Privacy Policy

1. Information we collect

When you create an account, we collect your name, email address, and organisation details. When you use the platform, we collect usage data including practice session results, scores, and learning progress. When you provide your company URL during onboarding, our AI processes publicly available information from your website.

2. How we use your information

We use your information to:

• Provide and improve the training platform
• Generate personalised training content via AI
• Send transactional emails (password resets, invitations)
• Process payments via Stripe
• Provide team analytics to your organisation administrators

3. Third-party services

We use the following third-party services:

• Neon — database hosting (PostgreSQL)
• Stripe — payment processing
• Cloudflare — CDN, DNS, and DDoS protection
• Resend — transactional email delivery
• Anthropic / OpenAI — AI model providers for training content generation and scoring
• Firecrawl — website crawling during onboarding

4. Data storage and security

Your data is stored in the EU (Neon Postgres in eu-central-1). Connections are encrypted via TLS. Passwords are hashed using bcrypt. We do not sell your personal data to third parties.

5. Cookies

We use essential cookies for authentication (session tokens). We do not use third-party tracking cookies or advertising cookies.

6. Your rights

You can request access to, correction of, or deletion of your personal data at any time by emailing jamie@thesdrcourse.com. You can delete your account from the Settings page in the app.

7. Changes to this policy

We may update this policy from time to time. We will notify you of material changes via email or an in-app notification.

8. Contact

Questions about this policy? Email jamie@thesdrcourse.com.