Privacy Policy

EF Tech Ltd is the controller of your personal data for the purposes of UK GDPR and, where applicable, the EU GDPR.

Company name: EF Tech Ltd
Company number: 14986456
Registered office: Preston House, Preston Street, Bradford BD7 1JE, United Kingdom
General contact: hello@testudy.io
Data protection contact: admin@testudy.io

• We process personal data to provide, secure, improve, and support Testudy.
• We use cookies and similar technologies for essential functions and, with consent where required, analytics and marketing.
• We use service providers including Stripe, Google Analytics, PostHog, and Brevo.
• We do not intentionally collect sensitive personal data unless you choose to submit it, and we ask you not to do so unless necessary.
• You may have privacy rights including access, correction, deletion, objection, restriction, and portability depending on your location.

We may collect and process the following categories of personal data:

• Account data (name, email address, username, password hash, login credentials)
• Profile data (avatar, preferences, settings, linked social profile details)
• Subscription and billing data (plan, billing status, Stripe identifiers; payment details are processed by payment providers)
• Usage and analytics data (pages viewed, events, features used, timestamps, diagnostics)
• Device and technical data (IP address, browser type, operating system, device characteristics, language)
• Learning content data (prompts, uploaded materials, generated course content, assessments, progress)
• Support and communications data (emails, feedback, support requests)
• Marketing preferences and consent choices
• Approximate location data inferred from IP address, where relevant for analytics/security

• Directly from you when you create an account, use the service, upload content, contact us, or subscribe
• Automatically via cookies, logs, analytics technologies, and device/browser signals
• From payment and service providers (for example Stripe for billing and subscription status)
• From authentication/social login providers when you sign in using supported social login methods

We use personal data to:

• Provide, operate and improve Testudy
• Create and manage your account and authenticate access
• Process subscriptions, renewals, cancellations and billing-related communications
• Generate learning content and provide assessments and progress tracking
• Send service messages, transactional emails, support responses, and administrative notices
• Analyse usage and performance (including product analytics and diagnostics)
• Prevent fraud, abuse, unlawful activity, and misuse of AI features
• Comply with legal obligations and enforce our terms
• Send marketing communications where you have consented or where otherwise permitted by law
• Protect someone's vital interests where necessary (for example preventing serious harm)

We rely on one or more of the following lawful bases:

• Performance of a contract (to provide the service you request)
• Legitimate interests (service improvement, security, fraud prevention, product analytics, support)
• Consent (for certain cookies/marketing where required)
• Legal obligation (compliance, accounting, tax, legal requests)
• Vital interests (where necessary to protect an individual)

If you are in Canada, we may rely on express or implied consent and other lawful grounds available under applicable Canadian privacy laws.

We use cookies and similar technologies for essential functionality, analytics, and marketing.

These may include:

• Essential/session cookies (authentication, security, preferences)
• Analytics cookies and event tracking (including Google Analytics and PostHog)
• Marketing-related cookies or scripts where applicable and permitted

You can control cookies through your browser settings and our cookie consent tools, including our Cookie Preferences page.

For more detail, please see our Cookie Policy.

We use third-party providers to support our service. These may process personal data on our behalf, including:

• Stripe (payments and subscription processing)
• Google Analytics (analytics)
• PostHog (product analytics)
• Brevo (email communications)
• Social login providers (where you choose to use them)
• Hosting/infrastructure and cloud service providers used to operate the platform

We aim to use providers with appropriate security and data protection safeguards.

If you choose to register or sign in using a social media or third-party login provider, we may receive profile information from that provider (such as your name, email address, and profile image), depending on your settings with that provider.

We use that information to authenticate you and operate your account. Your relationship with the social login provider is governed by that provider's own terms and privacy policy.

Some providers may process data outside the UK. Where we transfer personal data internationally, we take steps to ensure appropriate safeguards are in place (for example contractual safeguards or equivalent lawful transfer mechanisms).

If you access the services from outside the UK, your data may be processed in the UK and other countries where our providers operate.

We keep personal data only for as long as necessary for the purposes described in this policy, including providing the service, resolving disputes, enforcing agreements, and complying with legal, tax, and accounting obligations.

Retention periods may vary depending on the type of data and whether you maintain an active account or subscription.

Where possible, we delete or anonymise data when it is no longer required. In some cases, data may remain in secure backups for a period before deletion.

We use reasonable technical and organisational measures to protect personal data. However, no system is completely secure, and we cannot guarantee absolute security.

Transmission of information over the internet is at your own risk, and you should use secure devices and networks when accessing the services.

Testudy is intended for users aged 13 and over. We do not knowingly collect personal data from children under 13.

If you believe a child under 13 has provided personal data to us, please contact us at admin@testudy.io so we can investigate and take appropriate action.

Subject to applicable law, you may have the right to request access, correction, erasure, restriction, objection, portability, and withdrawal of consent (where processing is based on consent).

Depending on your location, additional rights may apply (for example under UK GDPR, EU GDPR, Swiss, Canadian, or certain US state privacy laws).

To exercise your rights, contact admin@testudy.io. We may need to verify your identity before responding.

If you are in the UK, you may complain to the UK Information Commissioner's Office (ICO). If you are in the EEA, you may also contact your local supervisory authority.

If you receive marketing emails from us, you can unsubscribe at any time using the unsubscribe link in the email or by contacting us.

We may still send service-related messages that are necessary for account administration, billing, security, or support.

Some browsers offer a "Do Not Track" (DNT) setting. Because there is no consistent industry standard for DNT recognition and implementation, we do not currently respond to DNT signals.

If a recognised standard is adopted and becomes applicable, we may update this policy to describe our approach.

Residents of certain US states may have additional rights (such as access, correction, deletion, portability, and opt-out rights) under applicable state privacy laws. We will review and respond to valid requests as required by applicable law.

We do not sell personal information for money. Where applicable laws define certain advertising-related disclosures or sharing as a "sale" or "sharing", you may exercise opt-out rights through our cookie controls and by contacting us.

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the "Last updated" date.

If we make material changes, we may also provide additional notice where appropriate.

For privacy questions or requests, contact:
admin@testudy.io

General enquiries:
hello@testudy.io

Postal contact:
EF Tech Ltd
Preston House, Preston Street, Bradford BD7 1JE, United Kingdom

Subject to applicable law, you may request access to, correction of, or deletion of personal data we hold about you, and request information about how we process it.

You may also request account deletion by contacting us at admin@testudy.io. We may retain certain information where required for legal, security, fraud prevention, accounting, or contractual reasons.