Privacy Policy

Shark Learning ("we", "us", "our") is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights under applicable Canadian privacy law (PIPEDA).

1. Information we collect

Account information: When you register, we collect your first name, last name, and email address. If you sign in with Google, we receive your name and email from Google.

Payment information: We use Stripe to process payments. We never store your credit card details — Stripe handles all payment data under their own security standards (PCI-DSS Level 1). We receive and store a Stripe customer ID and subscription status.

Usage data: We collect information about worksheets you view, download, and practice with. This helps us improve the service and show you relevant content.

Technical data: We collect standard server logs including IP address, browser type, and pages visited. We use this for security and performance monitoring only.

2. How we use your information

• To provide and maintain your account
• To process payments and manage your subscription
• To send transactional emails (account confirmation, receipts)
• To improve our content and fix errors
• To respond to your support requests

We do not sell your personal information to third parties. We do not use your data for advertising.

3. Children's privacy

Shark Learning is a tool for parents, teachers, and homeschoolers — not a service for children to use directly. We do not knowingly collect personal information from children under 13. Accounts must be created by an adult. If you believe a child has provided us personal information, contact us and we will delete it promptly.

4. Data storage and security

Your data is stored on servers located in the European Union (Hetzner Cloud). We use industry-standard security practices including encrypted connections (HTTPS), hashed passwords, and access controls. No method of transmission over the internet is 100% secure, but we take reasonable measures to protect your information.

5. Third-party services

• Stripe — payment processing (stripe.com/privacy)
• Google OAuth — optional sign-in (policies.google.com/privacy)
• Resend — transactional email delivery
• Cloudflare R2 — PDF file storage

6. Your rights

Under PIPEDA, you have the right to:

• Access the personal information we hold about you
• Correct inaccurate information
• Request deletion of your account and personal data
• Withdraw consent for optional data use

To exercise any of these rights, email us at [email protected].

7. Cookies

We use only essential cookies required for authentication and session management. We do not use advertising cookies or third-party tracking.

8. Changes to this policy

We may update this policy from time to time. We will notify registered users by email of any material changes. The effective date at the top of this page will always reflect the latest version.

9. Contact

Questions about this policy? Contact us at [email protected] or through our contact page.