Privacy Policy

1. Information We Collect

Information you provide

• Account information. When you create an account, we collect your email address and, if you choose to provide one, your display name. If you sign up through Google OAuth, we receive your name and email address from Google.
• Payment information. When you subscribe to a paid plan, payment is processed by Stripe. We do not store your credit card number, bank account details, or other payment credentials. Stripe handles all payment processing and is subject to its own privacy policy.
• Support communications. If you contact us with a question or report, we collect the content of that communication.

Information generated through your use of the Service

• Quiz and performance data. We collect data about your quiz sessions, including your answers, scores, timing per question, tags you assign to questions, quiz configuration choices, and completion status. This data powers features like Smart Review, analytics, streaks, badges, and peer comparison statistics.
• Question reports. If you report a question as having an error, we collect the report content and associate it with the question.
• Usage data. We track daily question usage for free tier management and general analytics.

Information collected automatically

• Analytics data. We use Vercel Analytics and Vercel Speed Insights to understand how the Service performs and how it is used. These tools collect standard web analytics data such as page views, session duration, device type, browser, and general geographic region. This data is collected in aggregate and is not used to personally identify you.
• Error monitoring. We use Sentry for error tracking. When an error occurs, Sentry may collect technical information about the error including browser type, operating system, and the actions that led to the error. This data is used solely for debugging and improving the Service.
• Cookies and local storage. We use essential cookies and browser storage for authentication (keeping you logged in), theme preferences, and quiz session persistence (so you don’t lose progress if your browser refreshes). We do not use advertising cookies or third-party tracking cookies.

2. How We Use Your Information

We use the information we collect to:

• Provide and operate the Service, including quiz generation, scoring, Smart Review, analytics, and gamification features
• Process payments and manage subscriptions through Stripe
• Compute aggregate statistics such as peer accuracy benchmarks, question difficulty ratings, and category performance averages. These are derived from anonymized, aggregate data across all users.
• Enforce free tier usage limits
• Respond to your support requests and question reports
• Monitor and improve the Service’s performance, reliability, and user experience
• Communicate with you about your account, including transactional emails related to your subscription
• Send occasional product updates or educational content if you have opted in to receive such communications. You can opt out at any time.

3. How We Share Your Information

We do not sell your personal information. We do not share your personal information with third parties for their marketing purposes.

We share information only in the following circumstances:

• Service providers. We use third-party services to operate the Service. These include Supabase (authentication and database hosting), Stripe (payment processing), Vercel (web hosting and analytics), Cloudflare (DNS and CDN), Sentry (error monitoring), and Sanity (blog content management). These providers access your data only as necessary to perform their services and are subject to their own privacy policies.
• Aggregate data. We use anonymized, aggregate performance data to power features like peer benchmarks and difficulty scoring. This data cannot be used to identify individual users. For example, other users may see that “72% of users answered this question correctly” but they cannot see how any specific user performed.
• Legal requirements. We may disclose your information if required to do so by law, regulation, legal process, or governmental request.
• Business transfers. If Harrison East is acquired, merged, or sells its assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4. Data Retention

We retain your account information and performance data for as long as your account is active. If you request account deletion, we will delete your personal information within 30 days, except where we are required to retain it by law or for legitimate business purposes (such as resolving disputes or enforcing our Terms).

Anonymized, aggregate data (such as question accuracy statistics) is not deleted when an individual account is removed, as it cannot be traced back to you.

5. Data Security

We take reasonable measures to protect your information, including:

• All data is transmitted over HTTPS
• Database access is protected by Row Level Security (RLS) policies ensuring users can only access their own data
• Authentication is handled by Supabase Auth with industry-standard security practices
• Payment processing is handled entirely by Stripe, a PCI-compliant payment processor
• Administrative access to user data is restricted to authorized personnel

No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access. You can view your quiz history, performance data, and account information within the Service.
• Correction. You can update your account information through your profile settings.
• Deletion. You can request deletion of your account and associated personal data by contacting us at support@blip.dental. We will process your request within 30 days.
• Data export. You can request a copy of your personal data by contacting us at support@blip.dental.
• Opt out of communications. You can opt out of non-transactional emails at any time by using the unsubscribe link in the email or by contacting us.

If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction with applicable data protection laws, you may have additional rights including the right to restrict processing, the right to data portability, and the right to lodge a complaint with your local data protection authority.

7. International Users

The Service is hosted in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. By using the Service, you consent to this transfer. We process data from international users in accordance with applicable data protection laws.

8. Children’s Privacy

The Service is designed for dental students and professionals. We do not knowingly collect personal information from children under the age of 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at support@blip.dental.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the “Last updated” date at the top of this page. We encourage you to review this policy periodically. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

10. Contact

If you have questions about this Privacy Policy or our data practices, contact us at support@blip.dental.