Back to Home

Privacy Policy

Effective Date: January 29, 2026

1. Introduction

NexExam Inc. ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered exam preparation platform ("Service").

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name, email address, password (stored securely via hashing), and avatar selection. If you sign up via a third-party provider (e.g., Google), we receive your name and email from that provider.

2.2 Learning and Usage Data

We automatically collect data about your use of the Service, including:

  • Lesson progress, quiz scores, and question interactions
  • Time spent on questions and learning sessions
  • Mastery scores and accuracy rates per topic
  • Learning activity trends and completion progress
  • Study notes and bookmarked content

2.3 AI Tutoring Data

When you use our AI voice tutor, audio data is processed in real time by our third-party AI provider, ElevenLabs. Voice data is used solely for the purpose of generating conversational responses during your tutoring session. We do not store raw audio recordings. Text transcripts of AI conversations may be retained to improve the Service.

2.4 Payment Information

Payments are processed by Stripe. We do not store your full credit card number or payment details on our servers. Stripe may collect and store payment information in accordance with its own privacy policy. We store your Stripe customer ID and subscription status to manage your account.

2.5 Device and Log Data

We may collect browser type, operating system, IP address, referring URLs, and pages visited for analytics and security purposes.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Personalize your learning experience and recommendations
  • Track your progress and learning analytics
  • Process payments and manage subscriptions
  • Provide AI tutoring and voice conversation features
  • Send account-related communications (e.g., password resets, subscription updates)
  • Analyze usage patterns to improve our platform
  • Detect and prevent fraud or abuse

4. Third-Party Services

We use the following third-party services that may process your data:

  • Railway & PostgreSQL — Secure cloud infrastructure for database hosting. Your account data and learning progress are stored on Railway-hosted PostgreSQL.
  • Clerk — Authentication and user management. Clerk handles sign-in, sign-up, and session management under its own security policies.
  • Stripe — Payment processing for subscriptions. Stripe handles all payment card data under its own PCI-compliant systems.
  • ElevenLabs — AI voice tutoring. Audio from voice sessions is processed in real time to generate spoken responses. ElevenLabs processes this data under its own privacy policy.

We encourage you to review the privacy policies of these third-party providers.

5. Cookies and Local Storage

We use browser local storage to maintain your authentication session and user preferences. We may use cookies or similar technologies for analytics and to improve the Service. You can control cookie settings through your browser.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your data in the following circumstances:

  • With third-party service providers who help us operate the Service (as described in Section 4)
  • To comply with legal obligations or respond to lawful requests from public authorities
  • To protect our rights, privacy, safety, or property, or that of our users
  • In connection with a merger, acquisition, or sale of assets (with prior notice to you)

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention).

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Request portability of your data
  • Withdraw consent at any time (where processing is based on consent)

To exercise these rights, contact us at support@nexexam.ai. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption at rest and in transit, secure authentication, and row-level security policies on our database. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Service is not intended for users under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a user under 18, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Effective Date" above. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at support@nexexam.ai.