Privacy Policy

Effective Date: January 4, 2026

Welcome to CFA Ethix. We are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your information. This Privacy Policy explains our practices regarding data collection and usage in connection with our iOS application.

1. Information We Collect

1.1 Account Information

When you create an account with CFA Ethix, we collect:

Email Address: Used for authentication and account recovery
Password: Stored securely using industry-standard encryption through our authentication provider (Supabase)
User ID: A unique identifier automatically generated for your account

1.2 Practice Data

As you use the app, we collect and store:

Saved/Bookmarked Problems: Questions you choose to save for later review
Answer Selections: Your chosen answers to practice questions
Practice Statistics: Daily practice counts and progress tracking data stored locally on your device
Timestamps: When you interact with practice problems

1.3 AI Interaction Data

When you use AI-powered features (practice question generation and AI Tutor chat):

Prompts and Queries: Your requests sent to AI providers (Gemini, OpenAI, Anthropic, or DeepSeek)
Generated Content: AI-generated vignettes, questions, and tutoring responses
Context Information: Problem details shared with the AI Tutor for personalized guidance

1.4 Technical Information

Device Information: iOS version and device type (for compatibility purposes)
App Version: To ensure you're using the latest features

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Core Functionality

Authenticate your identity and manage your account
Generate personalized CFA Level 2 Ethics practice questions
Save and retrieve your bookmarked problems
Track your daily practice progress
Provide AI-powered tutoring assistance

2.2 Service Improvement

Improve the quality and relevance of AI-generated content
Enhance app performance and user experience
Debug technical issues and maintain app stability

3. Data Storage and Security

3.1 Database Security

Supabase Platform: Your data is stored on Supabase's secure PostgreSQL database with industry-standard encryption
Row Level Security (RLS): Enforced at the database level to ensure users can only access their own data
Secure Authentication: Passwords are hashed and never stored in plain text

3.2 Local Storage

Daily practice counts are stored locally on your device using iOS AppStorage
This data is not transmitted to our servers

3.3 Data Isolation

Your data is strictly isolated from other users. Our database triggers and RLS policies ensure that:

You can only view, create, or delete your own saved problems
No other user can access your practice history or account information

4. Third-Party Services

CFA Ethix integrates with the following third-party services:

4.1 Supabase

Purpose: Authentication, database hosting, and backend infrastructure
Data Shared: Email, encrypted password, user ID, saved problems
Privacy Policy: https://supabase.com/privacy

4.2 AI Provider

DeepSeek: AI content generation - Privacy Policy

Note: When you use AI-powered features, your prompts and the generated content are sent to and processed by DeepSeek. DeepSeek may use the data according to their privacy policy.

5. Data Retention

Account Data: Retained for as long as your account is active
Practice Data: Saved problems remain in your account until you delete them or delete your account
Account Deletion: When you delete your account through the Settings menu, all associated data is permanently removed from our database

6. Your Rights and Choices

6.1 Access and Control

View Your Data: Access your profile and saved problems within the app
Delete Saved Problems: Swipe to delete individual bookmarked questions
Delete Account: Permanently remove your account and all associated data via Settings

6.2 Communication Preferences

Currently, CFA Ethix does not send marketing emails or push notifications. If we introduce such features in the future, you will have the option to opt out.

7. Children's Privacy

CFA Ethix is intended for use by CFA Level 2 candidates, typically adults. We do not knowingly collect information from children under 13 years of age. If you believe we have inadvertently collected such information, please contact us immediately.

8. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share data only in the following circumstances:

With Your Consent: When you explicitly agree to share specific information
Service Providers: With Supabase and AI providers as necessary to operate the app
Legal Requirements: If required by law, court order, or governmental regulation
Safety and Security: To protect the rights, property, or safety of our users or others

9. International Data Transfers

Your data may be stored and processed in data centers operated by our service providers (Supabase, AI providers) which may be located in different countries. By using CFA Ethix, you consent to the transfer of your information to these locations.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will:

Update the "Effective Date" at the top of this policy
Notify you through the app or via email
Provide you with an opportunity to review the changes before they take effect

Continued use of the app after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: bonniee2000@gmail.com

We will respond to your inquiry within 30 days.

12. Consent

By using CFA Ethix, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.

CFA Ethix
Last Updated: January 4, 2026