Privacy Policy

Effective date: July 4, 2026

Interact is an interactive learning platform operated by Create With LLC ("Interact", "we", "us"). This policy covers the Interact website at interact.school and the Interact iOS app, and explains what information we collect, how we use it, and the choices you have.

The short version: we collect what we need to run Interact and nothing more. We don't sell your data, we don't show ads, and we don't track you across other apps or websites. Content you submit for course generation is processed by AI (OpenAI) solely to build your study material. Analytics are used only to understand and improve the product itself.

Information We Collect

  • Account information. Your name, email address, password (stored only as a secure hash — we never see or store it in plain text), and timezone. If you sign in with Apple or Google, we receive the account identifier, name, and email address those services share with us.
  • Content you create. Subjects, courses, notes, flashcards, quiz answers, prompts you type, files you upload (photos, scanned documents, PDFs, and audio recordings), and links you import for course generation.
  • Learning progress. Lesson and review activity, ratings, and progress stats — this is the core of how Interact's spaced repetition works.
  • Activity and log data. An account activity log (events like sign-ins, profile changes, and billing events) and standard server logs, which include IP addresses, browser or device details, and timestamps.
  • Billing information. On the web, payments are handled by Stripe; on iOS, by Apple. We store your subscription plan and status, but we never see or store full payment card details.
  • Device data. If you turn on reminders in the iOS app, we store your device's push notification token so Apple can deliver notifications.

How We Use Your Information

  • Provide and operate Interact: your courses, lessons, reviews, and progress tracking.
  • Generate study material with AI from the content you submit (see the next section).
  • Send transactional email such as sign-in confirmations and account notices.
  • Send product and marketing email only if you've opted in — every message includes an unsubscribe link, and unsubscribing takes effect immediately.
  • Understand how the product is used (product analytics) so we can improve it.
  • Monitor errors and keep the service reliable and secure.
  • Meet legal obligations, such as tax and accounting records for payments.

We do not sell or rent your personal information, and we don't share it with anyone for advertising.

AI Processing

AI generation is central to Interact, so we want to be precise about it. When you use a "generate" feature, the content you provide — prompts, notes, pasted text, photos, scanned pages, PDFs, audio recordings, and text extracted from links you import — is sent to OpenAI to create your lessons, flashcards, and quizzes. Audio is transcribed using OpenAI's Whisper API.

OpenAI processes this content as our service provider under its API terms, which state that content submitted through the API is not used to train OpenAI's models. We send your content to AI providers only to build your study material — never for advertising, profiling, or any unrelated purpose.

Service Providers

We share data with a small set of companies that help us run Interact. Each receives only what it needs for the purpose listed:

  • OpenAI — generates course content from material you submit and transcribes audio you upload.
  • Supadata — extracts the text or transcript from web pages and YouTube links you import; it receives only the URL.
  • Cloudinary — stores files you upload (photos, documents, audio).
  • Stripe — processes payments for web subscriptions; Stripe handles your payment details under its own privacy policy.
  • Apple — processes iOS in-app purchases, delivers push notifications, and provides Sign in with Apple.
  • Google — provides Sign in with Google.
  • Resend — delivers our transactional email.
  • PostHog — product analytics on our website, so we can see which features are used and improve them.
  • Ahrefs Analytics — privacy-focused, cookieless website traffic statistics.
  • Honeybadger — error monitoring; error reports can include request details and an account identifier so we can fix bugs.
  • Fly.io — hosts our application and database in the United States.

These providers are bound by their own privacy and security obligations and may not use your data for their own purposes.

Analytics and Cookies

On the website, we use an essential session cookie to keep you signed in, PostHog for product analytics (events are associated with your account only after you sign in — anonymous visitors are not profiled), and Ahrefs Analytics, which is cookieless. We don't use advertising cookies or cross-site trackers.

The iOS app contains no advertising, analytics, or tracking SDKs. It talks only to our own servers and the services listed above through them, plus Apple and Google for sign-in and purchases.

Sharing Between Users

If you share a subject with someone — by email invite or a share link — that person can see the shared content and your name as the sender. If they save a copy, the copy becomes part of their account. Only share content you're comfortable with the recipient seeing.

Data Retention and Deletion

We keep your information for as long as your account is active.

You can delete your account at any time — in the iOS app under Profile → Delete Account, on the web under Settings → Profile → Delete account, or by emailing us. Deleting your account immediately deactivates it, signs you out everywhere, and makes your content inaccessible. Thirty days later, your account and all of your content are permanently and automatically erased from our systems — the delay exists so we can help if an account was deleted by accident. If you'd like your data erased sooner, email us at bijan@createwith.org and we'll complete the request promptly. Limited records may be retained where the law requires it (for example, billing and tax records held by our payment processors).

Security

All traffic between your devices and our servers is encrypted with TLS. Passwords are stored using industry-standard hashing, two-factor authentication is available on your account, and access to production systems is restricted. No method of transmission or storage is 100% secure, but we work to protect your information with commercially reasonable safeguards.

Children

Interact is not directed to children under 13, and we don't knowingly collect personal information from them. If you believe a child under 13 has created an account, contact us and we'll remove it.

Where Your Data Is Processed

Interact is operated from the United States, and our servers are located there. If you use Interact from elsewhere, your information is processed in the United States.

Your Rights

Wherever you live, you can ask us to access, correct, export, or delete the personal information we hold about you. Email bijan@createwith.org and we'll respond within 30 days.

Changes to This Policy

If we make material changes to this policy, we'll notify you by email or with a prominent notice on the site before the changes take effect. The effective date at the top always reflects the current version.

Contact

Create With LLC, Orlando, Florida, USA

Questions about privacy? Email bijan@createwith.org.