Back to LearnPath

Privacy Policy

Last updated: April 8, 2026

LearnPath ("we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our platform at learnwithpath.com ("Service").

1. Data We Collect

Information you provide:

  • Account data: email address, display name, avatar selection, password (hashed).
  • Learning preferences: topics of interest, preferred session length, skill level, learning style, preferred YouTube creators.
  • User-generated content: timestamped notes you create on videos, feature suggestions.

Information generated through use:

  • Learning activity: exercise scores and answers (quizzes, fill-in-the-blank, flashcards, concept matching, sequencing, true/false), video completion status.
  • Progress data: XP points, level, streak days, spaced repetition review history, AI credit usage.
  • Certificates: earned upon completing learning paths.
  • Leaderboard data: display name, avatar, XP total, level (publicly visible).
  • Public learning path data: when you create a learning path (after April 8, 2026), its topic, progress percentage, node titles, YouTube video references, and your display name may be publicly visible in our discovery directory and on individual path pages. Other registered users can clone (copy) public paths to their own accounts. You can disable this by enabling Private mode in your account settings.
  • Referral data: referral code and referral count (if you use the referral program).
  • Subscription data: plan type, billing period, cancellation status (payment details are handled by Airwallex, not stored by us).

Information collected automatically:

  • Authentication cookies: session tokens managed by Supabase Auth.
  • Cookie preferences: your consent choices for optional cookies.

2. How We Use Your Data

  • Provide the Service: personalize learning paths, generate quizzes, track progress.
  • Improve the Service: analyze usage patterns to improve recommendations and features.
  • Communicate: send account-related notifications and updates about Terms changes.
  • Leaderboard: display your display name, level, and XP on the public leaderboard.
  • Discovery and social learning: display public learning paths in our topic discovery directory, rank topics by popularity, and allow other users to clone paths to accelerate their own learning.

3. Legal Basis for Processing (GDPR)

  • Contract: processing necessary to provide the Service you signed up for.
  • Consent: optional cookies (analytics, marketing) — only with your explicit consent.
  • Legitimate interest: improving and securing the Service, preventing abuse.

4. Third-Party Services

We share data with the following processors to operate the Service:

  • Supabase (database and authentication) — stores your account data, learning progress, and notes. Supabase Privacy Policy
  • Google / YouTube (video content) — we use the YouTube Data API to search and display videos. Your interaction with embedded YouTube players is subject to Google's Privacy Policy.
  • Google Gemini AI (content generation) — video transcripts are sent to Google Gemini to generate exercises, summaries, and learning recommendations. No personally identifiable information is included in AI requests.

Payment Processing — Airwallex

  • We use Airwallex as our payment processor for subscription payments.
  • When you subscribe to Plus or Pro, Airwallex processes your payment card details.
  • Airwallex may collect: name, email, payment card information, and billing address.
  • LearnPath does NOT store your payment card details — this is handled entirely by Airwallex.
  • Airwallex's privacy policy: https://www.airwallex.com/privacy
  • Data transferred to Airwallex is subject to their security standards (PCI DSS compliant).

5. Cookies

We use cookies as described in our Cookie Policy. You can manage your cookie preferences at any time through the cookie settings link in the footer.

6. Data Retention

  • Active accounts: data is retained as long as your account is active.
  • Deleted accounts: all data is permanently deleted immediately upon account deletion.
  • Backups: data may persist in encrypted backups for up to 30 days after deletion.

7. Your Rights (GDPR)

If you are in the European Economic Area (EEA), you have the right to:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: request correction of inaccurate data.
  • Erasure: request deletion of your data ("right to be forgotten").
  • Portability: request your data in a machine-readable format.
  • Objection: object to processing based on legitimate interest.
  • Restriction: request that we limit processing of your data.

To exercise any of these rights, contact us at support@learnwithpath.com or use the account deletion feature in your account settings.

8. Your Rights (CCPA)

If you are a California resident, you have the right to:

  • Know: what personal information we collect and how it is used.
  • Delete: request deletion of your personal information.
  • Opt-out: opt out of the sale of personal information. We do not sell your personal information.
  • Non-discrimination: we will not discriminate against you for exercising your rights.

9. Data Security

We implement industry-standard security measures including encrypted connections (HTTPS), hashed passwords, Row Level Security (RLS) on all database tables, and JWT-based authentication. However, no method of transmission over the Internet is 100% secure.

10. International Transfers

Your data may be processed in countries outside your own. We ensure appropriate safeguards are in place, including standard contractual clauses where required by GDPR.

11. Children's Privacy

LearnPath is not intended for children under 13 years of age (or under 16 in the European Union). We do not knowingly collect personal information from children under these age thresholds. If you are under 13 (or 16 in the EU), please do not create an account or submit any personal data to us.

Users between 13 and 18 years of age (or 16 and 18 in the EU) may use the Service with the consent and supervision of a parent or legal guardian. The parent or guardian is responsible for monitoring the minor's use of the Service.

If you are a parent or guardian and believe your child has created an account or provided personal data without your consent, please contact us at support@learnwithpath.com and we will promptly delete the account and associated data.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or in-app notification. The "Last updated" date at the top reflects the most recent revision.

13. Contact

For privacy-related questions or requests, contact us at support@learnwithpath.com.