Skip to main content

Privacy Policy

Last updated: 12 March 2026

1. Who We Are

AI Tutorium ("we", "us", "our") is a UK-based online education platform. We are the data controller responsible for your personal data.

If you have questions about this policy or your data, contact us at hello@aitutorium.com.

2. What Data We Collect

Account registration

When you create an account, we collect your name and email address. This data is stored in our database hosted on Neon (PostgreSQL).

Payment information

We use Stripe to process payments. We do not store your full card details on our servers. Stripe collects and processes your payment information directly. We store your Stripe customer ID and subscription status to manage your membership.

Newsletter

If you subscribe to our newsletter, we collect your email address. We use Resend to send transactional and marketing emails.

Automatically collected data

When you visit our site, we may collect technical data such as your IP address, browser type, device information, and pages visited. Our hosting provider Vercel may collect server logs for security and performance purposes.

3. Legal Basis for Processing

Under UK GDPR, we process your data on the following bases:

  • Contract: To provide you with our services, manage your account, and process your membership subscription.
  • Consent: To send you marketing emails and newsletters. You can withdraw consent at any time.
  • Legitimate interest: To improve our platform, prevent fraud, and ensure security.

4. Third-Party Services

We share data with the following third-party processors:

  • Stripe — payment processing and subscription management
  • Resend — transactional and marketing emails
  • Uploadthing — file and media storage
  • Vercel — hosting, edge delivery, and server-side rendering
  • Neon — database hosting (PostgreSQL)

Each of these providers has their own privacy policy and processes data in accordance with UK GDPR requirements.

5. Your Rights

Under UK GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — ask us to correct inaccurate or incomplete data
  • Erasure — ask us to delete your personal data ("right to be forgotten")
  • Restriction — request that we limit how we use your data
  • Portability — receive your data in a structured, machine-readable format
  • Object — object to processing based on legitimate interest or for direct marketing

To exercise any of these rights, email us at hello@aitutorium.com. We will respond within 30 days.

6. Data Retention

We retain your account data for as long as your account is active. If you cancel your membership, we retain your data for up to 12 months to allow for reactivation. After this period, your data is deleted unless we are legally required to retain it (e.g. financial records for 6 years under HMRC requirements).

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encrypted connections (HTTPS/TLS) across the entire platform
  • Secure, httpOnly authentication cookies
  • Password hashing using industry-standard algorithms
  • Regular security reviews and dependency updates

8. Cookies

We use essential cookies to operate the site (e.g. authentication tokens and theme preferences). For full details, see our Cookie Policy.

9. International Data Transfers

Some of our third-party providers (Stripe, Vercel, Uploadthing) may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or the provider's adherence to an adequacy framework recognised by the UK.

10. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Website: ico.org.uk

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our website. Your continued use of the platform after changes are posted constitutes acceptance of the updated policy.

Privacy Policy | AI Tutorium