Privacy Policy

gasguide.app is a study and credentialing platform for CRNAs and SRNAs. We collect the minimum data needed to operate the service: your email and password, study progress, credential documents you upload, and payment information (processed by Stripe — we never see your card data). We do not sell your data, we do not share it with employers or programs unless you explicitly create a share link, and you can delete your account and all associated data at any time.

gasguide.app ("we", "us") is operated by the owner of the gasguide.app domain. For privacy questions, contact privacy@gasguide.app.

Account information

• Email address (required)
• Password (stored as a bcrypt hash by Supabase Auth — we never see your plaintext password)
• Optional MFA/TOTP secret if you enable two-factor authentication
• Optional profile fields: display name, target CRNA program, graduation year, NPI number, state license numbers

Study activity

• Question bank attempts, scores, and weak-area metrics (including module + section quiz attempts)
• Section-by-section module completion (which sections you have marked complete)
• Daily study attendance used for streaks
• Weekly challenge completion and streak data
• Personal study notes you write inline against any page
• Lecture progress and bookmarks
• 3D anatomy session history
• Voice mock interview transcripts and scoring (see "Voice-AI" below)

Pre-SRNA application tracking (optional)

• CRNA program applications you choose to track: school name, status, deadlines, interview dates, notes
• GPA repair planning entries you create

Credentialing data (B2C and B2B)

• Credential entries you create: license type, number, issuing authority, issue and expiration dates
• Documents you upload: licenses, certifications, immunization records, BLS/ACLS/PALS cards, malpractice policies, CV (stored encrypted at rest in Supabase Storage)
• Document version history and change log
• Renewal reminders and email alert preferences
• For employer portal users: organization membership and role; documents you authorize for sharing

Payment data

• Stripe Customer ID and subscription status
• Last four digits and brand of your payment card (returned by Stripe; full card data never touches our servers)
• Billing email and address if you provide them at checkout
• Invoice history

Technical data

• IP address (for security, rate limiting, and abuse prevention)
• User-agent string (browser and operating system)
• Cloudflare edge logs (request paths, status codes, cached for 24-72 hours)
• Server-side error logs (no personal data in error messages)

• Operate the service: serve content, save your progress, process payments, send credential renewal alerts
• Authenticate you and protect your account (session management, MFA)
• Send transactional email: signup confirmation, password reset, payment receipts, expiration alerts you opted into
• Improve the product through aggregated, anonymized usage statistics (which question types are weakest across cohorts, popular study sessions, etc.)
• Comply with legal obligations and enforce our Terms of Service

When you use voice-based mock interviews (in the Admissions or Boards modules), audio is captured by your browser and sent to our infrastructure for processing. We use:

• Whisper for speech-to-text transcription, run on our own GPU
• Ollama (local LLM) to generate examiner responses, run on our own GPU
• Kokoro TTS for examiner voice synthesis, run on our own GPU

Audio recordings are not retainedafter transcription unless you explicitly opt in to keep them for review. Text transcripts of your sessions and the examiner's scoring rubric output are stored so you can review your performance and so we can show improvement over time. You can delete any session or all sessions from your account settings. Transcripts are not used to train any third-party AI model. They are not used to train our own models without an explicit opt-in checkbox.

Consent + delete-on-request. Before the first voice session you must accept an in-app consent disclosure that lists the providers above and the retention windows below. Audio artifacts referenced by saved transcripts are scrubbed from our database within 24 hours; text transcripts follow a 365-day rolling retention window unless you delete them sooner. You can revoke consent and delete every voice transcript on file at any time from /account/voice-data (or per-session at /account/mock-interviews). Revoking consent re-prompts the disclosure on your next voice-mock visit.

We rely on these third-party processors. Each is contracted under a DPA where applicable:

• Supabase — auth, database, file storage. Your account credentials, study data, and uploaded documents are stored in Supabase's US-region infrastructure. Supabase privacy policy.
• Stripe — payment processing. Your card data is collected by Stripe directly via Stripe Elements and never reaches our servers. Stripe privacy policy.
• Cloudflare — hosting, CDN, DDoS protection. Cloudflare sees all requests (URL, IP, headers) and caches static assets. Cloudflare privacy policy.
• Resend — transactional email (account confirmation, password reset, expiration alerts). Resend processes your email address and message content. Resend privacy policy.
• AWS Textract — optional OCR on credential documents you upload, when you enable that feature. The document image is sent to AWS, OCR text is returned, and AWS does not retain the document under our service configuration. AWS privacy policy.
• Google Drive (optional) — if you connect Drive to import credential documents, we receive read-only access to the files you select. We never browse your full Drive. You can disconnect at any time from your account settings. Google privacy policy.

We do not use Google Analytics, Facebook Pixel, advertising trackers, or any third-party ad networks.

If you generate a share link for a credential document (for example, to send to a hospital verifier or a CRNA program admissions office), the recipient of that link can view the document until you revoke the link or it expires. Share links are signed, time-limited URLs scoped to the specific document you selected. We log when share links are accessed so you can see who viewed what and when.

• Sell your data to third parties
• Share your study performance, transcripts, or documents with employers, programs, or insurance companies (you control all sharing via share links)
• Use your interview transcripts to train AI models without an explicit opt-in
• Track you across other websites or use advertising cookies
• Send marketing email without an opt-in

You have the right to:

• Access — download all data we have about you. Email privacy@gasguide.app and we will respond within 30 days.
• Delete — request full account deletion. We delete your account and all associated data within 30 days, except records we are legally required to retain (for example, payment records for tax purposes for the period required by law).
• Correct — edit profile fields, credential entries, and study data from your account dashboard at any time.
• Export — download your data in JSON format from account settings.
• Opt out of marketing email (we send transactional email only by default).
• Lodge a complaint — if you believe we have violated your privacy rights, you may contact your local data protection authority.

California residents have additional rights under the CCPA, including the right to know what personal information we collect and the right to opt out of any "sale" (we do not sell data). EU residents have rights under the GDPR including data portability and the right to be forgotten. To exercise any of these rights, email privacy@gasguide.app.

• Account data: retained until you delete your account
• Study activity: retained until you delete your account
• Voice-AI transcripts: retained until you delete the session or your account
• Voice-AI audio: not retained after transcription unless you opt in
• Credential documents: retained until you delete them or your account
• Payment records: retained for 7 years to comply with US tax law
• Server logs: 30-90 days, then aggregated or deleted
• Support correspondence: 2 years for service-quality and security review

We use industry-standard practices: TLS 1.2+ for all traffic; bcrypt password hashing; row-level security policies in our database so each user can only access their own data; optional TOTP-based two-factor authentication; encrypted-at-rest file storage; principle of least privilege for admin access; security review of code changes before deployment. No system is perfectly secure. If we discover a breach affecting your data, we will notify you within 72 hours of confirmation.

gasguide.app is not directed to children under 18. We do not knowingly collect data from anyone under 18. If you believe a minor has created an account, contact us and we will delete it.

Our infrastructure is located in the United States. By using gasguide.app from outside the US, you consent to your data being transferred to and processed in the United States under US law.

We may update this policy. Material changes (new categories of data collection, new sharing of data, changes to retention) will be announced by email at least 30 days before they take effect. The "last updated" date at the top reflects the most recent revision.

Questions, concerns, or requests: privacy@gasguide.app

For credentialing-data verification requests from employers, please use the share link the credential holder provided rather than emailing privacy.