Privacy Policy

MedSchool is committed to maintaining the privacy of its users across all platforms, including on our website and while using our app. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

Information We Collect From You

MedSchool collects your Personal Data as a data controller. Personal Data means any information that can be used to identify you directly or indirectly. The types of Personal Data collected may include Registration Information, Transaction Information, Usage Data, and information from cookies and similar technologies.

Account Information
When you register for an account with MedSchool, we collect your username, email address, and encrypted password. We also collect your consent preferences and the date you accepted our terms and conditions. You must provide explicit consent by checking the appropriate boxes during registration.
Legal Basis: Contract performance and legitimate interests in providing our services.

Transaction Information
If you purchase MedSchool Premium, you may provide your full name, billing address, and payment information including credit card details. This Transaction Information is processed directly by our certified third-party payment processors (such as Stripe or PayPal) who securely handle your payment. We do not store complete payment card information on our servers, though we may retain the last four digits of your card and transaction records for customer service and refund purposes.
Legal Basis: Contract performance and legitimate interests in processing payments.

Usage Data
When you visit our website or use our app, we automatically collect certain data about your usage patterns and device information. This may include app launch frequency and session duration, pages visited and features used, device type and operating system information, browser type, IP address and general location data, learning progress and performance metrics, and timestamps of activities. You can manage your Usage Data collection preferences in your account settings at any time.
Legal Basis: Legitimate interests in improving our services and user experience.

Cookies and Similar Technologies
We use cookies, web beacons, and similar tracking technologies to enhance your browsing experience and collect usage information. These technologies help us remember your login status and preferences, analyze website traffic and user behavior, provide personalized content and recommendations, and deliver targeted advertisements (with your consent). You can control cookie settings through your browser preferences. Please note that disabling certain cookies may affect the functionality of our services.

How We Use Your Information

Service Provision and Improvement
We use your Personal Data to provide, maintain, and improve our educational services, personalize your learning experience and content recommendations, analyze usage patterns to optimize app performance and user experience, conduct research and development to enhance our educational offerings, and provide customer support and respond to your inquiries.

Communication
We may use your contact information to send important service updates and security notifications, provide customer support responses, send educational content and tips (with your consent), and notify you of new features or services that may interest you.

Trial Period
During your trial period, you will receive up to three emails over ten days providing information about MedSchool's features and sections. You can unsubscribe from these communications at any time using the unsubscribe link in each email or by updating your preferences in your account settings.

Legal and Safety Purposes
We may process your information when necessary to comply with legal obligations and respond to lawful requests, protect our rights, property, and safety, and that of our users, prevent fraud, abuse, or security incidents, and enforce our terms of service.

Storage and Security of Your Information

Your Personal Data is stored within secure systems designed to protect against unauthorized access, alteration, disclosure, or destruction. We implement appropriate technical and organizational security measures, including encryption of data in transit and at rest using industry-standard SSL/TLS technology, regular security assessments and updates, access controls and authentication procedures, and employee training on data protection principles. While we take reasonable measures to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but will notify you of any material security breaches as required by law. If you have any questions about the security of MedSchool, please contact us using the means below.

Data Retention

We retain your Personal Data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Specifically: Account Information is retained while your account is active and for up to 2 years after account deletion; Usage Data is retained for up to 3 years for analytics and improvement purposes; Transaction Records are retained for up to 7 years for tax and legal compliance; and Marketing Communications are retained until you unsubscribe. When we no longer need your Personal Data, we will securely delete or anonymize it.

Third Parties

Service Providers
We may share your Personal Data with trusted third-party service providers who assist us in operating our services, including payment processors, cloud hosting providers, analytics providers, customer support platforms, and email delivery services. These providers are contractually obligated to protect your data and use it only for specified purposes.

Business Transfers
In the event of a merger, acquisition, or sale of assets, your Personal Data may be transferred to the acquiring entity, subject to the same privacy protections.

Legal Requirements
We may disclose your Personal Data when required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights or the safety of others.

Aggregated and Anonymized Data
We may share aggregated, anonymized, or de-identified Usage Data with third parties for research, analytics, or marketing purposes. This information cannot be used to identify you personally.

Choices About Your Information

Accessing Your Information
You have the right to access the Personal Data we hold about you. You can view and download most of your information directly from your account settings. For additional information, please contact us using the details below.

Updating Your Account Information
You can update your email, username, password, and communication preferences by visiting your Account Settings page. For other changes to your Personal Data, please contact us.

Data Portability
You have the right to receive your Personal Data in a structured, commonly used, and machine-readable format. You can export your data from your account settings or contact us for assistance.

Marketing Communications
You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails, updating your preferences in account settings, or contacting us directly.

Deleting Your Account
You can delete your account and associated Personal Data by visiting the Account Settings page. Please note that some information may be retained for legal or legitimate business purposes as described in our Data Retention section.

Transfer of Information Internationally

Your Personal Data may be stored and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers, including adequacy decisions by relevant privacy authorities, standard contractual clauses approved by privacy regulators, and binding corporate rules or certification schemes. The collection, storage, and use of your Personal Data will be governed by this Privacy Policy regardless of location.

Use by Minors

MedSchool is not intended for individuals under the age of 13. We do not knowingly collect Personal Data from children under 13. If you are a parent or guardian and believe your child has provided us with Personal Data, please contact us immediately, and we will delete such information. For users between 13 and 18, we recommend obtaining parental consent before using our services.

Your Privacy Rights

Depending on your location, you may have additional rights regarding your Personal Data, including the right to object to processing based on legitimate interests, right to restrict processing in certain circumstances, right to lodge a complaint with a supervisory authority, and right to withdraw consent (where processing is based on consent). To exercise these rights, please contact us using the information below.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website, sending an email notification to registered users, and displaying a prominent notice in our app. Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

Get in Touch

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at [email protected].

This Privacy Policy is effective as of July 27th, 2025. We may revise it from time to time, and our most current version of the policy will be found at https://medschool.co/privacy.php.