Effective: April 7, 2026 · Last reviewed: April 7, 2026

Privacy Policy

This policy explains what personal data we collect, why we collect it, how we process and store it, and what rights you have. We are committed to protecting your information.

Contents

Who We Are
Information We Collect
How We Use Your Data
Legal Basis for Processing
Data Sharing & Third Parties
Data Storage & Security
Data Retention
Your Rights
Children's Privacy
International Data Transfers
Changes to This Policy
Contact Us

01 Who We Are

IDGAF AI is an AI-powered educational study platform that helps students generate summaries, flashcards, quizzes, and more from their study notes. The platform is operated independently and is accessible at idgafai.diy.

For data protection inquiries, you can contact us at support@idgafai.diy.

02 Information We Collect

Information You Provide

Account data — email address, display name, and password (hashed, never stored in plaintext).
Study content — notes, uploaded documents, text you paste or type for AI processing.
Payment information — billing details processed securely through our payment providers (Paystack, Flutterwave). We do not store full card numbers.
Communications — support emails, feedback, and any messages you send us.

Information Collected Automatically

Usage data — features used, generation counts, session duration, and study streaks.
Device information — browser type, operating system, screen resolution, and language preference.
Log data — IP address, access times, pages viewed, and referring URLs.
Cookies — session tokens and preference cookies. See our Cookie Policy for details.

Information We Do Not Collect

We do not collect biometric data, government IDs, or health information.
We do not track your location using GPS or fine-grained geolocation.
We do not sell or rent your personal data to anyone.

03 How We Use Your Data

Purpose	Data Used
Provide and maintain the service	Account data, study content
Process AI-generated study materials	Notes and uploaded files
Process payments and manage subscriptions	Email, billing details
Send operational emails (welcome, billing, security)	Email, display name
Improve product quality and fix bugs	Usage data, log data
Detect and prevent abuse, fraud, and security threats	IP address, usage patterns
Comply with legal obligations	As required by applicable law

We never use your study content to train AI models. Your notes and uploads are processed in real-time and are associated only with your account.

04 Legal Basis for Processing

We process your data under the following legal bases:

Contract performance — to deliver the service you have subscribed to or signed up for.
Legitimate interest — to improve our product, prevent abuse, and ensure platform security.
Consent — where you have given explicit consent, such as for marketing emails (you can withdraw at any time).
Legal obligation — to comply with applicable laws and regulations.

05 Data Sharing & Third Parties

We share data only with the following types of service providers, and only when necessary:

Provider	Purpose	Data Shared
Anthropic (Claude AI)	AI processing of study materials	Study content (notes text)
Supabase	Database, authentication	Account data, notes
Paystack / Flutterwave	Payment processing	Email, billing info
Resend	Transactional emails	Email address, display name

We do not sell, trade, or share your personal data with advertisers or data brokers.

06 Data Storage & Security

We take reasonable technical and organizational measures to protect your data:

All data is transmitted over HTTPS/TLS encryption.
Passwords are hashed and salted — we never store them in plaintext.
API keys and secrets are stored in environment variables, never in client-side code.
Rate limiting is applied across all API endpoints to prevent abuse.
Payment card details are processed directly by PCI-DSS compliant providers — we never handle or store full card numbers.

No system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. Please use a strong, unique password for your account.

07 Data Retention

Data Type	Retention Period
Account data	Until account deletion, or 12 months after last login
Study notes & generated content	Until you delete them, or upon account deletion
Payment records	As required by financial regulations (up to 7 years)
Server logs	30 days (rolling)
Support communications	Until resolved + 12 months

When data is no longer needed, it is securely deleted or anonymized.

08 Your Rights

Depending on your jurisdiction, you may have the following rights:

Access — request a copy of the personal data we hold about you.
Rectification — request correction of inaccurate data.
Erasure — request deletion of your personal data ("right to be forgotten").
Data portability — request your data in a structured, machine-readable format.
Restriction — request that we limit processing of your data.
Objection — object to processing based on legitimate interest.
Withdraw consent — where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, contact us at legal@idgafai.diy. We will respond within 30 days.

You can also delete your account and all associated data directly from within the app via Settings → Delete Account.

09 Children's Privacy

IDGAF AI is intended for users aged 13 and older. We do not knowingly collect personal data from children under 13. If we learn that we have collected data from a child under 13, we will take steps to delete it promptly.

If you believe a child under 13 has provided us with personal data, please contact us at support@idgafai.diy.

10 International Data Transfers

Your data may be transferred to and processed in countries other than your own. Our service providers (including Anthropic, Supabase, and payment processors) may operate in various jurisdictions.

Where data is transferred internationally, we ensure appropriate safeguards are in place, such as standard contractual clauses or equivalent protections under applicable law.

11 Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes:

We will update the "Effective date" at the top of this page.
For significant changes, we may notify you via email or an in-app notification.
Your continued use of the service after changes constitutes acceptance of the updated policy.

12 Contact Us

For privacy-related questions or to exercise your data rights:

📧

Privacy & Data Requests

legal@idgafai.diy

💬

General Support

support@idgafai.diy

Response time: within 2 business days

Related Policies

Privacy Terms Cookies Disclaimer Accessibility Contact

This document was last reviewed and updated on April 7, 2026.

↑ Back to top