Legal
Privacy Policy
Last updated: July 8, 2026
Your account, your files, your text. This page explains — in plain English — what StudySolutions collects, how we use it, who we share it with, and how quickly we delete it.
01Introduction & Scope
This Privacy Policy explains how StudySolutions (“we,” “us,” or “our”) collects, uses, stores, and shares personal information when you visit studysolutions.app or use any of our services, including our Turnitin similarity and AI reports, the AI Humanizer, and our document unlock tools.
Data controller. StudySolutions is the controller responsible for the personal information described in this policy. If you have any privacy question, request, or complaint, contact us at support@studysolutions.app. This is the only support address we operate — please disregard any message claiming to represent us from a different domain.
Who this applies to. This policy applies to everyone who creates an account, makes a payment, uploads a document, submits text to our tools, or otherwise interacts with StudySolutions. By using our services you confirm that you have read this policy and understand how your information is handled.
02Information We Collect
We only collect what we need to run the service. That falls into a few categories:
- Account data. Your email address, optional display name, and hashed credentials managed by Supabase Auth. If you sign in with Google or Discord, we receive basic profile fields (name, email, avatar) from that provider — nothing else.
- Subscription and payment status. Your plan tier, subscription state, renewal date, and a record that a payment succeeded or failed. Card details and PayPal account credentials are handled entirely by Stripe and PayPal — we never see or store full card numbers.
- Service usage records. Quota counters and a usage history for each tool, including timestamps, which service was used, word counts submitted to the Humanizer, and the filenames and domains associated with your Turnitin and unlock requests.
- Uploaded documents and submitted text. Documents you upload for Turnitin similarity and AI reports, and text you paste into the Humanizer. Both are processed transiently for the purpose of returning your result and are not used for any other purpose. See the next section for exactly how these are handled.
- Support communications. Emails you send to support@studysolutions.app, along with any information you include so we can help you.
- Preferences. Your selected locale (language), theme, and similar interface settings.
- Technical logs. Standard server logs — IP address, browser user-agent, request path, response status, and timestamps — kept for a short period so we can debug issues and defend against abuse.
What we do not collect. We do not ask for phone numbers, addresses, government IDs, or academic institution credentials, and we do not attempt to identify you across other websites.
03How We Use Information
Your information is used only for the following purposes:
- Provide the service. Authenticate you, run your Turnitin, Humanizer, and unlock requests, deliver results, and enforce your plan's quota.
- Process payments. Charge and refund subscriptions, apply promotional codes, and reconcile billing with Stripe and PayPal.
- Support and communicate with you. Reply to emails, send transactional messages such as password resets, receipts, and important account or security notices, and confirm changes you make to your subscription.
- Improve reliability. Debug errors, monitor performance, and detect abuse or fraud. Where possible this work happens on aggregated or de-identified data.
- Comply with law. Meet tax, accounting, and other legal obligations, and respond to lawful requests when we have to.
We do not train AI models on your uploaded documents or Humanizer inputs, and we do not use your content to build any product other than the result you asked us to produce.
04Document & File Handling
Your files are the most sensitive thing you share with us, so we handle them narrowly and delete them quickly. If nothing else in this policy stays with you, this section should.
- Turnitin uploads. Files you submit for a similarity or AI report are stored in Cloudflare R2 object storage, encrypted in transit over TLS, and automatically deleted within roughly 24 hours. The links we generate for you to view or download the resulting report also expire in about 24 hours.
- No repository submission. Documents you send through our Turnitin integration are checked against Turnitin's comparison databases but are never added to Turnitin's student-paper repository. Your document does not become part of anyone else's future similarity check.
- Humanizer text. Text you paste into the Humanizer is transmitted to the Ryne AI API to produce the humanized output. We do not retain the raw input or the output beyond the record we keep in your own usage history so you can see what you ran.
- Unlock content. When you use our unlock tools, we fetch the requested content and deliver it to you. Any temporary caches are content-scoped and short-lived.
- Encryption in transit. All uploads, API calls, and downloads happen over HTTPS (TLS).
- No training use. Nothing you upload or submit is used to train, fine-tune, or evaluate any AI model.
05Third-Party Processors
We rely on a small set of trusted vendors to run StudySolutions. Each of them processes only the specific data they need for their role, under contract, and cannot use it for their own purposes.
- Supabase. Hosts our authentication service and primary database (US-East region). Handles email, hashed credentials, subscription state, and usage records.
- Vercel. Hosts the application and provides deployment analytics such as page views and performance metrics.
- Cloudflare R2. Object storage for Turnitin uploads and generated reports, subject to the 24-hour auto-deletion described above.
- Stripe. Processes card payments and manages subscription billing. Stripe holds card data under PCI-DSS; we only receive a reference and status.
- PayPal. Processes PayPal payments and subscriptions. PayPal holds your PayPal account details; we only receive a reference and status.
- Ryne AI. Executes the AI humanization request when you use the Humanizer.
- Turnitin (via an integration partner). Runs the similarity and AI detection scoring for uploaded documents.
- Resend. Delivers transactional email — verification, password reset, billing receipts, and service notices.
- Microsoft Clarity. Provides aggregated usage analytics and session heatmaps so we can see how the interface is working and fix rough edges.
- Google and Discord. Optional OAuth sign-in providers. We only receive what you approve at the consent screen.
We do not sell your personal information, and we do not share it with third-party advertising networks. We do not run banner or programmatic ads on StudySolutions.
07Data Retention
We keep personal information only for as long as we have a clear reason to hold it, then remove or anonymize it.
- Account and profile data. Retained while your account is active. When you delete your account, we remove your personal profile fields promptly.
- Turnitin uploads and reports. Auto-deleted within roughly 24 hours. View and download links generated for you also expire in about 24 hours.
- Humanizer text. Not retained beyond your own usage history record.
- Usage history. Retained while your account is active so you can see what you've run. Removed when you delete your account, subject to the exceptions below.
- Billing and tax records. Retained for the period required by applicable tax and accounting law, even after account deletion.
- Support emails. Retained for a reasonable period after your issue is resolved so we can reference prior context if you write in again.
- Technical logs. Kept briefly for debugging and abuse prevention, then discarded.
08Data Security
We use technical and organizational safeguards proportionate to the sensitivity of the data we handle:
- Encryption in transit. All traffic between your browser, our services, and our processors uses TLS.
- Encryption at rest. Storage layers used by Supabase and Cloudflare R2 are encrypted at rest by the provider.
- Managed authentication. Passwords are hashed and verified by Supabase Auth. We never see your raw password. OAuth flows use short-lived tokens.
- Least-privilege access. Access to production systems is limited to the individuals who need it, protected by multi-factor authentication.
- Vendor review. Every third-party processor listed above is bound by a data processing agreement and vetted before we enable it.
No system is perfectly secure. If you believe your account has been accessed without your permission, contact support@studysolutions.app immediately.
09Your Rights & Choices
You have meaningful control over the information we hold. You can exercise any of the following either through your account settings or by emailing us at support@studysolutions.app.
- Access. Ask us what personal information we have about you.
- Correction. Update your email, display name, and profile fields at any time in the dashboard. Ask us for help if a field is not editable.
- Deletion. Delete your account from settings, or email us to request deletion. We remove your personal information promptly, subject to the retention exceptions above (for example, records we must keep for tax or fraud-prevention purposes).
- Cancel a subscription. Cancel from your billing settings; your access continues until the end of the current period.
- Object or restrict. If you are in a jurisdiction that grants objection or restriction rights (for example, the UK or the EEA), email us to invoke them.
- Complain. If you are in the UK, EEA, or another jurisdiction with a data-protection authority, you have the right to lodge a complaint there. We would appreciate the chance to address your concern first.
We may need to verify your identity before acting on a request — usually by confirming it comes from the email address on the account.
10Children's Privacy
StudySolutions is intended for users aged 13 or older (16 or older in the European Economic Area). We do not knowingly collect personal information from children below those ages. If you believe a child has provided us with personal information, email support@studysolutions.app and we will delete the account and associated data.
11International Transfers
StudySolutions operates globally. Our primary database is hosted in the United States (Supabase, US-East), and our processors may store or process data in other regions consistent with their own infrastructure.
When we transfer personal information out of the United Kingdom, European Economic Area, or Switzerland, we rely on lawful transfer mechanisms — such as the European Commission's Standard Contractual Clauses or an equivalent — to make sure your data continues to receive appropriate protection.
12Changes to This Policy
We may update this policy from time to time to reflect changes to our service, our processors, or the law. When we do, we'll update the “last updated” date at the top of the page. For material changes, we'll also give you reasonable notice — for example, an email or an in-product banner — before the update takes effect.
Continued use of StudySolutions after an update means you accept the revised policy. If you don't, you can stop using the service and delete your account.
13Contact
For any privacy question, request, or concern, email support@studysolutions.app. This is the only address we use for privacy correspondence.
We aim to respond to privacy requests within 30 days. If a request is unusually complex we may take longer and will let you know why.
Questions?
If anything in this document is unclear, or you need help with your account, our support team responds around the clock.
support@studysolutions.app