Effective: April 7, 2026 · Last reviewed: May 21, 2026

Privacy Policy

This policy explains what personal data we collect, why we collect it, how we process and store it, and what rights you have. We are committed to protecting your information.

Contents

Who We Are
Information We Collect
How We Use Your Data
Legal Basis for Processing
Data Sharing & Third Parties
Data Storage & Security
Data Retention
Your Rights
Children's Privacy
International Data Transfers
Changes to This Policy
Contact Us

01 Who We Are

IDGAF AI is an AI-powered educational study platform that helps students generate summaries, flashcards, quizzes, and more from their study notes. The platform is operated independently and is accessible at idgaf.diy.

For data protection inquiries, you can contact us at legal@idgaf.diy.

02 Information We Collect

Information You Provide

Account data — email address, display name, authentication status, and account identifiers. Password-based sign-in is handled by Clerk; IDGAF AI does not store plaintext passwords.
Study content — notes, prompts, generated study materials, saved notes, shared note metadata, uploaded files, extracted text, images, PDFs, DOCX/PPTX/TXT files, and audio you provide for transcription or speech features.
Payment information — billing details processed securely through Paystack, Flutterwave, or NOWPayments. We do not store full card numbers or private crypto wallet keys.
Communications — support emails, refund requests, legal/privacy requests, feedback, and any messages you send us.

Information Collected Automatically

Usage data — features used, generation counts, FOK point usage, plan tier, saved-note activity, session duration, study streaks, and aggregate admin metrics.
Device information — browser type, operating system, screen resolution, and language preference.
Log data — IP address, access times, pages viewed, and referring URLs.
Cookies — session tokens and preference cookies. See our Cookie Policy for details.

Information We Do Not Collect

We do not collect biometric data, government IDs, or health information.
We do not track your location using GPS or fine-grained geolocation.
We do not sell or rent your personal data to anyone.

03 How We Use Your Data

Purpose	Data Used
Provide and maintain the service	Account data, study content
Process AI-generated study materials	Notes, prompts, uploaded files, extracted text, images, audio, and generated outputs
Process payments and manage subscriptions	Email, plan tier, provider references, billing details, payment status
Send operational emails (welcome, billing, security)	Email, display name
Improve product quality and fix bugs	Usage data, log data
Detect and prevent abuse, fraud, and security threats	IP address, usage patterns
Comply with legal obligations	As required by applicable law

IDGAF AI does not use your study content to train AI models. Your notes, uploads, and prompts are processed to provide the service, and third-party AI providers process that content under their own API terms and retention policies.

04 Legal Basis for Processing

We process your data under the following legal bases:

Contract performance — to deliver the service you have subscribed to or signed up for.
Legitimate interest — to improve our product, prevent abuse, and ensure platform security.
Consent — where you have given explicit consent, such as for marketing emails (you can withdraw at any time).
Legal obligation — to comply with applicable laws and regulations.

05 Data Sharing & Third Parties

We share data only with the following types of service providers, and only when necessary:

Provider	Purpose	Data Shared
Clerk	Authentication, session management, verification, and account security	Email address, display name, authentication identifiers, session data
Supabase	Database, app data, saved notes, profile state, usage limits, and payment event records	Account profile, notes, generated content, app state, usage data, payment event metadata
Groq / OpenAI / Anthropic / DeepSeek	AI processing for Tutor, Generate, Decode, Exam, file, image, PDF, transcription, metadata, and audio features	Prompts, notes, extracted text, uploaded file payloads where enabled, images, PDFs, audio, and generated context
Paystack / Flutterwave / NOWPayments	Payment processing, subscription activation, payment verification, crypto payment creation, and fraud prevention	Email, provider references, plan tier, expected/paid amount, currency, payment status, billing details
Resend	Transactional, billing, security, account, and support-related emails	Email address, display name, message metadata, account or payment context needed for the email
Cloudflare / Google Fonts	Security, delivery, performance, and font loading	IP address, browser/device metadata, request logs

We do not sell, trade, or share your personal data with advertisers or data brokers.

06 Data Storage & Security

We take reasonable technical and organizational measures to protect your data:

All data is transmitted over HTTPS/TLS encryption.
Authentication is handled by Clerk; IDGAF AI does not store plaintext passwords.
API keys and secrets are stored in environment variables, never in client-side code.
Rate limiting is applied across all API endpoints to prevent abuse.
Payment card details are processed directly by PCI-DSS compliant providers — we never handle or store full card numbers.

No system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. Please use a strong, unique password for your account.

07 Data Retention

Data Type	Retention Period
Account data	Until account deletion, or 12 months after last sign-in
Study notes, generated content, saved metadata, and share metadata	Until you delete them, or upon account deletion
Uploaded files, extracted text, and AI request payloads	Processed to provide the requested feature. Temporary extraction files are deleted after processing; queued request payloads expire after processing or cancellation.
Payment records	As required by financial regulations (up to 7 years)
Server logs	30 days (rolling)
Support communications	Until resolved + 12 months
Browser local storage and preferences	Until you clear site data, sign out, delete history, or delete your account

When data is no longer needed, it is securely deleted or anonymized where practical. Third-party providers may retain limited logs or processing records under their own policies.

08 Your Rights

Depending on your jurisdiction, you may have the following rights:

Access — request a copy of the personal data we hold about you.
Rectification — request correction of inaccurate data.
Erasure — request deletion of your personal data ("right to be forgotten").
Data portability — request your data in a structured, machine-readable format.
Restriction — request that we limit processing of your data.
Objection — object to processing based on legitimate interest.
Withdraw consent — where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, contact us at legal@idgaf.diy. We will respond within 30 days.

You can also delete your account and all associated data directly from within the app via Settings → Delete Account.

09 Children's Privacy

IDGAF AI is intended for users aged 13 and older. We do not knowingly collect personal data from children under 13. If we learn that we have collected data from a child under 13, we will take steps to delete it promptly.

If you believe a child under 13 has provided us with personal data, please contact us at support@idgaf.diy.

10 International Data Transfers

Your data may be transferred to and processed in countries other than your own. Our service providers, including Clerk, Supabase, Groq, OpenAI, Anthropic, DeepSeek, payment processors, Resend, Cloudflare, and Google Fonts, may operate in various jurisdictions.

Where data is transferred internationally, we ensure appropriate safeguards are in place, such as standard contractual clauses or equivalent protections under applicable law.

11 Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes:

We will update the "Effective date" at the top of this page.
For significant changes, we may notify you via email or an in-app notification.
Your continued use of the service after changes constitutes acceptance of the updated policy.

12 Contact Us

For privacy-related questions or to exercise your data rights:

📧

Privacy & Data Requests

legal@idgaf.diy

💬

General Support

support@idgaf.diy

Response time: within 2 business days

Related Policies

Privacy Terms Cookies Disclaimer Accessibility Contact

This document was last reviewed and updated on May 21, 2026.

↑ Back to top