Privacy Policy
Last Updated: July 17, 2025
This Privacy Policy describes how Evrika collects, uses, and protects your personal information when you use our AI-powered exam preparation application.
Data Controller
Data Controller: Neicu Patrick
Contact: For privacy-related inquiries, please contact us through our support system.
Legal Basis for Processing
We process your personal data under the following legal bases in accordance with the General Data Protection Regulation (GDPR):
Information We Collect
Personal Data
| Data Type | Purpose | Legal Basis | Required/Optional |
|---|---|---|---|
| Email Address | Account creation, authentication, communication | Contract Performance | Required |
| Name | Personalization, account management | Contract Performance | Required |
| Password | Account security and authentication | Contract Performance | Required |
| University | Educational content customization | Consent | Optional |
PDF Processing and Storage
Important: When you upload PDF documents to our platform, we process these files to generate educational content such as practice questions, summaries, and study materials. These PDFs are securely stored using Cloudflare R2 storage and processed using artificial intelligence to enhance your learning experience.
PDF processing includes text extraction and analysis, AI-powered content generation, secure storage in Cloudflare R2 with encryption, and automatic deletion after specified retention period.
Third-Party Services
PostHog Analytics
We use PostHog for analytics to understand user behavior and improve our service. PostHog may collect usage statistics, technical information, and anonymized user behavior patterns.
View PostHog Privacy Policy →Data Storage Infrastructure
MongoDB Database
We use MongoDB for secure storage of user data and exam analytics with encryption at rest and in transit, regular security updates and monitoring, access controls and authentication, and backup and disaster recovery procedures.
Cloudflare R2 Storage
We use Cloudflare R2 for secure PDF file storage with enterprise-grade security, global edge locations for fast access, automatic encryption and backup, and GDPR-compliant data handling.
Stripe Payment Processing
For payment processing, we use Stripe, which handles payment card information (not stored on our servers), billing address and payment history, and PCI DSS compliant payment processing.
View Stripe Privacy Policy →Data Retention
We retain your personal data only for as long as necessary:
Your Rights Under GDPR
As a data subject, you have the following rights:
Right of Access (Art. 15 GDPR)
You can request information about the personal data we process about you.
Right to Rectification (Art. 16 GDPR)
You can request correction of inaccurate or incomplete personal data.
Right to Erasure (Art. 17 GDPR)
You can request deletion of your personal data in certain circumstances.
Right to Restrict Processing (Art. 18 GDPR)
You can request limitation of processing in specific situations.
Right to Data Portability (Art. 20 GDPR)
You can receive your personal data in a structured, machine-readable format.
Right to Object (Art. 21 GDPR)
You can object to processing based on legitimate interests.
Contact Information
For questions about this Privacy Policy or to exercise your rights, please contact us through our support system.
Data Controller: Neicu Patrick
Supervisory Authority
You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not complied with applicable data protection laws.
For Romania: Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal (ANSPDCP)
Visit ANSPDCP Website →