Privacy Policy

1. What This Policy Covers

This Privacy Policy explains how V3Cards handles information used to operate account authentication, flashcard storage, public sharing, AI features, billing, and transactional email features.

2. Information Collected

Depending on how you use the service, V3Cards processes:

• account information such as email address and authentication identifiers,
• profile information such as username, display name, biography, public profile setting, plan, and account status,
• study content such as set titles, set descriptions, flashcards, notes submitted for AI generation, and quiz-related inputs,
• sharing and community data such as public sets, comments, follows, and share tokens,
• billing-related identifiers such as Stripe customer IDs and checkout/session references,
• email content you instruct the service to send through in-app email functionality, where available.

3. How Information Is Used

V3Cards uses data to:

• create and secure user accounts,
• store and display flashcard sets and study progress interfaces,
• make profiles and sets public when the user chooses to do so,
• operate comments, follows, and sharing features,
• process subscriptions and maintain plan status,
• send account verification and other user-initiated email messages,
• generate AI flashcards, AI explanations, and AI-assisted grading.

4. Third-Party Processors

V3Cards relies on third-party providers to deliver the service:

• Supabase for authentication, database storage, and session handling,
• OpenAI for AI-powered generation, grading, and explanation features,
• Stripe for subscription checkout and billing processing,
• Resend for verification and application email delivery.

Information sent to these providers is limited to what is needed for the relevant feature to function.

5. Public Information

If you enable a public profile or make a set public, information such as your username, display name, bio, public sets, comments, and related content can be visible to other users or the public. Publicly shared content should be treated as public information.

6. Cookies and Sessions

V3Cards uses cookies needed for authentication and session continuity through Supabase. Based on the current implementation, the app does not describe separate advertising cookies or third-party analytics cookies in the codebase.

7. Payments

Payment card processing is handled by Stripe. V3Cards stores Stripe-related customer identifiers and subscription state needed to manage plan access, but not full payment card numbers in the application database.

8. Data Retention

Data is retained for as long as needed to operate the service, maintain account records, manage subscriptions, and preserve user-created content, unless it is deleted by the user, removed by the operator, or deleted due to account deletion or legal/operational requirements. Some records may persist in backups or provider systems for limited periods.

9. Security

V3Cards uses Supabase authentication, row-level security policies, server-side secrets, and provider-managed infrastructure to help protect stored data. No internet service can guarantee absolute security, and you should avoid submitting highly sensitive information to study fields or AI prompts.

10. Your Choices

You can, depending on feature availability:

• edit your profile information,
• change whether your profile is public,
• change whether sets are public or shared,
• delete sets or comments where the product allows it,
• manage subscriptions through checkout and billing flows.

11. International Processing

Because V3Cards uses cloud infrastructure and external providers, your information may be processed in countries other than your own depending on the provider infrastructure involved.

12. Changes to This Policy

This Privacy Policy may be updated from time to time to reflect service changes or legal requirements. Continued use of the service after updates take effect means the revised version applies.

13. Related Terms

Please also review the Terms of Service.