Privacy Policy
Your privacy is important to us. Learn how we protect your data.
This Privacy Policy explains what we collect, how we use it, and the choices you have when using istabaq.com and related apps ("Service").
Our Privacy Commitments
- ✓No AI Training: We never use your data to train AI/LLM models
- ✓No Data Selling: We do not sell your personal information
- ✓No Third-Party Analytics: We do not use any third-party analytics tools
- ✓Your Rights: Access, correct, or delete your data anytime
1. What We Collect
Account Data
Name, email, password (hashed), profile details. If you sign in with Google, we receive basic account information you approve (e.g., name, email, profile image).
Content You Provide
Prompts, inputs, files you upload, answers/outputs you choose to save, and feedback.
Usage & Device Data
Pages viewed, features used, time and frequency, device type, operating system, browser, approximate location from IP, crash/diagnostic logs.
Cookies & Similar Tech
Small files to keep you signed in, remember preferences, and measure usage.
2. Strict Policy on AI/LLM Training
- •We do not use your personal data, prompts, inputs, messages, files, or answers/outputs to train AI or LLM models.
- •We do not allow any third party we use to train their models on your data or your content from the Service.
3. Analytics
- We do not use any third-party analytics tools to track your usage of the Service.
- We do not collect or share analytics data with external services.
- We do not use any data for targeted advertising.
4. How We Use Data
- Provide, operate, and secure the Service (authentication, fraud prevention, abuse detection).
- Improve features, performance, and user experience.
- Communicate about updates, security alerts, and support.
- Comply with legal obligations and enforce our Terms of Service.
5. Google Sign-In & Data Collection
What We Collect from Google
When you sign in with Google, we request and receive the following information:
- Name - To personalize your account and display your profile
- Email address - For authentication, account management, and important service communications
- Google User ID - To uniquely identify your account and enable secure authentication
Why We Need This Data
- Authentication - Securely verify your identity and allow you to access your account
- Save Your Progress - Store your exam history, practice test results, and study progress
- Personalization - Provide a customized learning experience based on your performance
- Account Management - Send you important updates about your account and the Service
How We Store Your Data
We use Supabase, a secure cloud database platform, to store your account and learning data:
- Encryption - All data is encrypted in transit (HTTPS/TLS) and at rest
- Access Control - Only authorized systems and personnel can access your data
- Data Location - Stored securely in Supabase's infrastructure with industry-standard security measures
- Backup & Recovery - Regular backups to prevent data loss
Google API Services Compliance:
We comply with the Google API Services User Data Policy, including its Limited Use requirements. We only use Google data to provide user-facing features you request, do not use it for advertising or AI training, and do not transfer it except as needed to operate those features.
6. Apple Sign-In & Data Collection
What We Collect from Apple
When you sign in with Apple on iOS devices, we request and receive the following information:
- Email address - For authentication and account management. Apple may provide a private relay email (@privaterelay.appleid.com) if you choose to hide your email.
- Name - For account personalization (only provided on first sign-in, optional)
- Apple User ID - To uniquely identify your account and enable secure authentication
Why We Need This Data
- Authentication - Securely verify your identity using Apple's authentication system
- Save Your Progress - Store your exam history, practice test results, and study progress
- Personalization - Provide a customized learning experience based on your performance
- Account Management - Send important updates about your account and the Service
Apple Private Email Relay
If you choose to hide your email, Apple creates a unique, random email address that forwards to your personal email. We treat this relay address the same as a regular email address and use it only for Service-related communications.
Revoking Apple Sign-In Access
You can stop using Apple Sign-In with our Service at any time by going to: Settings → Apple ID → Password & Security → Apps Using Apple ID → Istabaq → Stop Using Apple ID
7. When We Share Data
Service Providers
Trusted vendors that host our infrastructure, send emails, or provide support tools. They may only process data for us under strict confidentiality and security obligations.
Legal & Safety
To comply with law, respond to legal requests, or protect rights, safety, and the integrity of the Service.
Business Transfers
In a merger, acquisition, or asset sale, data may transfer as part of the transaction; we will continue to protect it as described here.
We do not sell personal data.
8. Cookies & Controls
- Necessary cookies run the core site (sign-in, security, preferences).
- Analytics cookies help us understand usage.
- Your browser may let you block or delete cookies; the Service may not work properly without necessary cookies.
9. Data Retention
We keep personal data only as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. Where possible, we de-identify or aggregate data.
10. Security
We use reasonable administrative, technical, and physical safeguards to protect personal data.
No method of transmission or storage is 100% secure.
11. Your Rights & Choices
Depending on your location, you may have rights to:
- Access, correct, or delete your personal data.
- Download a copy (data portability).
- Object to or restrict certain processing.
- Withdraw consent where processing is based on consent.
To exercise rights, contact support@istabaq.com
We may verify your identity before responding.
12. Student & Minor Use
The Service is designed primarily for Sixth Preparatory (السادس الإعدادي) students, typically 17–19 years old.
If you are under 18, use requires parent/guardian consent (or school consent where applicable).
The Service is not intended for children under 13.
13. International Transfers
If we transfer data across borders, we use appropriate safeguards consistent with applicable data-protection requirements.
14. Changes to This Policy
We may update this Policy. If changes are material, we will provide notice (for example, by email or in-product). Continued use of the Service after the update means you accept the revised Policy.
15. Contact
Questions or requests about this Privacy Policy?
Contact us at: support@istabaq.com
Your Privacy Matters
We are committed to protecting your privacy and being transparent about how we handle your data.
If you have any questions or concerns, please don't hesitate to reach out to us.