← Home

Privacy Policy

Last updated: July 2026

This policy is maintained by ApprovedAI to answer common privacy questions about how we handle information when you use approvedai.org.

1. Information we collect

  • Full name. You provide this on the landing page so it can appear on your certificate.
  • Assessment data. Your answers, score, pass/fail status, language, and a generated verification ID.
  • Payment details. If you purchase a certificate, Stripe collects and processes your payment information. We receive an email address (used to deliver your certificate), amount, and transaction ID — not your card number.
  • Basic visit metadata. Page path, referrer, user agent, coarse country (derived from your IP by our edge network), and locale — used for aggregate analytics.

2. How we use it

  • Deliver, verify, and re-issue certificates.
  • Understand aggregate usage of the service (visits, conversion, pass rates).
  • Detect abuse and prevent fraudulent issuance.
  • Communicate about your specific purchase (transactional email only).

We do not sell your personal data. We do not send marketing email unless you explicitly opt in.

3. Public verification

Certificate holders can be looked up by verification ID at approvedai.org/verify. This lookup returns only the name, verification ID, and issue date — the same information printed on the certificate itself. If you don't want this information to be publicly verifiable, don't purchase the certificate.

4. Subprocessors

  • Stripe — payment processing.
  • Supabase — database and application hosting.
  • Cloudflare — edge network and DNS.
  • Resend — transactional email delivery.

5. Cookies & analytics

We use one first-party technical cookie/local-storage entry (your language preference) and a consent flag that remembers whether you dismissed our cookie banner. We do not use third-party advertising cookies or cross-site trackers.

6. Data retention

Certificate records (name, verification ID, date, payment reference) are retained indefinitely so certificates remain verifiable. Assessment attempt logs and visit analytics are retained for up to 24 months.

7. Your rights

If you are in the EU, EEA, UK, or California you can request access, correction, or deletion of your data. Certificate revocation on request will remove the record from the public verify page. Email approvedaiorg@gmail.com with your verification ID.

8. Contact

Privacy questions: approvedaiorg@gmail.com.