Privacy Policy

Last updated: February 22, 2026

1. Overview

CFA Master ("the Service") respects your privacy. This policy explains what data we collect, how we use it, and your rights regarding that data.

2. Data We Collect

If you use the Service without signing in: We do not collect any personal data. No cookies, no tracking, no analytics.

If you sign in with Google or email/password: We store the following through Firebase Authentication and Firestore:

  • Your display name and email address (from your auth provider)
  • Module completion progress
  • Quiz scores and attempt history
  • Theme preference (dark/light mode)

3. How We Use Your Data

Your data is used solely to:

  • Authenticate you and maintain your session
  • Save and sync your study progress across devices
  • Persist your theme preference

We do not sell, share, or transfer your personal data to any third parties. We do not use your data for advertising, marketing, or profiling.

4. Third-Party Services

The Service uses the following third-party services:

  • Firebase Authentication — for user sign-in (Google OAuth and email/password)
  • Cloud Firestore — for storing user progress and preferences
  • Cloudflare Workers — for hosting and serving the application

These services have their own privacy policies. We encourage you to review them.

5. Data Storage & Security

Your data is stored in Google Cloud Firestore servers. All data transmission is encrypted via HTTPS. We use Firebase security rules to ensure users can only access their own data.

6. Data Retention & Deletion

Your data is retained as long as your account exists. You can request deletion of your account and all associated data by opening an issue on our GitHub repository. Upon request, we will delete your Firestore documents and Firebase Authentication record.

7. Children's Privacy

The Service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us so we can delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

9. Contact

If you have any questions about this Privacy Policy or want to request data deletion, please open an issue on our GitHub repository.