SuperaccountantSuperaccountant
Get started
Legal

Privacy policy

Last updated · 8 April 2026

SuperAccountant Technologies ("we", "us") cares about your privacy. This policy explains what data we collect, why we collect it, who we share it with, and how to control it. It covers our website, the SuperAccountant app, and the verification page.

1. Data we collect

We collect the minimum data needed to operate the Service. Specifically:

  • Account data — your name, email, and (if you sign in with Google) your profile photo. Required to create an account.
  • Profile data — phone, country, city, current role, employer, experience, exam goal, study hours, target exam date, and your free-text "why are you here" answer. You provide this during onboarding to personalize the tutor.
  • Learning data — your placement test answers, lesson progress, practice attempts, mastery scores, daily plans, and grand test results.
  • Tutor messages — every message you send to the AI tutor and every reply it generates, plus the tools it called and what it remembered.
  • Operational data — IP address, device info, browser locale, and basic server logs (timestamp, route, status code). Used for debugging and abuse prevention.

We do not collect government IDs, payment card numbers (until paid plans launch), or any data we don't actively need.

2. How we use it

  • To run the Service — log you in, render lessons, generate plans, grade attempts.
  • To personalize your experience — your profile fields are passed into the tutor's system prompt so it addresses you by name, calibrates explanations to your experience level, and respects your study budget and exam timeline.
  • To improve the curriculum — we look at aggregate (de-identified) patterns of which questions students get wrong and which lessons need clearer wording.
  • To send transactional email — sign-in links, certificate notifications.
  • To prevent abuse, fraud, and security incidents.

We do not sell your data. We do not use your data to train third-party AI models. Your tutor messages are not used to train our own models without your explicit opt-in.

3. Who we share it with

We share data only with the service providers we need to operate. Each is bound by their own data processing agreement.

  • Supabase (Singapore region) — primary database and authentication tokens. Stores all account, profile, learning, and tutor data.
  • Microsoft Azure (OpenAI) — runs the language model that powers the tutor. Your messages are sent for completion. Microsoft does not retain them for training and offers content filtering.
  • Microsoft Azure (Document Intelligence + Speech) — used for OCR on uploaded documents and text-to-speech for lesson narration.
  • Resend — sends transactional email (sign-in links, certificate notifications).
  • Google — only if you sign in with Google. We receive your name, email, and profile photo from Google's OAuth response.
  • Vercel — hosts the web frontend. Receives standard HTTP request logs.

4. Where it lives

Most data is stored on Supabase servers in Singapore. Azure OpenAI inference happens in the East US region. Email is sent via Resend's US infrastructure. By using the Service, you consent to your data being processed in these locations.

5. How long we keep it

  • Account + profile data: until you delete your account.
  • Learning data + certificates: until you delete your account, or 7 years, whichever is shorter.
  • Tutor messages: 12 months by default. Older messages are automatically purged.
  • Server logs: 30 days.

6. Your rights

You have the right to:

  • Access — see what data we hold about you. Available from your profile page or by emailing us.
  • Correct — fix anything inaccurate, directly from your profile page.
  • Delete — remove your account and all associated data. The delete button on the profile page does this immediately.
  • Export — download a copy of your account, profile, and learning data as JSON. Email us to request this.
  • Object — opt out of any non-essential processing.

To exercise any of these, email info@superaccountant.in. We respond within 30 days.

7. Children

SuperAccountant is not intended for users under 16. If you believe a child has created an account, email us and we will delete it.

8. Cookies

We use a small number of essential cookies — a session cookie to keep you logged in, a theme cookie to remember your dark/light preference, and a locale cookie to remember your language. We do not use third-party tracking cookies.

9. Security

Passwords are not stored — we use email magic links and Google OAuth. Data in transit is encrypted with TLS. Data at rest is encrypted by Supabase. Certificates are HMAC-signed to prevent tampering. We do not have access to your Google or email account.

10. Changes

We may update this policy as the Service evolves. Material changes will be announced via email at least 14 days in advance. The "last updated" date above always reflects the current version.

11. Contact

Questions or requests? Email info@superaccountant.in or write to: SuperAccountant Technologies, Unit 422, 4th floor, Downtown Mall, Lakdikapul, Hyderabad, India.