Privacy Policy

Last Updated: December 2025

1. Introduction

Med Qbank ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website and tell you about your privacy rights and how the law protects you.

2. The Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity Data: Username, User ID.
  • Contact Data: Email address.
  • Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting, and operating system. (Collected automatically via server logs).
  • Profile Data: Your username, password (hashed), purchases made by you, your quiz progress, scores, history, and generated tests.
  • Financial Data: We do NOT store full credit card details. Payment transactions are handled by Stripe, our third-party payment processor. We store only a customer ID and subscription status.

3. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Performance of Contract: To register you as a new user, process your subscription, and deliver the quiz content you have paid for.
  • Legitimate Interests: To use data analytics (like Google Analytics) to improve our website, products/services, and customer relationships. To maintain network security, prevent fraud, and detect account sharing abuse (via IP logging).
  • Legal Obligation: To keep transaction records for tax and accounting purposes.

4. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. For example:

  • Passwords are hashed using secure algorithms (e.g., scrypt/pbkdf2) before storage.
  • All connections are secured via SSL/TLS encryption.
  • Access to the database is restricted to authorized personnel only.

5. Third-Party Services

We may share your data with the following trusted third parties to operate our service:

  • Stripe: For payment processing. Read Stripe's Policy.
  • Google Analytics: To analyze site traffic. Read Google's Policy.
  • Hosting Providers: We use cloud infrastructure providers to host our application and database.

Some of our external third parties are based outside the UK/EEA so their processing of your personal data will involve a transfer of data outside the UK/EEA. We ensure a similar degree of protection is afforded to it by ensuring appropriate safeguards are implemented.

6. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
If you delete your account, your personal identifiers (email, username) are removed from our active database. We may retain anonymized usage data or transaction logs where required by law.

7. Your Legal Rights

Under certain circumstances, you have rights under data protection laws (GDPR/UK GDPR) in relation to your personal data, including the right to:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing your personal data.

To exercise any of these rights, please contact us via the support ticket system in your dashboard.

8. Cookies

We use cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and allows us to improve our site.

  • Essential Cookies: Required for logging in and maintaining your secure session (e.g., session cookie).
  • Analytical Cookies: Allow us to recognize and count the number of visitors (Google Analytics).

You can set your browser to refuse all or some browser cookies, but this may cause parts of the website (like logging in) to become inaccessible.

9. Contact Details

For any privacy-related queries, please contact us via the Help/Support section of the application.