Privacy Policy
Effective Date: March 27, 2026 · Last Updated: March 27, 2026
SATDrill (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard information when you use our website at satdrill.com and related services (collectively, the “Service”).
By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the Service.
1. Information We Collect
A. Information You Provide Directly
When you register or use the Service, we may collect:
| Category | Items Collected |
|---|---|
| Account Registration | Email address, password (hashed), display name, date of birth (optional) |
| Payment Information | Processed by PayPal — we do not store credit card numbers or bank details |
| Profile & Preferences | Target SAT score, exam date, study goal, grade level (optional) |
| Support & Feedback | Messages, feedback, or bug reports you send to us |
B. Information Collected Automatically
When you use the Service, the following data is generated or collected automatically:
- Study Activity: Questions answered, answer choices, correctness, time spent per question, concept categories practiced
- Exam Data: Mock test scores, module performance, adaptive tier routing, score history
- Usage Data: Pages visited, features used, session duration, button clicks
- Device & Technical Data: IP address, browser type, operating system, device identifiers, referring URL
- Cookies & Local Storage: Session tokens, preferences, exam state (see Section 5)
2. How We Collect Information
- Directly from you when you register, fill out forms, or contact us
- Automatically through cookies, local storage, and server logs as you interact with the Service
- From third-party services such as PayPal (payment processing) and Supabase (database/authentication), solely for service operation purposes
3. How We Use Your Information
| Purpose | Description |
|---|---|
| Service Delivery | Provide adaptive practice, personalized recommendations, and score reports |
| Account Management | Authenticate users, manage subscriptions, process payments via PayPal |
| Personalization | Track progress, identify weak concepts, adjust difficulty, generate targeted drills |
| Analytics & Improvement | Analyze usage patterns to improve question quality and platform features |
| Communications | Send account-related emails (verification, billing, support replies); no spam marketing |
| Safety & Security | Detect fraudulent activity, enforce Terms of Use, protect user accounts |
| Legal Compliance | Comply with applicable law, respond to lawful requests from authorities |
We do not use your personal information or study data to serve targeted advertising from third parties.
4. Information Sharing and Disclosure
We do not sell your personal information. We may share information only in the following circumstances:
A. Service Providers (Data Processors)
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database & authentication | Account info, study records, analytics events |
| PayPal | Payment processing | Email, subscription plan (PayPal handles billing data) |
| Vercel | Hosting & CDN | Server logs, IP addresses |
| Anthropic Claude API | AI content generation (admin/marketing tools only) | No user study data |
All service providers are contractually required to handle data securely and only for the specified purposes.
B. Legal Requirements
We may disclose information if required by law, court order, or government authority, or if we believe disclosure is necessary to protect the rights, property, or safety of SATDrill, our users, or the public.
C. Business Transfers
If SATDrill is involved in a merger, acquisition, or asset sale, user information may be transferred as part of that transaction. We will notify users before personal information becomes subject to a different privacy policy.
5. Cookies and Automatic Data Collection
What Are Cookies?
Cookies are small text files stored on your device by your browser. We also use browser localStorage to preserve your exam state, vocabulary progress, and preferences across sessions.
What We Use
- Session cookies: Maintain your logged-in state (expire when browser closes)
- Persistent localStorage: Save exam progress, vocabulary spaced-repetition data, wrong answer notebook entries — so your work is never lost
- Analytics: We log feature usage events (e.g., exam started, question answered) to our own database for product improvement. We do not use Google Analytics or Facebook Pixel.
How to Opt Out
You can disable cookies in your browser settings. Note that disabling cookies may prevent login and break core features of the Service. To clear localStorage, use your browser's developer tools or clear site data from browser settings.
6. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service. Specific retention periods:
| Data Type | Retention Period |
|---|---|
| Account information | Until account deletion + 30 days |
| Study activity & exam history | Duration of account + 30 days after deletion |
| Payment records | 5 years (required by financial regulations) |
| Support communications | 2 years from last interaction |
| Server access logs (IP, requests) | 90 days |
| Analytics events (anonymized) | Up to 2 years for product analysis |
7. Data Deletion and Destruction
When personal data is no longer needed:
- Database records are permanently deleted using secure deletion commands (not soft-deleted)
- Backups are purged on their standard rotation schedule (within 30 days)
- Third-party processors are instructed to delete your data upon account termination, per our data processing agreements
To request deletion of your account and data, email support@satdrill.com. We will process your request within 30 days.
8. Your Rights and Choices
You have the following rights regarding your personal information:
- Access: Request a copy of the personal data we hold about you
- Correction: Update inaccurate or incomplete information via your account settings or by contacting us
- Deletion: Request deletion of your account and associated personal data
- Portability: Request your study history and performance data in a structured format
- Opt-out of communications: Unsubscribe from non-essential emails at any time via the unsubscribe link or by contacting us
- Withdraw consent: Where processing is based on consent, you may withdraw it at any time (this does not affect prior processing)
To exercise any of these rights, contact us at support@satdrill.com. We will respond within 30 days.
Residents of California (CCPA) or the European Economic Area (GDPR) may have additional rights. Please contact us for jurisdiction-specific requests.
9. Children's Privacy (COPPA)
SATDrill is designed for high school students, including users who may be under 13 years of age. We comply with the Children's Online Privacy Protection Act (COPPA).
- We do not knowingly collect personal information from children under 13 without verifiable parental consent
- We do not show behavioral advertising to any users, including minors
- We do not share student data with third parties for commercial purposes
- Student data is used solely to provide the educational service
If you are a parent or guardian and believe your child under 13 has provided personal information without your consent, please contact us at support@satdrill.com and we will promptly delete it.
10. Data Security
We implement industry-standard technical and organizational measures to protect your information:
- Encryption in transit: All data is transmitted over HTTPS/TLS
- Encryption at rest: Database data stored via Supabase with encryption at rest
- Password security: Passwords are hashed using bcrypt — we never store plaintext passwords
- Access control: Only authorized personnel have access to production data; access is logged and reviewed
- Regular backups: Automated daily backups with secure off-site storage
While we take reasonable precautions, no method of internet transmission or electronic storage is 100% secure. In the event of a data breach affecting your personal information, we will notify you as required by applicable law.
11. Third-Party Services
Our Service may contain links to third-party websites or use third-party services (e.g., PayPal for payments). These third parties have their own privacy policies, and we are not responsible for their practices. We encourage you to review the privacy policies of any third-party services you interact with.
SAT® is a registered trademark of College Board. SATDrill is an independent service and is not affiliated with, endorsed by, or sponsored by College Board.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes, we will revise the “Last Updated” date at the top of this page.
- For minor changes (e.g., clarifications, provider updates): we will post the updated policy with at least 7 days' notice
- For material changes affecting how we use your data: we will notify you by email or prominent notice on the Service at least 30 days before the change takes effect
Continued use of the Service after changes take effect constitutes your acceptance of the revised policy.
13. Contact Us
For any privacy-related questions, requests, or concerns:
인텐시브 러닝센터 (Intensive Learning Centre) — Privacy Team
대표자: 조수민 (Cho SuMin)
사업자등록번호: 229-31-01661
통신판매업신고번호: 제2026-경기송탄-0311호
주소: 경기도 평택시 이충로 60 #104-903
Email: support@satdrill.com
Subject line: Privacy Request
Response time: Within 30 days
If you are unsatisfied with our response, you may have the right to lodge a complaint with your local data protection authority.