Back to Home

Privacy Policy

Last updated: June 5, 2026

1. Data Controller

Exams Viewer platform is operated and managed by the development team.

Contact for privacy questions:

contact@johandev.com

2. Data We Collect

We collect the following personal data:

Authentication Data (via Email OTP)

  • Email address
  • Name (optional)
  • Authentication session data

Usage Data

  • Exam sessions and scores
  • Question states (favorites, notes, difficulty ratings)
  • Study statistics and progress
  • Time spent on platform

Organization Data

  • Organization membership information
  • Role within organization

3. Purpose of Data Processing

We process your data for the following purposes:

  • Authentication and account management: To provide secure access to your account
  • Service provision: To deliver the Exams Viewer platform features
  • Progress tracking: To save your exam progress and statistics
  • User experience improvement: To provide personalized features and recommendations
  • Communication: To send important service updates (if applicable)

4. Legal Basis for Processing

We process your data based on:

  • Consent: You actively consent when signing up via Email OTP
  • Contract execution: Processing is necessary to provide the service you requested
  • Legitimate interest: To improve our service and provide user support

5. Data Retention

We retain your data for the following periods:

  • Active accounts: Data is kept as long as you use the service
  • Inactive accounts: Accounts inactive for 24 months may be deleted
  • Deleted accounts: Data is permanently deleted within 30 days of account deletion
  • Session data: Expired sessions are automatically cleaned up after 30 days

6. Data Sharing

We do not sell your personal data. We only share data with the following service providers:

Supabase (Database hosting)

Location: EU/US regions available | Purpose: Data storage and authentication

Vercel (Application hosting)

Location: Global CDN | Purpose: Application delivery

All service providers are GDPR-compliant and use appropriate security measures.

7. Your Rights (GDPR)

Under GDPR, you have the following rights:

Right to Access

Request a copy of your data

Right to Rectification

Correct inaccurate data

Right to Erasure

Delete your account and data

Right to Portability

Export your data in JSON format

Right to Object

Object to data processing

Right to Restriction

Limit how we use your data

Exercise Your Rights

You can exercise these rights through the "My Data" page when logged in:

8. Security Measures

We implement industry-standard security measures:

  • Encryption: HTTPS for all communications, encrypted data storage
  • Row Level Security (RLS): Database-level access controls
  • Authentication: Secure Email OTP authentication
  • Regular security updates: Keep systems up to date
  • Access controls: Limited access to personal data

9. Cookies and Tracking

We use the following cookies:

Essential Cookies

Required for authentication and basic functionality. Cannot be disabled.

Analytics Cookies (Optional)

Help us understand usage patterns and improve the platform. Can be disabled in browser settings.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated via email or through a prominent notice on the platform. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Information

For any privacy-related questions, concerns, or requests, please contact us:

Email: contact@johandev.com

We will respond to your request within 30 days as required by GDPR.

12. Data Protection Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection authority.