Privacy Policy
Read This First
Before you provide personal data or consent to its processing, please read this Privacy Policy. It explains when, where, and why we process personal data of people who use the Website, how we use it, when we may disclose it, your rights, and how we keep data secure. If you do not agree, do not use the Services.
Key Definitions
Personal Data
Personal data means any information relating to an identified or identifiable natural person.
Processing
Processing means any operation performed on personal data, whether automated or not, including collection, storage, use, disclosure, and deletion.
Data Subject
Data subject means the person to whom personal data relates. For this Policy, that is you as a user or customer.
Consent
Consent means a freely given, specific, informed, and unambiguous indication of your wishes signifying agreement to processing.
User Content and Inputs
User Content or Inputs means text, files, or other materials you upload, enter, or transmit to the Services.
Tools
Tools means on-site automated features such as AI writing, rewriting, detection, and plagiarism checking.
What We Collect
Account and Profile
If you register, we process information you provide such as name or display name, email, password hash, and optional profile fields. You are responsible for any personal data you include in free-text fields.
Orders and Workspace
We process Order details and related materials you submit, including requirements, references, attachments, and messages, to deliver the Product, provide support, and maintain an audit trail.
Service Use, Logs, and Cookies
When you access the Website, we collect usage data and set cookies or similar technologies to keep sessions and security working, remember preferences, measure and improve performance, and prevent fraud and abuse. Usage data may include IP address, device and browser type, operating system, language, timestamps, pages viewed, referrer, approximate location derived from IP, and event telemetry. You can manage non-essential cookies via our Cookie Settings and your browser. Disabling some cookies may affect functionality.
Payments
Payments are processed by third-party payment processors. We do not collect or store full payment card numbers on our servers. For reconciliation, fraud prevention, tax, and accounting, we may retain limited payment metadata such as transaction ID, time, amount, currency, the first 6 and last 4 digits of the card, and issuing country, subject to legal obligations.
Communications and Feedback
If you contact us or respond to surveys, we process the information you provide for support, quality, and product improvement. Certain service communications are transactional and may be non-optional, such as security alerts and order notices.
Social Media Pages
We operate official pages on social networks. Interactions with those pages are subject to the networks' own privacy terms. We may receive aggregated insights for analytics and brand safety.
Sensitive Data
We do not seek to collect sensitive personal data unless you explicitly provide it and we have a lawful basis to process it. Please avoid uploading unnecessary sensitive data.
How and Why We Use Data
We process personal data to provide the Services, authenticate users, maintain accounts, accept Orders, generate and deliver Products, operate AI Tools, and provide support. We process data to protect accounts, investigate suspicious activity, enforce our Terms, and detect spam or misuse. We analyze performance to understand feature adoption and service reliability, improve user experience and quality, and run tests using aggregated or de-identified data. We send order confirmations, service or feature notices, policy updates, and responses to inquiries. Marketing emails are sent only where permitted and can be opted out at any time. We also process data to meet tax, accounting, and legal obligations, respond to lawful requests, and establish, exercise, or defend legal claims.
AI-Specific Notes
We process your inputs and the resulting outputs to provide the Tools, troubleshoot issues, ensure safety, and improve service quality. We may use vetted infrastructure and AI model providers acting as our processors under data protection agreements. We do not sell your personal data. We do not use your personal data or content to train third-party foundation models for their independent purposes. Where providers offer an opt-out from training, we enable it by default or via contract.
Legal Bases Where Required
Where applicable law such as GDPR requires a legal basis, we rely on contract to provide the Services you request, legitimate interests for security, fraud prevention, analytics, improvement, and support balanced against your rights, consent for non-essential cookies or marketing where required, and legal obligation for tax, accounting, and regulatory requests.
Sharing and International Transfers
Service Providers
We use carefully selected vendors for hosting, storage and content delivery, security, analytics, email delivery, customer support, payments, and AI infrastructure. They process data only under our instructions and subject to confidentiality and security obligations.
No Selling or Cross-Context Behavioral Sharing
We do not sell personal information and do not share it for cross-context behavioral advertising as defined by CCPA/CPRA.
Business Transfers and Legal Disclosures
If we are involved in a merger, acquisition, or asset sale, personal data may transfer subject to this Policy or a successor policy with materially similar protections. We may disclose data if required by law or to protect rights, safety, and the integrity of the Services.
International Transfers
We may process data in countries other than yours. Where required, we use safeguards such as EU and UK Standard Contractual Clauses or other lawful transfer mechanisms.
Data Retention
We retain personal data only for as long as necessary for the purposes described in this Policy. Account and order records are retained for the life of the account and a reasonable period thereafter. Payment and tax records are retained as required by law. Logs and telemetry are retained for a limited period for security and reliability. When data is no longer needed, it is securely deleted or anonymized.
Your Choices and Rights
Controls
You can manage non-essential cookies via Cookie Settings. Where required by law, we honor Global Privacy Control signals. You may opt out of marketing emails at any time using the unsubscribe link in those messages.
Rights
Depending on where you live, you may have rights to access, correct, delete, port, restrict or object to processing, and withdraw consent where processing is based on consent. You may also have the right to lodge a complaint with your data protection authority. To exercise rights, contact service@essaypass.ai. We verify requests and respond within the timeframe required by law and will not discriminate against you for exercising your rights.
Security
We implement technical and organizational measures appropriate to the risk, including encryption in transit, access controls, least-privilege administration, network safeguards, and vendor due diligence. No system is perfectly secure. You are responsible for maintaining the secrecy of your credentials and promptly notifying us of any suspected compromise.
Children
The Services are not directed to children under the age that requires parental consent in their jurisdiction. We do not knowingly collect personal data from such children. If you believe a child has provided personal data, contact us to remove it.
Do Not Track
Some browsers transmit Do Not Track signals. At this time, we do not respond to DNT signals. We honor legally required signals such as Global Privacy Control as noted above.
Region-Specific Notices
California (CCPA/CPRA)
We do not sell or share personal information as defined by CCPA/CPRA. You may request categories and specific pieces of personal information collected about you, deletion, correction, and information about disclosures for a business purpose. We verify your request, acknowledge within statutory timelines, and respond within forty-five days where permitted. You may designate an authorized agent. We do not discriminate against you for exercising your rights.
Virginia, Colorado, Connecticut, and Utah
We do not sell personal data and do not process personal data for targeted advertising as defined by these laws. You may have rights to access, correct, delete, obtain a portable copy, and opt out of certain profiling where applicable. If we deny a request, you may submit an appeal, and we respond within the statutory period.
EEA and UK (GDPR)
The controller is []. If applicable, our representative or data protection officer is []. Legal bases include contract, legitimate interests, consent, and legal obligation. International transfers rely on Standard Contractual Clauses or other lawful mechanisms. You may lodge a complaint with your supervisory authority.
Third-Party Links
The Website may link to third-party sites or services. Their privacy practices are governed by their own policies. We are not responsible for their content or handling of personal data.
Changes to This Policy
We may update this Policy from time to time. Material changes are posted on the Website and, where appropriate, notified by email. The Last updated date reflects the latest version. Continued use of the Services after changes means you accept the updated Policy.
Contact Us
For privacy questions or requests, contact service@essaypass.ai
Last updated: November 3, 2025
Contact: service@essaypass.ai
Scope: This Privacy Policy applies to our website(s), mobile website, and related online services (collectively, the "Website" or "Services"), as referenced in our Terms & Conditions.