Privacy Policy

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, password (encrypted), profile picture
• Creator Information: Business name, tax information, bank details (via Stripe Connect)
• Payment Information: Processed securely through Stripe (we don't store card details)
• Course Content: Videos, documents, quizzes you create or submit
• Communications: Support tickets, feedback, email correspondence

1.2 Information Collected Automatically

• Usage Data: Course progress, completion rates, quiz scores
• Device Information: IP address, browser type, operating system
• Analytics Data: Pages visited, features used, interaction patterns
• Performance Data: Load times, error logs, API usage

1.3 AI Service Data

• AI Interactions: Prompts and responses with our AI agents
• Generated Content: AI-assisted course materials and suggestions
• Usage Metrics: API calls, token usage, feature utilization

2. How We Use Your Information

2.1 Service Delivery

• Provide access to courses and learning materials
• Process payments and manage subscriptions
• Enable AI-powered course creation tools
• Track learning progress and issue certificates
• Facilitate creator-student communications

2.2 Platform Improvement

• Analyze usage patterns to improve features
• Personalize content recommendations
• Optimize platform performance and reliability
• Develop new features based on user needs

2.3 Communication

• Send transactional emails (receipts, course access)
• Provide customer support
• Send platform updates and announcements (with consent)
• Marketing communications (opt-in only)

2.4 Legal and Security

• Comply with legal obligations
• Detect and prevent fraud
• Enforce our Terms of Service
• Protect rights and safety of users

3. Data Sharing and Disclosure

3.1 We Share Data With:

• Service Providers: Stripe (payments), Cloudflare (infrastructure), Bunny.net (video delivery), Resend (email)
• AI Providers: Anthropic (Claude API for AI features)
• Creators: Student enrollment and progress data for their courses
• Legal Authorities: When required by law or court order

3.2 We Do NOT:

• Sell your personal information
• Share data between different creators' databases
• Use your content for advertising
• Share payment details with third parties (except Stripe)

4. Data Security

4.1 Security Measures

• Database Isolation: Each creator has a completely isolated database (Durable Objects)
• Encryption: All data encrypted in transit (TLS) and at rest
• Authentication: Secure authentication with rate limiting
• Access Controls: Role-based permissions and audit logging
• PCI Compliance: Payment processing through PCI-compliant Stripe
• DRM Protection: Video content protected with MediaCage DRM

4.2 Incident Response

In the event of a data breach, we will notify affected users within 72 hours as required by GDPR, investigate the incident, and take steps to prevent future occurrences.

5. Your Privacy Rights

5.1 Under GDPR (European Users)

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Receive your data in a portable format
• Restriction: Limit processing of your data
• Object: Opt-out of certain data processing

5.2 Under CCPA (California Users)

• Know: What personal information we collect and how it's used
• Delete: Request deletion of your personal information
• Opt-Out: Opt-out of sale of personal information (we don't sell data)
• Non-Discrimination: Equal service regardless of privacy choices

5.3 How to Exercise Your Rights

To exercise any of these rights, contact us at privacy@marketminded.com or through your account settings. We will respond within 30 days.

6. Data Retention

• Active Accounts: Data retained while account is active
• Course Access: Purchased course access retained indefinitely
• Financial Records: 7 years for tax and legal compliance
• Deleted Accounts: Personal data deleted within 90 days (except where legally required)
• Backups: Point-in-time recovery available for 30 days

7. Cookie Policy

7.1 Types of Cookies We Use

• Essential Cookies: Required for platform functionality (authentication, security)
• Performance Cookies: Help us understand usage patterns (with consent)
• Preference Cookies: Remember your settings (language, theme)
• Analytics Cookies: Track anonymous usage statistics (opt-in)

7.2 Third-Party Cookies

• Stripe: Payment processing and fraud prevention
• Cloudflare: Security and performance optimization

7.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may impact platform functionality. We respect "Do Not Track" browser settings.

8. International Data Transfers

Your data may be processed in different countries where our service providers operate. We ensure appropriate safeguards are in place:

• Standard Contractual Clauses for EU data transfers
• Privacy Shield compliance where applicable
• Encryption for all data transfers
• Contractual obligations for data protection

9. Children's Privacy

Market Minded is not intended for users under 18 years old. We do not knowingly collect personal information from children. If we discover we have collected data from a child, we will delete it immediately.

10. AI and Automated Decision Making

• AI suggestions are recommendations only - you maintain control
• No automated decisions with legal or significant effects
• You can opt-out of AI features while retaining platform access
• AI interactions are not used to train external models

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be notified via:

• Email notification to your registered address
• Prominent notice on the platform
• 30-day notice period before changes take effect

12. Contact Us