party services that may process your data:

  • Clerk — authentication and user management
  • Supabase — database and data storage
  • Vercel — hosting
  • Vercel Analytics — anonymous page-view and traffic measurement
  • Vercel Speed Insights — anonymous page-load performance measurement
  • Stripe — payment processing and billing

Each service operates under its own privacy policy: Clerk · Supabase · Vercel · Stripe.

We do not sell your personal information to third parties.

4. Cookies & Similar Technologies

We use the following cookies and similar technologies:

  • Clerk authentication cookies (e.g., __session, __clerk_*) — required for sign-in and session management. Without them, you cannot stay logged in.
  • Vercel Analytics — no identifiable cookie; uses anonymous request signatures to measure page views and traffic.
  • Vercel Speed Insights — no identifiable cookie; measures page load performance anonymously.
  • Internal session ID (credentiallab-anon-session, stored in your browser's localStorage) — anonymous identifier used to deduplicate analytics events. No personal information is stored against this ID.

No third-party advertising or cross-site tracking cookies are set. We do not sell user data.

5. Data Retention

We retain your account data and study progress for as long as your account is active. Payment records are retained for a minimum of 7 years per U.S. tax and accounting requirements. You may request deletion of your account and associated data at any time by contacting us at admin@credentiallab.com. Note that some records (e.g., transaction records required by law) may persist after account deletion.

6. Data Security

We implement industry-standard security measures to protect your data, including encrypted connections (HTTPS), secure authentication, and access controls. However, no method of transmission over the internet is 100% secure.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent for data processing

If you are a resident of the European Union, United Kingdom, or California (or another jurisdiction with equivalent data-protection rights), the above rights apply to you under GDPR, UK GDPR, or CCPA respectively. We will respond to verified requests within 30 days. We process personal data on the legal basis of (a) contract performance — providing the Service you've signed up for — and (b) legitimate interest in improving and securing the Service.

To exercise any of these rights, contact us at admin@credentiallab.com.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the platform. Continued use of the service after changes constitutes acceptance of the updated policy.

9. Contact

Questions about this policy? Reach us at admin@credentiallab.com.

← Back to home