1. Overview
Ascendra Academy LLC (“Ascendra,” “we,” “us,” “our”) operates the website at ascendraacademy.com and the related AI-learning Services. This Privacy Policy describes how we collect, use, disclose, and protect personal information when you visit, register for, or use the Services.
By using the Services, you consent to the practices described here. If you do not agree, please do not use the Services.
2. Information We Collect
We collect the following categories of personal information:
- Account information. Name (optional), email address, password (stored hashed), and your selected subscription tier.
- Onboarding & quiz responses. Goals, experience level, learning preferences, and other answers you submit through the onboarding quiz or learning-path generator.
- Learning activity. Lessons viewed, progress, streaks, XP, quiz answers, tutor conversations, and certificates earned.
- Payment information. We do not store full payment card data. Stripe, Inc. processes payments on our behalf and provides us with a transaction ID, last 4 digits of your card, billing country, and subscription status.
- Device & usage data. IP address (truncated for analytics), browser type, operating system, referring/exit pages, pages viewed, timestamps, and similar diagnostic data collected automatically through our pageview tracker.
- Communications. Messages you send us (e.g., support emails) and your preferences for receiving marketing or transactional email.
3. How We Use Information
We use personal information to:
- Provide, operate, and maintain the Services, including delivering personalized lessons.
- Process subscriptions, payments, renewals, and cancellations through Stripe.
- Generate AI-powered learning content, tutor responses, and learning paths using third-party AI providers (see Section 6).
- Send transactional email (account confirmations, receipts, password resets, lesson reminders) via Resend.
- Send marketing email about new features or content, when you have opted in. You can unsubscribe at any time.
- Improve, troubleshoot, and analyze the Services through aggregated usage statistics.
- Detect, prevent, and respond to fraud, abuse, or security incidents.
- Comply with legal obligations and enforce our Terms of Service.
4. Legal Bases (for EU/UK users)
If you are in the EU, UK, or EEA, our legal bases for processing your personal information are:
- Contract: to provide the Services you have requested.
- Consent: for marketing email and optional analytics; you may withdraw consent at any time.
- Legitimate interests: to improve our Services, prevent fraud, and protect our rights.
- Legal obligation: to comply with applicable laws (e.g., tax, accounting).
6. Third-Party Processors
We rely on the following processors to operate the Services. Each is bound by its own privacy practices:
- Stripe, Inc. — Payment processing & subscription management.
- Resend — Transactional and marketing email delivery.
- Anthropic PBC — Claude AI for tutor and lesson generation.
- OpenAI, L.L.C. — GPT models and text-to-speech narration.
- Google LLC — Gemini models for select content generation.
- MongoDB Atlas — Encrypted cloud database hosting.
- Hosting provider — Cloud infrastructure for the application.
AI prompts and quiz responses may be sent to AI providers to generate responses. We do not authorize these providers to use your prompts to train their models when commercially-available no-training endpoints are in use.
8. Data Retention
We retain personal information for as long as your account is active or as needed to provide the Services. After account deletion, we retain limited records (e.g., billing history) for up to seven (7) years to comply with tax, accounting, and legal obligations. Backups containing personal information are securely overwritten on a rolling schedule.
9. Security
We employ industry-standard administrative, technical, and physical safeguards to protect your information, including TLS encryption in transit, encrypted-at-rest databases, hashed passwords, least-privilege access controls, and restricted API keys. No method of transmission or storage is 100% secure, however, and we cannot guarantee absolute security.
10. Your Rights (CCPA, GDPR & similar laws)
Depending on where you live, you may have the right to:
- Access the personal information we hold about you.
- Correct inaccurate or incomplete information.
- Delete your personal information (“right to be forgotten”).
- Port your data in a portable, machine-readable format.
- Object to or restrict certain processing.
- Opt out of marketing email at any time via the unsubscribe link or by contacting us.
- Withdraw consent where we rely on consent as the legal basis.
- Not be discriminated against for exercising your CCPA rights.
To exercise these rights, email ascendraacademy@yahoo.com with the subject line “Privacy Request.” We will respond within 30 days (45 days for CCPA requests where additional time is needed, with notice). We may need to verify your identity before fulfilling a request.
“Do Not Sell or Share My Personal Information” (California residents): We do not sell personal information and do not share it for cross-context behavioral advertising.
11. Children’s Privacy
The Services are not directed to children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has provided us with personal information, contact us at ascendraacademy@yahoo.com and we will promptly delete it.
12. International Transfers
Ascendra Academy LLC is based in the State of Missouri, United States. If you access the Services from outside the United States, your information will be transferred to, stored, and processed in the U.S. By using the Services, you consent to these transfers. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) for cross-border transfers.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated by email or via a prominent notice on the Services. The “Last updated” date at the top of this page will always reflect the most recent revision. Continued use of the Services after changes become effective constitutes acceptance.
14. Contact Us
Questions, concerns, or requests about your data? Reach out: