Legal · Privacy Policy

How inaraX handles your data

This Privacy Policy explains what personal data we collect when you use inaraX, how we use and share it, and the choices you have. It is written to describe what our code actually does today, not a hypothetical future product.

1. Who we are

inaraX is a learning platform that uses AI to personalize technical education. When we say “we”, “us” or “our” in this Privacy Policy, we are referring to the team operating the inaraX platform and related services.

2. What data we collect

Based on how our application is built, we collect and process the following categories of personal data when you use inaraX:

a) Account and identity data

When you sign up or sign in, we receive identity information from our authentication provider, including:

  • Name and email address
  • Profile image (if you choose to use one)
  • Identifiers associated with your account (for example, user IDs used internally in our database)
  • Organization membership information where your account is linked to an organization

b) Learning and assessment data

Our core product is built around placement quizzes, lessons and continuous assessment. To power this, we store:

  • Your course enrollments and progression (which courses you are in, which modules and lessons you have opened or completed)
  • Placement quiz attempts, scores, and derived placement levels
  • Quiz submissions and outcomes, including your answers, grading results, and signals our system derives (for example, where you are struggling or advancing quickly)
  • Generated lesson variants and personalized or remedial lessons that are created for you based on your domain, goals and performance
  • Credential and certificate information where applicable (for example, badges and their status, issue date and renewal history)

c) Preference and settings data

To personalize your learning path, our code stores per-course user settings such as:

  • Which course you are learning in (course ID)
  • Your chosen domain or track within a course
  • Your future goal or outcome for that course (for example, a target role)

d) Usage, log and technical data

Like most web applications, we collect technical information about how you access and use inaraX, including:

  • IP address, browser type, and basic device information
  • Request metadata such as timestamps, URLs, and internal request IDs
  • Error logs and performance metrics that help us debug and improve reliability

e) Cookies and similar technologies

We use cookies and similar technologies to keep you signed in, remember your preferences and understand how the platform is used. For more detail on the specific cookies we use and how to manage them, please see our Cookie Policy.

3. How we use your data

We use the data described above for the following purposes:

  • Providing and maintaining the service: operating the inaraX platform, authentication, account management, course delivery and core features like quizzes and certificates.
  • Personalizing your learning path: using your quiz signals, placement level, preferences and progress to determine your next lesson, generate proactive and remedial lessons, and adjust content difficulty.
  • Improving our product: analyzing anonymized or aggregated usage patterns, debugging issues, and making product decisions based on how people actually use the platform.
  • Security and abuse prevention: detecting suspicious activity, protecting user accounts, and keeping the platform safe.
  • Legal and compliance: keeping records that are reasonably necessary to meet our legal, regulatory, and contractual obligations.

4. Legal bases for processing

We process your personal data only where we have a valid legal basis, which depends on the context:

  • Contract: we need to process your data to provide the service you sign up for (for example, to create your account, enroll you in courses, and track your progress).
  • Legitimate interests: we process data to secure and improve our platform and to understand how it is used, in ways that do not override your privacy rights.
  • Consent: where required by law (for example, for certain cookies or marketing), we rely on your consent, which you can withdraw at any time.

5. How we share your data

We do not sell your personal data. We share it only with:

  • Service providers that help us run the platform, such as cloud hosting, databases, authentication, and analytics. These providers are only allowed to process your data on our instructions and under appropriate data protection safeguards.
  • Organization admins where your account is part of an organization account (for example, your employer or education partner), to the extent needed to provide reporting, credentialing, or other agreed features.
  • Legal and safety partners where we are required to do so by law, regulation or a valid legal process, or where we believe it is necessary to protect the rights, safety or property of our users, our platform, or others.

6. International transfers

Our infrastructure and service providers may be located in different countries. This means your personal data may be processed outside of your country of residence. Where this happens, we take reasonable steps to ensure that your data is protected with appropriate safeguards and that transfers are made in compliance with applicable data protection laws.

7. Data retention

We keep your personal data for as long as your account is active or as long as we reasonably need it to provide the service, comply with our legal obligations, resolve disputes, and enforce our agreements.

When you close your account or when we no longer need certain data, we will either delete it or anonymize it. Some data may be retained for a longer period in backups or logs where immediate deletion is not technically feasible, but it will be stored securely and isolated from normal operational use.

8. Your rights and choices

Depending on your location, you may have rights over your personal data, including the right to:

  • Access the personal data we hold about you
  • Request corrections to inaccurate or incomplete data
  • Request deletion of your data in certain circumstances
  • Object to or request restriction of certain processing
  • Withdraw consent where we rely on consent

We will respond to requests to exercise these rights in line with applicable laws. In some cases, we may need to keep certain data (for example, for legal or security reasons), and we will explain this if it applies.

9. Security

We use technical and organizational measures to protect your personal data, including access controls, encryption in transit, and monitoring for unusual activity. However, no online service can ever be guaranteed to be 100% secure, so we cannot promise absolute security.

You are responsible for keeping your login credentials safe and for notifying us promptly if you suspect unauthorized access to your account.

10. Children's privacy

inaraX is not directed at children under the minimum age required to use online services in their country (for example, 13 or older in many jurisdictions). We do not knowingly collect personal data from children under this age. If we learn that we have collected such data, we will take reasonable steps to delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our product, our practices, or applicable laws. When we make material changes, we will update the date at the top of this page and, where appropriate, provide additional notice (for example, in the app).

12. Contact us

If you have questions about this Privacy Policy or how we handle your data, please contact us using the support channels provided in the inaraX platform.