← Back to Home

Privacy Policy

Your privacy matters to us. This policy explains how Stars and Rights LLC collects, uses, and protects your information with full GDPR and CCPA compliance.

Effective Date: August 1, 2025

Last Updated: August 1, 2025

Data Controller: Stars and Rights LLC, California, United States

Compliance: GDPR, CCPA, and other applicable privacy laws

1. Who We Are

Stars and Rights LLC ("Company," "we," "us," or "our") is committed to protecting your privacy and personal data. We operate educational tools and test preparation services designed to help users succeed in their learning goals.

Our Mission: "Tools Built by One, Designed for All" - providing accessible, high-quality educational resources regardless of background or economic status.

2. Information We Collect

We collect information in several ways to provide and improve our services:

2.1 Information You Provide Directly

  • Account Information: Name, email address, username, password
  • Profile Information: Study preferences, progress tracking, goals
  • Communication Data: Messages, support requests, feedback
  • Payment Information: Billing details (processed securely by third parties)
  • User Content: Study notes, comments, forum posts

2.2 Information Collected Automatically

  • Usage Data: Pages visited, time spent, features used
  • Device Information: Browser type, operating system, device identifiers
  • Location Data: General location (country/region) for content localization
  • Cookies and Tracking: As described in our Cookie Policy
  • Performance Data: Test scores, study progress, completion rates

2.3 Information from Third Parties

  • Social Media: Profile information when you connect social accounts
  • Analytics Services: Aggregated usage statistics
  • Payment Processors: Transaction confirmations and status

3. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

Purpose Legal Basis Data Types
Providing our services Contract Performance Account info, usage data
Customer support Contract Performance Contact info, support requests
Service improvement Legitimate Interest Usage analytics, feedback
Marketing communications Consent Email, preferences
Legal compliance Legal Obligation Transaction records

4. How We Use Your Information

We use collected information for the following purposes:

4.1 Service Provision

  • Create and manage your account
  • Provide access to educational content and tools
  • Track your learning progress and performance
  • Customize content based on your needs
  • Process payments and manage subscriptions

4.2 Communication

  • Respond to your inquiries and support requests
  • Send important service updates and notifications
  • Provide educational tips and study reminders (with consent)
  • Share relevant product updates and features

4.3 Improvement and Analytics

  • Analyze usage patterns to improve our services
  • Conduct research and development
  • Monitor and ensure service quality
  • Identify and fix technical issues

4.4 Legal and Security

  • Comply with legal obligations and regulations
  • Protect against fraud and abuse
  • Enforce our terms of service
  • Ensure platform security and integrity

5. Information Sharing and Disclosure

We do not sell your personal information. We may share information in these limited circumstances:

5.1 Service Providers

We work with trusted third-party service providers who help us operate our services:

  • Cloud Hosting: Secure data storage and processing
  • Analytics: Website usage analysis (anonymized data)
  • Payment Processing: Secure transaction handling
  • Email Services: Communication and notifications
  • Customer Support: Help desk and support tools

All service providers are bound by strict confidentiality agreements and data protection requirements.

5.2 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal processes and government requests
  • Protect our rights, property, and safety
  • Protect the rights and safety of our users
  • Investigate and prevent fraud or security issues

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the transaction, subject to the same privacy protections.

6. International Data Transfers

Our services may involve transferring your data internationally. We ensure appropriate safeguards:

  • Adequacy Decisions: Transfers to countries with adequate protection
  • Standard Contractual Clauses: EU-approved data transfer agreements
  • Certification Programs: Privacy Shield successors and similar frameworks
  • Binding Corporate Rules: Internal data protection standards

7. Your Privacy Rights

You have important rights regarding your personal data:

7.1 GDPR Rights (EU Residents)

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for consent-based processing

7.2 CCPA Rights (California Residents)

  • Right to Know: Information about data collection and use
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of the sale of personal information
  • Right to Non-Discrimination: Equal service regardless of privacy choices

7.3 How to Exercise Your Rights

To exercise any of these rights, contact us at shakil@starsandrights.com with:

  • Your full name and email address
  • Specific right you wish to exercise
  • Verification information (for security)

We will respond within 30 days (GDPR) or 45 days (CCPA) of receiving your request.

8. Data Security

We implement comprehensive security measures to protect your information:

8.1 Technical Safeguards

  • Encryption: Data encrypted in transit and at rest
  • Access Controls: Role-based access with multi-factor authentication
  • Network Security: Firewalls, intrusion detection, and monitoring
  • Regular Updates: Security patches and system updates

8.2 Organizational Measures

  • Staff Training: Regular privacy and security training
  • Data Minimization: Collect only necessary information
  • Incident Response: Procedures for security breaches
  • Regular Audits: Security assessments and compliance reviews

Important: While we implement strong security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

9. Data Retention

We retain your information only as long as necessary:

Data Type Retention Period Reason
Account Information Until account deletion Service provision
Usage Analytics 2 years Service improvement
Support Communications 3 years Customer service
Financial Records 7 years Legal compliance
Marketing Consent Until withdrawn Communication preferences

10. Cookies and Tracking Technologies

We use cookies and similar technologies as described in our Cookie Policy. Key points:

  • Essential cookies for website functionality
  • Analytics cookies to understand usage (with consent)
  • Preference cookies to remember your settings
  • You can control cookies through browser settings

11. Children's Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection:

  • We will delete the information immediately
  • We will not use the information for any purpose
  • We will not disclose the information to third parties

Parents or guardians who believe we have collected information from a child under 13 should contact us immediately.

12. Changes to This Privacy Policy

We may update this privacy policy to reflect changes in our practices or applicable laws. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Updating the "Last Updated" date
  • Sending email notifications for significant changes
  • Requesting new consent where required by law

We encourage you to review this policy periodically.

13. Supervisory Authority

If you are an EU resident, you have the right to lodge a complaint with your local data protection authority if you believe we have not complied with GDPR requirements.

For California residents, you may contact the California Attorney General's office regarding CCPA compliance.

14. Contact Us

For any questions about this privacy policy or our data practices:

Privacy Officer: shakil@starsandrights.com

General Inquiries: shakil@starsandrights.com

Business Name: Stars and Rights LLC

Jurisdiction: California, United States

Response Time: We aim to respond within 48 hours

Last updated: August 1, 2025