Privacy Policy

Last updated: April 2026

The Nursing Disruptor is an educational NCLEX preparation platform. This policy explains what we collect during the closed beta, why we collect it, and the controls available from your account.

Data we collect

• Account data, including email address, role, and authentication identifiers.
• Study activity, including question attempts, mistakes, sessions, flashcards, bookmarks, notes, tutor messages, and feedback.
• Billing data handled through Stripe, such as customer and subscription identifiers. We do not store card numbers.
• Support and product feedback that you choose to send us.
• Analytics and diagnostic events when permitted by your cookie choices.

How we use data

• To provide the service, save your progress, and personalise your study experience.
• To operate free-preview limits, subscriptions, billing, and account support.
• To improve content quality, tutor safety, reliability, and product usability.
• To send essential service messages about account, billing, export, or deletion activity.
• To maintain security, audit trails, abuse prevention, and error monitoring.

Your choices and rights

You can export or delete your data at any time from your account page. Account deletion includes a 30-day cancellation window before hard deletion. We may retain limited anonymised or aggregate records where needed for content analytics, security, compliance, and financial records.

Vendors

We use trusted vendors to run the platform, including Supabase for auth, database, and storage; Stripe for billing and hosted checkout; PostHog for consent-gated product analytics; Sentry for error monitoring; and AI providers for tutor and content-quality workflows.

Sub-processors

The following sub-processors handle limited categories of data on our behalf. Each is bound by a data-processing agreement and access is restricted to what they need for their stated purpose.

• Anthropic — AI tutor and AI advisor inference.
• DeepSeek — AI explanations for incorrect answers.
• Supabase — authentication and database hosting.
• Stripe — payments, subscription management, and hosted checkout.
• PostHog — consent-gated product analytics and feature flags.
• Sentry — error monitoring and performance traces.
• Vercel — application hosting and edge delivery.
• Resend — transactional and lifecycle email (not yet wired; will be enabled in a future release).

Security and retention

We use access controls, audit logs, encryption where appropriate, and least privilege operating practices. Closed-beta data is retained only for as long as needed to provide the service, meet legal obligations, resolve disputes, and improve the product.

Contact

Privacy questions: privacy@thenursingdisruptor.com.