CourseDev

Privacy Statement

Last updated: February 24, 2026

1. Introduction

CourseDev ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Statement explains how we collect, use, disclose, and safeguard your information when you use our AI-powered course generation platform ("Service"). Please read this statement carefully. By using the Service, you consent to the practices described herein.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: First name, last name, email address, and password when you create an account.
  • Course Content: Course titles, descriptions, learning objectives, topics, and other educational parameters you input into the Service.
  • Uploaded Files: Syllabus documents (PDF, DOC, DOCX, or TXT format, up to 10 MB) that you upload for AI-assisted course setup. These files are stored on our servers, and their text content is extracted and processed by AI providers.
  • Payment Information: Billing details processed through our third-party payment processor (Stripe). We do not store your full credit card number on our servers.
  • Communications: Information you provide when contacting us for support or feedback.

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, and actions taken within the Service.
  • Export Activity: When you download a generated Word document, we log the course, filename, and timestamp for operational and auditing purposes.
  • Device Information: Browser type, operating system, device type, and language preferences.
  • Log Data: IP address, access times, referring URLs, and module generation error logs.
  • Cookies: We use session cookies to maintain your authentication state. See Section 9 for details.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, operate, maintain, and improve the Service.
  • AI Content Generation: To process your inputs through AI models and generate course content (see Section 4 for details).
  • Account Management: To create and manage your account, authenticate users, and process transactions.
  • Communication: To send service-related notifications, updates, security alerts, and support messages.
  • Analytics: To understand how users interact with the Service, identify trends, and improve user experience.
  • Security: To detect, prevent, and address fraud, abuse, and security issues.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

4. AI Data Processing

This section describes how your data interacts with AI systems.

4.1 How Your Data Is Processed by AI

When you use the Service to generate course content, the information you provide (such as course titles, descriptions, learning objectives, and other inputs) is sent to third-party AI model providers for processing. These providers generate content based on your inputs and return it to the Service.

4.2 Data Not Used for AI Training

Your personal data and course content are not used to train, fine-tune, or improve the underlying AI models used by the Service. Your inputs are processed solely for the purpose of generating the requested content and are not retained by AI providers for model improvement purposes, in accordance with our agreements with those providers.

4.3 AI Output Accuracy

AI-generated content may contain inaccuracies, fabricated information ("hallucinations"), incorrect citations, or non-functional URLs. We do not guarantee the accuracy, completeness, or reliability of AI-generated outputs. You are responsible for reviewing and verifying all AI-generated content before use. For full details, please refer to Section 4 of our Terms of Service.

4.4 Third-Party AI Providers

We use the following third-party AI service providers to power the Service:

  • Anthropic (Claude): Processes your course inputs (titles, descriptions, learning objectives, syllabus text, topics) to generate module content, including overviews, learning resources, discussions, assignments, exercises, and talking points.
  • Google (Gemini): Processes module titles, topics, and course-level information to discover and verify supplementary educational resource URLs via web search.

These providers process your inputs under strict data processing agreements that limit how your data may be used. We select providers who maintain robust security practices and comply with industry standards.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party vendors who assist in operating the Service, subject to confidentiality and data processing obligations. Our current service providers include: Supabase (authentication, database hosting, and file storage), Anthropic and Google (AI content generation and resource discovery), Stripe (payment processing), and Resend (transactional email delivery such as course completion notifications).
  • Legal Requirements: When required by law, regulation, legal process, or governmental request.
  • Protection of Rights: When necessary to protect our rights, privacy, safety, or property, or that of our users or the public.
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, in which case your information may be transferred as part of the transaction.
  • With Your Consent: When you have given explicit consent to share your information for a specific purpose.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. We may also retain certain information as necessary to comply with legal obligations, resolve disputes, enforce agreements, and for legitimate business purposes.

The following retention periods apply:

  • Account data: Retained while your account is active. Upon account deletion, personal information is deleted or anonymized within thirty (30) days, except where retention is required by law.
  • Course content and uploaded files: Retained until you delete them or your account is terminated. Uploaded syllabus files stored on our servers are deleted when the associated course is deleted or your account is terminated.
  • Export and activity logs: Records of document downloads and module generation errors are retained for up to twelve (12) months for operational and auditing purposes, then deleted.
  • AI processing data: Temporary data sent to AI providers is not retained by those providers beyond the immediate processing session, in accordance with our data processing agreements.

7. Data Security

We implement industry-standard technical and organizational security measures to protect your information, including:

  • Encryption of data in transit (TLS/SSL) and at rest.
  • Secure authentication mechanisms.
  • Regular security assessments and monitoring.
  • Access controls limiting employee access to personal data on a need-to-know basis.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information, subject to legal and contractual obligations.
  • Portability: Request a copy of your data in a structured, machine-readable format.
  • Restriction: Request that we restrict processing of your information in certain circumstances.
  • Objection: Object to the processing of your personal information for certain purposes.
  • Withdrawal of Consent: Where processing is based on consent, you may withdraw your consent at any time.

To exercise any of these rights, please contact us. We will respond to your request within the timeframe required by applicable law.

9. Cookies and Tracking Technologies

We use cookies to operate the Service. Currently, the Service uses only the following type of cookies:

  • Essential Session Cookies: These cookies are strictly necessary to maintain your authenticated session, verify your identity, and ensure the Service functions correctly. They contain encrypted authentication tokens managed by our infrastructure provider (Supabase) and are automatically set when you sign in. These cookies cannot be disabled without losing access to the Service.

The Service does not currently use analytics cookies, advertising cookies, or third-party tracking technologies. We do not use local storage or session storage for tracking purposes. If we introduce additional cookie types in the future, we will update this section and, where required by law, obtain your consent before setting non-essential cookies.

10. Children's Privacy

The Service is designed for adult educators, instructional designers, and other professionals involved in course development. It is not directed at students or individuals under the age of 18. We do not knowingly collect personal information from children under the age of 13 (as defined by the U.S. Children's Online Privacy Protection Act, or "COPPA") or under the applicable age of digital consent in other jurisdictions. If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Statement, including standard contractual clauses or other legally recognized transfer mechanisms.

12. Legal Basis for Processing

If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction that requires a legal basis for processing personal data, we rely on the following bases:

  • Contractual Necessity: Processing your account information, course content, and uploaded files is necessary to provide the Service you have requested, including transmitting your inputs to AI providers for content generation.
  • Legitimate Interests: We process usage data, error logs, and export activity logs for our legitimate interests in operating, securing, and improving the Service, provided these interests are not overridden by your data protection rights.
  • Legal Obligations: We may process your information to comply with applicable laws, regulations, or legal processes.
  • Consent: Where required by law, we will obtain your consent before processing your data for specific purposes. You may withdraw your consent at any time by contacting us.

13. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify affected users without undue delay and, where feasible, within seventy-two (72) hours of becoming aware of the breach, in accordance with applicable data protection laws. Notification will be provided via email to the address associated with your account and, where appropriate, through a notice posted on the Service. The notification will include, to the extent known: the nature of the breach, the categories of data affected, the likely consequences, and the measures taken or proposed to address the breach.

14. AI-Specific Disclosures

In accordance with emerging AI transparency regulations, we provide the following disclosures:

  • AI-Generated Content Labeling: All course materials produced by the Service are generated by artificial intelligence. Generated Word documents are identified as created by "CourseDev" in the document metadata. Users are responsible for appropriately disclosing the AI-assisted nature of generated content when distributing it to students or other recipients, in accordance with their institution's policies.
  • AI Output Storage: AI-generated content (module text, discussions, assignments, etc.) is stored in our database and associated with your account until you delete the course or your account is terminated.
  • No Automated Decision-Making: The Service does not use AI or automated processing to make decisions that produce legal effects or similarly significant effects on you. AI is used solely to generate educational content at your direction.

15. Changes to This Privacy Statement

We may update this Privacy Statement from time to time. We will notify you of material changes by posting the updated statement on this page with a revised "Last updated" date. For significant changes, we may also notify you via email or through a notice on the Service. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Statement.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Statement or our data practices, please contact us.

For data protection inquiries or to exercise your privacy rights, please use our contact form and select the "General Inquiry" category with the subject "Privacy Request."

← Back to Home