Privacy Policy — AdmitTrack

This Privacy Policy explains how AdmitTrack ("AdmitTrack," "we," "us," or "our") collects, uses, stores, discloses, and deletes personal information when you use the AdmitTrack website, web application, and iOS application (collectively, the "Service").

By using the Service, you acknowledge that your information will be handled as described in this Privacy Policy.

1. Who operates the Service

Service name: AdmitTrack
Operator: Churilov Aleksandr Alekseevich
Contact email: appbuilddesk@gmail.com

2. Scope of this Privacy Policy

This Privacy Policy applies to information processed through:

• the AdmitTrack website;
• the AdmitTrack web application;
• the AdmitTrack iOS application;
• related support and account management communications.

This Privacy Policy does not apply to third-party websites, services, or applications that may be linked from the Service and that are governed by their own privacy policies.

3. Information we collect

We collect information you provide directly, information generated when you use the Service, and certain technical data required to operate accounts, sessions, synchronization, and reminders.

3.1 Account and authentication data

When you create or use an account, we may process:

• email address;
• hashed password;
• internal user identifier (such as UUID);
• registration date;
• last sign-in date or session-related timestamps;
• email confirmation and password reset status.

3.2 Profile and academic planning data

You may choose to store profile and admissions-related information, including:

• name;
• school;
• city;
• state or region;
• graduation year;
• GPA and weighted GPA;
• class rank;
• intended majors;
• test information, including SAT, ACT, and AP-related information;
• strengths, weaknesses, and personal notes.

3.3 Universities and application planning data

You may store information about universities and applications, including:

• university name;
• state or location;
• website;
• application type, such as EA, ED, or RD;
• application status;
• requirements;
• tags and organizational labels.

3.4 Activities, honors, research, and related records

You may store information such as:

• activities and extracurricular records;
• role and organization;
• hours and weeks;
• descriptions and outcomes;
• links;
• honors and awards;
• award level, including school, regional, national, or international;
• research-related information, including type, status, description, contribution, and publication information.

3.5 Essays, notes, deadlines, and checklists

You may store:

• essay text;
• essay version history;
• essay type;
• prompts;
• word limits;
• notes and categories;
• relationships between notes and other records;
• deadlines, including date, time, university, type, priority, and status;
• checklist completion status.

3.6 Documents and files

The Service may process document-related information, including:

• document metadata;
• document category, such as transcript, certificate, award, recommendation, essay, résumé, project, research, test result, financial document, or other category;
• file-related technical information when document upload is enabled in the version of the Service you use;
• file contents where upload functionality is available.

At present, some versions of the Service may support document metadata management before full user-facing file upload is enabled.

3.7 Technical, device, browser, and usage data

We may process technical information necessary to operate, secure, and improve the Service, such as:

• IP address;
• browser type;
• device type;
• operating system;
• app or web session events;
• timestamps;
• error and diagnostic events;
• account and security logs.

3.8 Local storage, cache, and session data

The web version of the Service may use:

• browser local storage for cached or offline copies of user data and interface preferences;
• language preference storage;
• authentication or session-related cookies and similar technologies required for account access and session continuity.

3.9 Communications

If you contact us or if the Service sends operational emails, we may process:

• your email address;
• the content of your message;
• verification emails;
• password reset emails;
• reminder emails related to admissions planning and deadlines.

4. How we use information

We use information for the following purposes:

• to create and manage user accounts;
• to authenticate users and maintain secure sessions;
• to verify email addresses;
• to provide the core functionality of the Service;
• to store, synchronize, display, organize, and update user content across supported versions of the Service;
• to provide reminders and account-related notifications;
• to maintain language and interface preferences;
• to protect the Service against abuse, unauthorized access, fraud, misuse, and technical failures;
• to troubleshoot bugs, monitor performance, and maintain reliability;
• to respond to support requests and user communications;
• to comply with legal obligations;
• to enforce our Terms of Use and other applicable policies.

5. Legal bases for processing

Where applicable under relevant law, we process personal information on one or more of the following bases:

• performance of a contract with you, including providing the Service and account functionality;
• your consent, where consent is required;
• our legitimate interests in operating, securing, and improving the Service;
• compliance with legal obligations.

6. How information is shared

We do not sell personal information.

We may share information only in the following circumstances:

6.1 Service providers and infrastructure providers

We may use third-party providers to operate the Service, including providers for authentication, database hosting, web hosting, storage, email delivery, and technical infrastructure.

Based on the current setup, this may include Supabase for authentication and database functions and Vercel for web hosting or deployment, if used.

6.2 Legal compliance and protection

We may disclose information if we believe disclosure is necessary to:

• comply with applicable law, regulation, court order, or lawful request;
• protect the rights, property, or safety of users, the Service, or others;
• investigate abuse, security incidents, or fraud.

6.3 Business transfers

If the Service is involved in a merger, acquisition, reorganization, asset sale, or similar transaction, user information may be transferred as part of that transaction, subject to applicable law.

7. Cookies, local storage, and similar technologies

The Service may use cookies, local storage, and similar browser technologies to:

• keep users signed in;
• preserve session state;
• support authentication flows;
• remember preferences, such as selected language;
• support caching and offline-related behavior where implemented;
• improve reliability and basic functionality.

You may be able to manage cookies and local storage through your browser settings, but disabling them may affect the functionality of the Service.

8. Data retention

We retain personal information for as long as necessary to provide the Service, maintain your account, fulfill the purposes described in this Privacy Policy, and comply with applicable legal obligations.

If you keep an active account, we generally retain your account data and stored content until you delete it or request deletion.

9. Account deletion and data deletion

You may request deletion of your account from within the Service where that functionality is provided.

When you delete your account, we delete your account and associated user data from the active systems of the Service without a waiting period, except where temporary retention may occur for technical reasons in logs, caches, or backups maintained by infrastructure providers, or where retention is required by law.

This means:

• your account should no longer remain active after deletion;
• your user-generated content associated with the deleted account is intended to be removed from active Service systems;
• limited technical remnants may persist temporarily in infrastructure logs, caches, or backup systems until overwritten or deleted in the ordinary course of operations.

10. Data security

We use reasonable administrative, technical, and organizational measures intended to protect personal information against unauthorized access, loss, misuse, alteration, or disclosure.

However, no method of transmission over the internet and no method of electronic storage is completely secure. We therefore cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your login credentials and for notifying us if you believe your account has been compromised.

11. International data processing

Depending on the infrastructure used to operate the Service, your information may be processed in countries other than your own. By using the Service, you understand that data may be processed by infrastructure providers in multiple jurisdictions, subject to applicable safeguards and legal requirements.

12. Children's privacy

The Service is not intended for children under the age of 13.

We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without appropriate authorization where required, we will take steps to delete that information.

13. Your rights and choices

Depending on your location and applicable law, you may have the right to:

• access personal information we hold about you;
• request correction of inaccurate information;
• request deletion of your information;
• object to or restrict certain processing;
• request a copy of certain information;
• withdraw consent where processing is based on consent.

To exercise privacy-related requests, contact: appbuilddesk@gmail.com

We may need to verify your identity before fulfilling certain requests.

14. Third-party links and content

The Service may contain links to third-party websites, including university websites and external resources. We are not responsible for the privacy practices of third-party services. You should review their own privacy policies before providing information to them.

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

If we make material changes, we may notify users through the Service, by email, or by updating the "Last updated" date above. Your continued use of the Service after the updated Privacy Policy becomes effective means the updated Privacy Policy will apply to your use of the Service.

16. Contact

If you have questions about this Privacy Policy or our privacy practices, contact:

Churilov Aleksandr Alekseevich
Email: appbuilddesk@gmail.com