MySATCoach Privacy Policy

Last Updated: February 25, 2026

1. Introduction

MySATCoach ("we," "us," or "our") provides a Digital SAT preparation platform. We prioritize the privacy of students and families in accordance with COPPA, CCPA/CPRA, and Google API User Data Policies.

2. Information We Collect

  • Student Data: Name, email address, diagnostic history, SAT practice test responses, and performance scores.
  • Parent Data: Email address. (Note: All billing and credit card transactions are processed directly and securely by Stripe; MySATCoach does not collect or store full credit card numbers on our servers).
  • Technical Data: IP addresses and usage analytics.

3. Google OAuth & User Data Disclosures

When you sign in with Google, we receive your basic profile information (name), email address, and an authentication token.

  • Access & Use: We use this data strictly to authenticate your identity, create or link your MSC account, and maintain session security.
  • Limited Use: Our use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for advertising, and we do not sell your data.
  • Storage & Revocation: We store authentication tokens to maintain your active login state. You may revoke our access at any time via your Google Account security settings. Upon revocation or account deletion, any residual token data is permanently deleted from our systems within 7 days.

4. Children's Privacy (COPPA – Users Under 13)

MSC requires Verifiable Parental Consent (VPC) before knowingly collecting personal information from users under 13.

  • VPC Method: We obtain consent via a temporary payment authorization charge through our processor (which is subsequently voided or refunded), or via a signed digital consent form, consistent with FTC guidance.
  • Direct Notice: Parents receive a direct email notice explaining our data practices prior to consent being finalized.
  • Parental Rights: Parents may review the child's data, request its deletion, and refuse further collection or use of the child's information by contacting legal@mysatcoach.com.

5. California Privacy Rights (CCPA/CPRA)

California residents have the right to request access, deletion, and correction of their personal data. To submit a request, email legal@mysatcoach.com. We do not sell personal data, nor do we share it for cross-context behavioral advertising. We honor Global Privacy Control (GPC) signals where applicable.

6. Data Security & Retention

We employ industry-standard administrative, technical, and physical safeguards, including encryption in transit (TLS) and at rest for sensitive data.

Retention: We delete personal data upon request within 30 days, except where retention is required for tax/accounting, to enforce our agreements, or to resolve disputes (e.g., retaining usage logs for Stripe chargeback defense).

7. Third-Party Service Providers

To operate our service, we share limited data with: Stripe (Payments/VPC), Google Cloud (Auth/Analytics), Supabase (Database), Railway (Hosting), and Postmark (Transactional Email).

8. Contact Information

Email: legal@mysatcoach.com

← Back to Home|Diagnostics|Pricing|Guides|About|FAQ|Terms of Service
© 2026 MySatCoach. All rights reserved.