Table of Content

Privacy Policy

Important Notice

This Privacy Policy describes how Hepteract Group ("we," "us," or "our") collects, uses, processes, and shares personal data when you use the Povotra platform, website, and services (collectively, the "Service"). As the provider of Povotra, Hepteract Group is committed to protecting your privacy and handling your data transparently.

Your privacy is important to us. Learn how we protect and handle your data.

Last Updated: December 2025 | Effective Date: December 1, 2025

1. Data Controller

The data controller responsible for the processing of your personal data is:

Hepteract Group
[Insert Hepteract Group's Address Here]
Contact: [Insert Support Email Address Here, e.g., privacy@hepteract.com]

2. Information We Collect

A. Information You Provide to Us

This is data you actively provide when creating an account or using Povotra features:

  • Account Data: Your name, email address, password (hashed), and any profile information you choose to provide (e.g., academic focus, graduation year).
  • Payment Data: For premium subscriptions, we collect payment information (e.g., last four digits of your card, billing address). Full transaction details are handled by third-party payment processors (like Stripe or PayPal).
  • Educational Content: Study notes, practice tests you create, flashcards, or any content you upload or generate within Povotra.
  • Communication Data: Records of your interactions with our support team or feedback you submit.

B. Information Collected Automatically

When you access or use Povotra, we automatically collect certain data about your device and usage:

  • Usage Data: Details on how you use the Service, including pages/features you access, time spent on pages, search queries you enter, and the number of tests you complete.
  • Device Data: Information about the device and browser you use to access Povotra, including IP address, device type, operating system, browser type, and unique device identifiers.
  • Location Data: General location information derived from your IP address (country or city level) for compliance and to provide you with relevant content.
  • Cookies and Tracking: We use cookies, web beacons, and similar technologies to collect information, remember your preferences, and track your activity over time.

3. How We Use Your Information (Purpose of Processing)

We use the collected information for the following specific purposes:

A. To Provide and Maintain the Service

  • To create, manage, and verify your Povotra account.
  • To process your subscription payments and deliver the premium features you purchased.
  • To deliver, personalize, and improve the core functionality of Povotra, such as adaptive learning paths and test generation.

B. For Research and Product Improvement

  • To analyze user behavior and trends to understand the effectiveness of Povotra features.
  • To test and introduce new product features, improve our algorithms, and optimize user interface design.
  • To troubleshoot technical issues, monitor for errors, and enhance the security of the platform.

C. For Security and Legal Compliance

  • To detect, investigate, and prevent fraud, security breaches, and illegal activities.
  • To comply with our legal obligations, resolve disputes, and enforce our terms of service.

D. For Communication and Marketing

  • To respond to your inquiries, provide customer support, and send you service-related notifications (e.g., password resets).
  • To send you marketing communications about new Povotra features, promotional offers, or other products from Hepteract Group, provided you have consented to such communications.

4. How We Share Your Information

We may share your personal data with the following categories of recipients:

  • Hepteract Group Affiliates: We may share data within the Hepteract Group corporate group for internal administration, reporting, and delivering integrated services.
  • Service Providers: We engage trusted third-party service providers to perform functions on our behalf, such as cloud hosting (e.g., Google Cloud, AWS), payment processing, email delivery, and data analytics. These providers are bound by contract to protect your data and only use it for the purposes we specify.
  • Legal and Regulatory Authorities: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect our rights or property, or ensure the safety of our users or the public.
  • Business Transfers: If Hepteract Group is involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any such change of ownership or control.

5. Your Data Protection Rights

Depending on your location (e.g., in the European Economic Area under GDPR or in California under CCPA), you may have the following rights regarding your personal data:

  • Right to Access: The right to request copies of the personal data we hold about you.
  • Right to Rectification: The right to request that we correct any information you believe is inaccurate or incomplete.
  • Right to Erasure (Right to be Forgotten): The right to request that we delete your personal data under certain conditions.
  • Right to Restrict Processing: The right to request that we limit the way we use your personal data.
  • Right to Object to Processing: The right to object to our processing of your personal data, particularly for direct marketing purposes.
  • Right to Data Portability: The right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

To exercise any of these rights, please contact us at the address provided in Section 1.

6. Data Security and Retention

Security: Hepteract Group implements technical and organizational measures designed to protect your data from accidental loss, unauthorized access, misuse, alteration, or disclosure. However, no internet transmission or storage system is 100% secure, and we cannot guarantee absolute security.

Retention: We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including for satisfying any legal, accounting, or reporting requirements. When it is no longer necessary to retain your data, we will securely delete or anonymize it.

7. Children's Privacy

Povotra is intended for users who are 16 years of age or older. We do not knowingly collect personally identifiable information from anyone under the age of 16. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers. If you believe a child under 16 has provided us with personal data, please contact us immediately.

8. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. We encourage you to review this Privacy Policy periodically for any changes.

9. Contact Us

If you have any questions or concerns about this Privacy Policy, our data practices, or if you wish to exercise your rights, please contact the Data Controller at:

Hepteract Group (via Povotra Support)
Email: [Insert Dedicated Privacy Email Address Here]
[Insert Mailing Address (Optional)]