Esuppe

Privacy Policy

Last updated: December 25, 2025

1. Introduction

Esuppe is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our service.

By using our service, you agree to the collection and use of information in accordance with this policy.

2. Data Controller

The data controller responsible for your personal data is:

Esuppe
Email: privacy@esuppe.com (Please note: This contact and data controller information may change as our service evolves. Always refer to the latest version of this policy for current details.)

3. Information We Collect

3.1 Account Information

  • Email address
  • Username
  • Password (hashed and encrypted)
  • Account creation date
  • Email verification status

3.2 Usage Data

  • Problem-solving sessions and answers
  • AI evaluation results and feedback
  • Completion statistics and metrics
  • Time spent on problems
  • Progress through learning paths

3.3 Technical Data

  • Cookies and similar tracking technologies

4. How We Use Your Information

We use your personal data for the following purposes:

  • Service Delivery: To provide and maintain our service, including problem-solving sessions and AI evaluations
  • Account Management: To create and manage your account, verify your email, and authenticate you
  • Progress Tracking: To track your progress, calculate metrics, and provide personalized feedback
  • Communication: To send you account-related emails (confirmations, password resets)
  • Service Improvement: To analyze usage patterns and improve our service
  • Security: To protect against fraud, abuse, and security threats

5. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal bases:

  • Contract (Article 6(1)(b)): Processing necessary for the performance of our service contract with you
  • Legitimate Interest (Article 6(1)(f)): For service improvement, security, and analytics
  • Consent (Article 6(1)(a)): For non-essential cookies and optional features

6. Third-Party Processors

We use the following third-party services that may process your personal data:

  • OpenAI: For AI-powered evaluation of your problem-solving answers
  • Google: For OAuth authentication (if you choose to sign in with Google)
  • Email Service Provider: For sending account-related emails
  • Azure (Microsoft): For hosting our services and database storage

All third-party processors are bound by data processing agreements and are required to comply with GDPR.

7. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

  • Account Data: Retained until you delete your account
  • Session Data: Retained for a limited period after account deletion or inactivity, after which it will be anonymized
  • Logs: Retained for a limited period

You can request deletion of your data at any time by contacting us or using the account deletion feature.

8. Your Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access (Article 15): Request a copy of all personal data we hold about you
  • Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing (Article 18): Request limitation of how we process your data
  • Right to Data Portability (Article 20): Request your data in a structured, machine-readable format
  • Right to Object (Article 21): Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us at privacy@esuppe.com or use the data export feature in your account settings.

9. Cookies

We use the following types of cookies:

  • Essential Cookies: Required for authentication and security (e.g., session cookies, CSRF tokens)
  • Functional Cookies: Enhance functionality and user experience

You can manage your cookie preferences through your browser settings or our cookie consent banner.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of data at rest
  • Secure password hashing
  • Regular security audits
  • Access controls and authentication

11. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where applicable.

12. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within time and inform affected users without undue delay.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Email: privacy@esuppe.com