Study Panda Pro logoStudy Panda Pro
Join waitlist

Privacy Policy

How Study Panda Pro collects, uses, and protects your data.

Last Updated: June 19, 2026 | Effective Date: July 1, 2026

Part 1 — How We Handle Your Data (Plain-Language Summary)

The short version: we can never read your academic data. It lives on your device, and any backup you create is end-to-end encrypted in your own cloud so only you can unlock it.

Study Panda Pro is built on a local-first architecture. Your courses, assignments, study sessions, activities, classmates, and settings are stored on your phone — we do not store this data on our servers. You may optionally create an account (email, and optionally a phone number) to manage a premium subscription and to back up and restore your data. Your backups, attached documents, and media (photos, screenshots, PDFs) go to your own personal cloud (Google Drive, OneDrive, or iCloud), end-to-end encrypted, and never touch our servers.

What we DO store on our servers

If you create an account, we store only your account identifiers:

Data Purpose Where stored Can we read it?
Email address Account login, recovery, and subscription management Supabase (cloud database) Yes — needed to log you in
Phone number (optional) Optional backup for account recovery Supabase (cloud database) Yes

What stays on your device only

Everything else:

  • Courses, class schedules, instructor names
  • Assignments, due dates, progress, milestones
  • Study timer sessions and break history
  • Activity logs (sports, work, social, etc.)
  • Classmate directory (names, contact info, social handles)
  • App settings, themes, preferences
  • Security PIN (hashed, stored in your device's secure keychain)

We never see this data. If you uninstall the App without backing up, it's gone permanently.

Backups are yours, not ours

Your documents and media — the photos, screenshots, and PDFs you attach — are stored in your own personal cloud (Google Drive, OneDrive, or iCloud), in a location you choose and control. We never receive or store these files. Full encrypted backups can also be exported to your personal cloud. All such files are encrypted (AES-256) and only you can decrypt them. We have no access to your cloud account.

Analytics: anonymous and aggregate only

We collect anonymized usage statistics to understand how the App performs and which features are used most. These statistics are aggregate counts (e.g., "the Homework screen was viewed 12,000 times this week") — they contain no user IDs, device IDs, email addresses, or any information that could identify you. We use Firebase Analytics configured in privacy mode with all personally identifiable information stripped at the point of collection.

We do not track individual user journeys, build user profiles, or chain session events. The analytics data is irreversibly anonymized — it cannot be linked back to you even in combination with other data.

Third-party integrations: only when you ask

If you choose to connect Google Drive, OneDrive, iCloud, or Google Calendar, the App sends the minimum data required for that integration (e.g., a class time and title for a calendar event). You control which integrations are active and can disconnect them at any time. Integration credentials are stored in your device's secure keychain, not in plaintext.

Crash reporting: no personal data

If the App crashes, an anonymized error report (stack trace, device model, OS version) is sent to our crash reporting service (Sentry). These reports contain no personal data — no name, no email, no study content, no information you entered into the App.

We do NOT

  • Display advertisements or use ad SDKs
  • Sell, rent, or share your data with third parties
  • Track you across apps or websites
  • Collect location data, call logs, browsing history, or health data
  • Train AI or machine learning models on your data
  • Profile you for marketing purposes

Your rights

  • See your data: It's on your device — you already have it.
  • Export your data: Use the portable backup feature anytime (Settings > Backup & Restore).
  • Delete your data: Delete individual items in-app, or use "Delete All Data" in Settings for a complete wipe.
  • Delete your account: Use in-app account deletion, our online deletion request form, or contact us — and we will delete your email, phone, and account from our servers within 30 days. Your on-device data and the backups in your own cloud stay under your control.

Questions?

Contact us at help@studypanda.pro.

1. Introduction

Study Panda Pro ("we," "us," or "our") provides a mobile application designed to help college and university students manage their academic workload, track study sessions, organize coursework, and maintain a healthy school-life balance. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the Study Panda Pro mobile application (the "App").

This Privacy Policy applies to users located in the United States and Canada. If we expand to other jurisdictions in the future, this policy will be updated accordingly.

By downloading, installing, or using the App, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described here, please do not use the App.

2. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

  • Email: help@studypanda.pro

We aim to respond to all inquiries within 30 business days.

3. Information We Collect

3.1 Account Information (Server-Side)

When you create an account, we collect and store the following on our servers (hosted by Supabase):

  • Email address — for account sign-up, login, password recovery, account deletion, subscription management, and essential service communications
  • Phone number (optional) — an optional backup method for account recovery
  • A random user ID — to identify your account (not derived from your name or identity)

We do not store your academic data (courses, assignments, activities, classmates, etc.) on our servers — it stays on your device, and any backup you create is saved to your own personal cloud. We do not store your name. Your email and phone are protected by Supabase's infrastructure security (encryption at rest and in transit).

3.2 On-Device Data (Local Only)

The following data is stored on your device only — it is not stored on our servers. Any backup you create is saved to your own personal cloud (not ours) as an end-to-end-encrypted file, and attached documents and photos also go to your own personal cloud. Security credentials and active timer state never leave your device:

  • Course information (names, codes, instructors, schedules, locations, attached documents)
  • Assignment and homework data (titles, due dates, estimated hours, progress, milestones, completion status)
  • Study session data (timer start/stop, durations, break intervals, alarm preferences)
  • Activity and life-tracking data (titles, dates, times, durations, locations, categories, recurrence patterns)
  • Classmate directory (names, contact info, social handles, course associations, notes, photos)
  • App settings, theme preferences, and notification configuration
  • Security credentials (PIN hash and salt stored in device keychain; biometric data processed by OS only)

3.3 Anonymized Analytics (Aggregate Only)

We collect anonymized, aggregate usage statistics using Firebase Analytics configured in privacy mode:

  • Screen view counts and feature usage frequency (aggregate totals, not per-user)
  • App performance metrics (load times, crash-free session rates, error rates)
  • Feature adoption rates (percentage of users who have used a feature)

This data contains no user IDs, device IDs, advertising identifiers, IP addresses, or any information that could identify an individual user. Analytics data is aggregated at the point of collection and cannot be linked to any person, even in combination with other data we hold.

Your choice. Anonymized analytics are controlled by a single analytics toggle in the App's Settings. Turning it off stops collection immediately; nothing further is collected until you turn it back on.

3.4 Crash Reports (Anonymized)

If the App encounters an error, an anonymized crash report (stack trace, device model, OS version, App version) is sent to Sentry. These reports contain no personal data, user-entered content, or account information.

3.5 Information We Do NOT Collect

For clarity, Study Panda Pro does NOT collect:

  • Location data (GPS, Wi-Fi, or cellular location)
  • Advertising identifiers (IDFA, GAID)
  • Browsing history or web activity
  • Call logs or SMS/text messages
  • Financial or payment information
  • Health or medical data
  • Audio, video, or voice recordings
  • Data from other apps on your device
  • Individual user session traces or behavioral profiles

4. How We Use Your Information

  • Account Management & Subscriptions: To authenticate your identity, enable login, facilitate password recovery, manage your premium subscription, and process account deletion using your email and (optional) phone number. We do not collect or store your name.
  • Core App Functionality: All study planning, workload tracking, scheduling, analytics, and notification features operate entirely on your device using your locally stored data.
  • Product Improvement: To understand aggregate feature usage and App performance through anonymized analytics, allowing us to prioritize development efforts.
  • Crash Resolution: To identify and fix App crashes using anonymized diagnostic reports.

We do NOT use your information for advertising, ad targeting, marketing profiling, data sales, or training machine learning models.

5. Third-Party Integrations (User-Initiated)

Study Panda Pro offers optional integrations with third-party services. These are entirely user-initiated — no data is shared with any third party unless you explicitly configure and enable the integration. Each integration can be disconnected at any time from Settings.

5.1 Available Integrations

Cloud backup (Google Drive, OneDrive, iCloud): Back up your encrypted App data to a dedicated folder in your personal cloud storage. Authentication via the provider's OAuth.

Google Calendar: Sync class schedules and assignment deadlines to a Google Calendar you designate.

5.2 Integration Data Handling

  • All integration credentials (webhook URLs, API tokens, OAuth tokens) are stored in your device's hardware-backed keychain — not in plaintext and not on our servers.
  • Data sent to third-party services is limited to the minimum required for the integration's function.
  • We do not have access to your third-party accounts.
  • Disconnecting an integration removes its credentials from your device keychain.

5.3 Google API Services — Limited Use

Study Panda Pro's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. When you connect Google Drive or Google Calendar, we use the data accessed through these Google APIs solely to provide and improve the backup and calendar-sync features you have enabled. We do not transfer this data to others except as necessary to provide those features, to comply with applicable law, or in connection with a merger, acquisition, or sale of assets with appropriate notice. We do not use Google user data for advertising, and we do not allow humans to read it except where you give explicit consent to resolve a specific support issue, where required for security or to comply with applicable law, or where the data has been aggregated and anonymized.

6. Data Storage and Security

6.1 Server-Side (Account Data Only)

Your account identifiers (email, optional phone, random user ID) are stored in Supabase with encryption at rest and in transit. We do not store your academic data on our servers. Your academic data stays on your device, and any backup you create is encrypted on your device and stored in your own personal cloud with a key we never possess — so we, and anyone who might breach our database, cannot read your content.

6.2 On-Device (All Other Data)

All academic, scheduling, and personal productivity data is stored locally on your device using the device's file system encryption. We do not operate servers that store this data.

6.3 Backup Encryption

Device Auto-Backups: Encrypted with a device-unique 256-bit key stored in your device's hardware-backed keychain. Uses AES-256-CBC encryption with PBKDF2-SHA256 key derivation (600,000 iterations) and HMAC-SHA256 integrity verification. Bound to the device that created them.

Portable Exports: Encrypted with a passphrase you choose, using the same AES-256-CBC + PBKDF2 scheme. Transferable between devices.

6.4 Security Measures

  • PIN hashing with PBKDF2-SHA256 (600,000 iterations) and per-PIN random salt
  • Hardware-backed keychain storage for PINs, recovery emails, and integration credentials
  • Brute-force lockout with exponential backoff (30 seconds to 30-minute cap)
  • Certificate pinning for HTTPS connections to third-party services
  • Cleartext traffic disabled in network security configuration
  • Path traversal protection on backup file operations

7. Data Sharing

We do not sell, rent, trade, or otherwise transfer your personal data to third parties for their own purposes.

Data may be shared only in these limited circumstances:

  • User-Initiated Integrations: When you explicitly configure a third-party integration (Section 5), the minimum necessary data is transmitted to that service.
  • Crash Reporting: Anonymized crash diagnostics are sent to Sentry. No personal data is included.
  • Classmate Sharing: When you share a classmate's contact via QR code or vCard, data is shared through your device's native sharing mechanism — not through our servers.
  • Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
  • Business Transfers: If Study Panda Pro is involved in a merger, acquisition, financing, reorganization, or sale of all or part of its assets, your information may be transferred as part of that transaction. Your end-to-end-encrypted academic data remains unreadable to us and to any successor. We will notify you (through the App or by email) of any change in ownership or control of your personal information, and any successor will remain bound by this Privacy Policy or will provide notice of any changes.

8. Data Retention

Server-side (account data): Retained for as long as your account is active. An account that stays inactive for more than twelve (12) consecutive months is automatically deleted, after we send advance notice to your account email. Upon account deletion — whether you request it or it is automatic — your email, phone, and random user ID are deleted from our servers within 30 days. We do not hold your academic data on our servers; your on-device data and the backups in your own personal cloud are not ours to delete and remain under your control.

On-device data: Retained on your device for as long as you use the App. Uninstalling permanently deletes all local data. Device auto-backups rotate automatically (5 most recent kept). Portable exports remain wherever you saved them and are under your control.

Analytics: Aggregate analytics contain no personal data and are retained indefinitely for product improvement.

Crash reports: Anonymized crash reports are retained by Sentry per their retention policy (typically 90 days).

9. Your Rights and Choices

9.1 Access and Portability

  • On-device data is accessible directly within the App at all times.
  • Export a complete backup anytime via Settings > Backup & Restore.
  • Request a copy of your server-side account data by contacting us at Section 2.

9.2 Correction

  • Edit on-device data directly within the App.
  • Request correction of account data by contacting us.

9.3 Deletion

  • Delete individual items (assignments, classmates, activities) within the App.
  • Delete all on-device data via "Delete All Data" in Settings.
  • Request deletion of your server-side account data using our online deletion request form or by contacting us. Completed within 30 days.
  • Uninstalling the App permanently deletes all local data.

9.4 Device Permissions

Permission Purpose If denied
Camera Document photos, QR code scanning Photo/QR features unavailable
Photo Library Image attachments Gallery attachment unavailable
Contacts Import classmates from address book Manual entry and QR still available
Face ID / Biometrics App Lock authentication PIN entry is the fallback
Notifications Reminders, timer alerts, break prompts No push notifications; in-app alerts still work

You can change permissions anytime in your device's Settings.

10. Children's Privacy

Study Panda Pro is designed for college and university students. The minimum age to use the App is 16. Section 10.1 describes our practices under US law (COPPA), and Section 10.2 describes our practices under Canadian law. Our commitments across all jurisdictions:

  • Under 13: We do not knowingly collect personal information from anyone under 13. If we discover a user is under 13, we will immediately terminate their account and permanently delete their personal data from our servers.
  • Ages 13–15: The minimum age to use the App is 16. Accounts found to belong to users under 16 will be terminated and data deleted.
  • Ages 16–17: A parent or legal guardian must provide consent for anyone under 18 to use the App. By creating an account, a user under 18 confirms that a parent or guardian has provided this consent.

10.1 United States (COPPA)

We do not knowingly collect personal information from children under 13 in compliance with the Children's Online Privacy Protection Act (COPPA).

10.2 Canada

Canada does not have a single federal statute equivalent to COPPA. Children's privacy is addressed through consent provisions in federal and provincial privacy legislation:

  • PIPEDA (Federal): The Office of the Privacy Commissioner of Canada (OPC) guidance states that for children under 13, organizations should generally obtain parental or guardian consent, and that for children aged 13 to 17, consent may be meaningful depending on context and sensitivity.
  • Quebec (Law 25): For children under 14, consent must be given by a parent or guardian.
  • Alberta and British Columbia (PIPA): Require that consent be meaningful and appropriate to the individual's circumstances, including age-appropriate considerations for minors.

Because Study Panda Pro targets post-secondary students and requires users to be at least 16, we do not expect to collect information from children. Users who are 16 or 17 must have the consent of a parent or legal guardian. If we become aware that a user is under 16 (or under an applicable provincial age threshold), we will delete their information promptly.

If you believe a child has provided us with personal information, please contact us at Section 2.

11. Student Data and Educational Privacy

Study Panda Pro is a personal productivity tool, not an institutional service. The data you enter is self-reported — not sourced from your institution's systems.

11.1 United States (FERPA)

Because Study Panda Pro is a consumer application and not a school-provisioned service, the Family Educational Rights and Privacy Act (FERPA) does not directly apply to our data collection.

11.2 Canada

Canada does not have a federal equivalent to FERPA. Student educational records at public institutions are governed by provincial legislation:

  • Ontario: Freedom of Information and Protection of Privacy Act (FIPPA)
  • British Columbia: Freedom of Information and Protection of Privacy Act (FOIPPA)
  • Alberta: Freedom of Information and Protection of Privacy Act (FOIP Act)
  • Quebec: Act respecting access to documents held by public bodies and the protection of personal information

Because Study Panda Pro is a consumer application and not an institutional service provider, these provincial acts do not directly govern our data practices.

Our commitments regarding student data:

  • We do not access your institution's student records or systems.
  • We do not share any student data with educational institutions.
  • We do not act as a "school official" or institutional agent under any US or Canadian educational privacy framework.

12. U.S. State Privacy Rights

12.1 California (CCPA/CPRA)

California residents have the following rights:

  • Right to Know: You may request the categories and specific pieces of personal information we have collected. Server-side, we hold only your email and optional phone number. On-device data is already in your possession.
  • Right to Delete: Request deletion of server-side account data (Section 9.3). On-device data is under your direct control.
  • Right to Opt-Out of Sale: We do not sell personal information. No opt-out is necessary.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

12.2 Other U.S. States

Residents of Virginia, Colorado, Connecticut, Utah, and other states with consumer privacy laws have similar rights. We honor these rights for all U.S. users regardless of state. Contact us at Section 2 to exercise your rights.

12.3 How We Verify Requests and Handle Appeals

To protect your privacy, before we act on a request relating to server-side account data we may ask you to verify your identity using the email address associated with your account. We use information provided for verification only to process your request. You may also use an authorized agent to submit a request on your behalf, provided the agent gives proof of authorization.

If we decline to act on your request, we will tell you why. You may appeal that decision by emailing us at help@studypanda.pro with the subject line "Privacy Request Appeal." We will respond in writing with the outcome of the appeal and the reasons for it. If your appeal is denied, you may contact your state attorney general (United States) or the Office of the Privacy Commissioner of Canada or your applicable provincial privacy regulator (Canada).

13. Canadian Privacy Law

13.1 Federal: PIPEDA

The Personal Information Protection and Electronic Documents Act (PIPEDA) applies to our collection, use, and disclosure of personal information in commercial activities across Canada, except in provinces with substantially similar legislation (Section 13.2).

Your rights under PIPEDA:

  • Access: Request access to personal information we hold. Server-side: email, optional phone. On-device: already in your possession.
  • Correction: Request correction of inaccurate information.
  • Consent Withdrawal: Withdraw consent by deleting your data and/or your account. Subject to legal or contractual restrictions and reasonable notice.
  • Complaint: File a complaint with the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca.

13.2 Provincial Privacy Legislation

Three provinces have private-sector privacy legislation deemed substantially similar to PIPEDA:

Quebec — Act respecting the protection of personal information in the private sector (as amended by Law 25): - Requires explicit consent for collection of sensitive personal information. - Grants a right to data portability in a commonly used technological format. - Requires privacy impact assessments for systems processing personal information. - Mandates breach notification to the Commission d'acces a l'information du Quebec (CAI). - Establishes a private right of action for privacy violations.

Alberta — Personal Information Protection Act (PIPA): - Requires consent appropriate to the sensitivity of the information. - Grants rights of access, correction, and complaint to the OIPC Alberta. - Requires breach notification for incidents posing a real risk of significant harm.

British Columbia — Personal Information Protection Act (PIPA): - Requires personal information be collected, used, and disclosed only for reasonable purposes. - Grants rights of access, correction, and complaint to the OIPC BC. - Requires breach notification for incidents posing a real risk of significant harm.

13.3 Other Provinces

In provinces without substantially similar legislation (Ontario, Manitoba, Saskatchewan, New Brunswick, Nova Scotia, Prince Edward Island, Newfoundland and Labrador, and the territories), PIPEDA applies to private-sector commercial activities.

13.4 Jurisdictional Summary

Jurisdiction Applicable Law Oversight Body
Federal / Ontario / provinces without substantially similar law PIPEDA Office of the Privacy Commissioner of Canada (OPC)
Quebec Quebec private-sector privacy act (Law 25) Commission d'acces a l'information du Quebec (CAI)
Alberta Alberta PIPA OIPC Alberta
British Columbia BC PIPA OIPC BC

14. Third-Party Services

The following third-party services may receive data when you configure integrations:

  • Supabase (Supabase, Inc.): Account authentication and storage of email, optional phone, and subscription status. We do not store your academic data on Supabase. Privacy policy
  • Sentry (Functional Software, Inc.): Anonymized crash diagnostics only. Privacy policy
  • Firebase Analytics (Google LLC): Anonymized aggregate usage statistics only. Privacy policy
  • RevenueCat (RevenueCat, Inc.): Subscription and in-app purchase management. Processes subscription status and purchase receipts from Apple App Store and Google Play to validate your premium entitlement. No academic data is shared. Privacy policy
  • Google Drive and Calendar (Google LLC): Data you choose to back up or sync. Privacy policy

15. Data Transfers

Study Panda Pro is designed for use in the United States and Canada. Your on-device data does not leave your device.

Server-side account data (email, optional phone) is stored by Supabase on infrastructure located in the United States. Anonymized crash reports are processed by Sentry on US-based servers. Anonymized analytics are processed by Firebase on US-based servers.

In the limited cases where data is transmitted to third-party integrations (Google Drive, Google Calendar), the data may be processed on servers located in the United States. By using these optional features, you consent to the transfer of the minimal data involved.

16. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, features, or legal requirements. When we make material changes:

  • We will update the "Last Updated" date at the top.
  • For significant changes, we will provide notice through the App.

Your continued use of the App after changes are posted constitutes acceptance of the updated policy.

17. Advertising

Study Panda Pro does not display advertisements. We do not use advertising SDKs, tracking pixels, or ad networks. We do not collect or share data for advertising purposes. This is a fundamental design principle of the App, not a temporary policy.

18. Do Not Track

Study Panda Pro does not track users across third-party websites or services. Because we do not engage in cross-site tracking, we do not respond to Do Not Track (DNT) signals — our practices already align with DNT principles by default.

19. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of the Province of Alberta, Canada, without regard to its conflict of law principles. For Canadian users, applicable provincial privacy legislation supplements this policy.