Privacy Policy

1. Introduction

Neuroclusive ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our neuro-inclusive learning management system.

We take special care to protect sensitive data, particularly NeuroPrint assessment results and other neurodivergent user information. This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us:

• Name, email address, and account credentials
• Profile information (username, bio, photo)
• Organization and team membership information
• Communication preferences

2.2 Usage Data

We automatically collect information about how you use the Service:

• Learning progress and completion data
• Module and lesson interactions
• Quiz attempts and results
• AI tutoring session data
• Browser extension usage
• Device and browser information
• IP address and location data (general)

2.3 NeuroPrint Assessment Data

NeuroPrint assessments generate sensitive cognitive and psychometric data:

• Test responses and scores
• Cognitive pattern assessments
• Psychometric profiles
• Personality type indicators
• Productivity and learning style data

Special Protection: NeuroPrint data receives enhanced security measures including encryption at rest and in transit, strict access controls, and user-controlled sharing permissions.

3. How We Use Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Personalize your learning experience
• Generate and deliver NeuroPrint assessments and insights
• Track learning progress and provide analytics
• Enable AI-powered tutoring and remediation
• Send important service updates and notifications
• Respond to your inquiries and provide support
• Detect and prevent fraud, abuse, and security threats
• Comply with legal obligations

4. Legal Basis for Processing (GDPR)

We process your personal data based on:

• Consent: When you explicitly consent to processing (e.g., NeuroPrint assessments)
• Contract: To fulfill our contract with you (providing the Service)
• Legitimate Interests: To improve the Service, ensure security, and prevent fraud
• Legal Obligation: To comply with applicable laws and regulations

You have the right to withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing before withdrawal.

5. Data Sharing

5.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information or NeuroPrint data to third parties.

5.2 Service Providers

We may share information with trusted service providers who assist us in operating the Service, such as cloud hosting, analytics, and email services. These providers are contractually obligated to protect your information and use it only for specified purposes.

5.3 Organization Sharing

If you are a member of an organization, you may choose to share certain data (including NeuroPrint data) with that organization. You maintain full control over what is shared and can revoke access at any time.

5.4 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our users.

6. NeuroPrint Data Protection

NeuroPrint assessment data receives special protection due to its sensitive nature:

• Encryption: All NeuroPrint data is encrypted at rest using industry-standard encryption
• Access Controls: Strict access controls limit who can view NeuroPrint data
• User Consent: Explicit consent is required before processing NeuroPrint assessments
• Revocable Rights: You can revoke access permissions at any time
• Vault System: NeuroPrint data is stored in a secure vault with granular access controls
• Audit Logging: All access to NeuroPrint data is logged for security and compliance

You have complete control over your NeuroPrint data, including the ability to export it, delete it, or grant/revoke access to organizations.

7. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit (TLS) and at rest
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Secure coding practices and vulnerability management
• Employee training on data protection
• Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

• Account Data: Retained while your account is active and for a reasonable period after deletion
• Learning Progress: Retained to provide historical progress tracking
• NeuroPrint Data: Retained until you request deletion or your account is deleted
• Legal Requirements: Some data may be retained longer to comply with legal obligations

You can request deletion of your data at any time through your account settings or by contacting us.

9. Your Rights (GDPR)

You have the following rights regarding your personal data:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for processing based on consent
• Right to Lodge a Complaint: File a complaint with your data protection authority

To exercise these rights, please contact us at privacy@neuroclusive.com or use the data export/deletion features in your account settings.

10. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and support certain features of the Service.

• Essential Cookies: Required for the Service to function
• Analytics Cookies: Help us understand how users interact with the Service
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. However, disabling certain cookies may limit functionality of the Service.

11. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by data protection authorities
• Adequacy decisions recognizing equivalent data protection levels
• Other legally recognized transfer mechanisms

13. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on this page
• Sending an email notification to registered users
• Displaying a notice in the Service

Your continued use of the Service after such changes constitutes acceptance of the updated Privacy Policy.

14. Contact Information

If you have questions, concerns, or wish to exercise your rights regarding this Privacy Policy, please contact us:

We will respond to your inquiry within 30 days as required by GDPR.