HomeHow It WorksGuidesDemoAbout
Sign in

Privacy Policy

Your data belongs to you.

StairMark is built on a simple principle: we collect only what we need to compute your roadmap, we never sell it, and you can delete it anytime. This policy explains exactly what we do — and don't do — with your information.

Last updated: May 25, 2026 · Effective date: upon first use

⚠️ Draft — this policy has not been reviewed by legal counsel. Consult a qualified attorney before relying on it for production use.

Information We Collect

  • Account information

    Email address (required for signup). We never require a real name — you may use a pseudonym. Parent/guardian email if you are under 18 and using ParentLink.

  • Academic profile

    Current grade level, state of residence, high school course offerings, and any decisions you make about your college roadmap (e.g., which gates you lock, your goal tier). This data is essential for computing your personalized roadmap.

  • Financial estimates

    Household income range and financial aid preferences — used solely to estimate college costs and aid eligibility. We never ask for exact income, SSN, or bank details.

  • Usage data

    Pages viewed, features used, and time spent in the app. This helps us understand which parts of the roadmap are most useful so we can improve them.

  • Device information

    Browser type, operating system, and screen size — collected automatically to ensure the app renders correctly on your device.

How We Use Your Information

We use your data exclusively to deliver and improve StairMark:

  • Compute your personalized decision-gate roadmap and urgency windows

  • Estimate financial aid and college costs based on your profile

  • Enable parent/guardian linking via ParentLink (only with your consent)

  • Send milestone reminders and urgency alerts you opt into

  • Anonymize and aggregate usage patterns to improve the product

  • Respond to your support requests

Information Sharing

We do not sell, rent, or trade your personal information. We share data only in these limited circumstances:

  • ParentLink

    If you explicitly connect a parent/guardian, they can view your roadmap progress and decision history. You can revoke access at any time.

  • Service providers

    We use trusted third parties to host our infrastructure and send transactional email. These providers are contractually obligated to process data only as we direct and to maintain equivalent security standards.

  • Legal requirements

    We may disclose information if required by law, such as a court order or subpoena, or to protect the safety of our users and the public.

Data Storage & Security

  • All data is encrypted in transit (TLS 1.3) and at rest (AES-256)

  • Database access is restricted to authenticated service accounts with least-privilege permissions

  • We conduct regular security reviews and dependency audits

  • We never store Social Security numbers, credit card numbers, or bank account details

Data Retention

  • Active account data is retained as long as your account exists

  • If you delete your account, all personal data is purged within 30 days, except anonymized aggregate statistics that cannot be traced back to you

  • We retain transactional email logs for 90 days for abuse prevention

Your Rights

You always have control over your data:

  • Access

    View or export all data we hold about you from your account settings

  • Correction

    Update any information at any time — your roadmap recomputes automatically

  • Deletion

    Delete your account and all associated data from Settings → Account → Delete Account

  • Opt-out

    Disable milestone emails, usage analytics, or ParentLink sharing independently

  • Portability

    Export your decision history and roadmap as JSON or PDF

Children's Privacy

StairMark is designed for high school students, many of whom are under 18. We take extra precautions:

  • We do not knowingly collect data from children under 13. If we learn we have, we delete it promptly

  • Users aged 13–17 may use StairMark with optional parent/guardian linking via ParentLink

  • We never display advertising or enable third-party social features for users under 18

  • ParentLink guardians can request data deletion on behalf of a linked student

Cookies & Tracking

  • Essential cookies: session authentication and CSRF protection (cannot be disabled)

  • Preference cookies: theme (light/dark), dismissed info popovers, and UI preferences

  • Analytics: we may use privacy-respecting analytics (no cross-site tracking, no advertising IDs). You can opt out in Settings

  • We do not use third-party advertising cookies or retargeting pixels

Third-Party Services

StairMark integrates with these third parties:

  • Hosting

    Application and database hosting on encrypted, access-controlled infrastructure

  • Email delivery

    Transactional email for magic link authentication and milestone reminders

  • No social SDKs

    We do not embed Facebook, Google, TikTok, or any social media SDKs

Changes to This Policy

We may update this policy as StairMark evolves. When we do:

  • We will post the updated policy on this page with a new "Last updated" date

  • For material changes, we will notify you via email or an in-app banner at least 7 days before the change takes effect

  • Continued use after the effective date constitutes acceptance of the revised policy

Contact Us

Questions about this policy or your data? Reach us:

  • Email: privacy@stairmark.app

  • We aim to respond to all privacy inquiries within 5 business days

Questions? privacy@stairmark.app