Privacy Policy

1. Introduction

Welcome to Opti. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our interactive cardiac electrophysiology educational platform. By using our service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Account and Profile Information

  • Name and email address for account creation and authentication
  • Professional credentials, educational level, or student status
  • Account preferences and settings
  • Profile photo or avatar (if provided)

2.2 Learning and Progress Data

  • Learning module completion status and progress
  • Quiz scores, attempts, and performance analytics
  • Time spent on different educational components
  • Interaction patterns with 3D visualizations
  • Bookmarks, notes, and saved content
  • Learning preferences and customization settings

2.3 Subscription and Payment Information

  • Subscription plan and billing information (processed by Stripe)
  • Payment history and transaction records
  • Subscription status and renewal dates

2.4 Technical and Usage Information

  • Device information (browser type, operating system, screen resolution)
  • IP address and general location data
  • Session duration and feature usage patterns
  • Error logs and performance metrics
  • Referral sources and navigation paths

2.5 Communications Data

  • Messages sent through our contact forms or feedback systems
  • Email communications and support tickets
  • Survey responses and user feedback

3. How We Use Your Information

3.1 Service Provision

  • Provide access to 3D cardiac visualizations and learning modules
  • Track and display your learning progress and achievements
  • Deliver personalized educational content and recommendations
  • Process subscription payments and manage account access

3.2 Platform Improvement

  • Analyze usage patterns to enhance educational effectiveness
  • Develop new features based on user behavior and feedback
  • Optimize 3D rendering performance and user experience
  • Conduct research for future AI-powered personalization features

3.3 Communication

  • Send important account and service updates
  • Provide customer support and respond to inquiries
  • Share educational content and platform improvements
  • Send subscription and billing notifications

4. Data Storage and Infrastructure

4.1 Supabase Database

We use Supabase as our primary database infrastructure to store:

  • User profiles and authentication data
  • Learning progress and quiz results
  • Subscription information and user roles
  • Platform usage analytics and performance data

4.2 Data Location and Security

  • Data is stored in secure, encrypted databases with industry-standard protections
  • Access is restricted through role-based permissions and authentication
  • Regular security audits and monitoring are conducted
  • Data backups are maintained for service continuity

5. Third-Party Services and Integrations

We integrate with the following trusted third-party services:

5.1 Essential Service Providers

  • Supabase: Database hosting, authentication, and user management
  • Vercel: Web hosting and content delivery
  • Stripe: Payment processing and subscription management
  • Resend: Email delivery for notifications and communications

5.2 Educational and Technical Tools

  • React Three Fiber/Three.js: 3D visualization rendering (client-side)
  • Analytics Tools: Usage tracking and performance monitoring
  • Content Delivery Networks: Fast delivery of educational content

5.3 Data Sharing Practices

We only share your data with third parties when:

  • Required for essential service functionality (e.g., payment processing)
  • You explicitly consent to the sharing
  • Required by law or legal process
  • Necessary to protect our rights or safety

6. Data Retention and Deletion

  • Account data is retained while your account is active and for a reasonable period afterward
  • Learning progress data is kept to maintain continuity of your educational experience
  • Payment records are retained as required by law and for business purposes
  • You may request account deletion, which will remove most personal data within 30 days
  • Some data may be retained in anonymized form for research and improvement purposes

7. Your Privacy Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Portability: Export your learning progress and data
  • Opt-out: Unsubscribe from non-essential communications
  • Restriction: Limit how we process your information

To exercise these rights, contact us at matthew@opti-ecg.com.

8. Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we discover we have collected information from a child under 13, we will delete it immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data during such transfers.

10. Future AI and Machine Learning

As outlined in our development roadmap, we plan to implement AI-powered personalization features. Any use of AI will be clearly disclosed, and you will have control over whether your data is used for AI training purposes.

11. Privacy Policy Updates

We may update this Privacy Policy to reflect changes in our practices or for legal reasons. Material changes will be communicated via email or prominent platform notifications. Continued use after updates indicates acceptance of the revised policy.

12. Contact Information

For questions about this Privacy Policy or to exercise your privacy rights:

  • Email: matthew@opti-ecg.com
  • Contact form: Available through our platform
  • We will respond to privacy inquiries within 30 days