Privacy Policy
Last updated: July 4, 2026
1. Overview
CFA Master ("the Service") respects your privacy. This policy explains what data we collect, how we use it, and your rights regarding that data.
2. Data We Collect
If you use the Service without signing in: We collect limited usage analytics such as page views, referrers, device/browser information, and interaction events. This helps us understand which CFA study resources are useful and improve the product.
If you sign in with Google or email/password: We store the following through Firebase Authentication and Firestore:
- Your display name and email address (from your auth provider)
- Module completion progress
- Quiz scores and attempt history
- Profile details you provide, such as name, mobile number, CFA exam level, exam window, preparation stage, and app goal
- Theme preference (dark/light mode)
- First-touch attribution and signup source, when available
If you contact support through chat: We collect the messages and contact details you choose to provide so we can respond to your support request.
3. How We Use Your Data
Your data is used solely to:
- Authenticate you and maintain your session
- Save and sync your study progress across devices
- Personalize study planning, reminders, and product experience based on your CFA exam profile and stated goal
- Persist your theme preference
- Measure product usage, acquisition sources, and conversion funnels without sending profile contact details to analytics providers
- Respond to support requests
We do not sell your personal data. We only share limited data with the third-party service providers listed below to operate, support, and improve the Service.
4. Third-Party Services
The Service uses the following third-party services:
- Firebase Authentication — for user sign-in (Google OAuth and email/password)
- Cloud Firestore — for storing user progress and preferences
- Google Analytics 4 — for aggregate traffic, page, event, and acquisition reporting
- Microsoft Clarity — for product analytics and session experience diagnostics
- Meta Pixel — for conversion measurement
- Crisp — for customer support chat
- Cloudflare Workers — for hosting and serving the application
These services have their own privacy policies. We encourage you to review them.
5. Data Storage & Security
Your data is stored in Google Cloud Firestore servers. All data transmission is encrypted via HTTPS. We use Firebase security rules to ensure users can only access their own data.
6. Data Retention & Deletion
Your data is retained as long as your account exists. You can request deletion of your account and all associated data by contacting CFA Master support through the support channel provided in the Service. Upon request, we will delete your Firestore documents and Firebase Authentication record.
7. Children's Privacy
The Service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us so we can delete it.
8. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.
9. Contact
If you have any questions about this Privacy Policy or want to request data deletion, please contact CFA Master support through the support channel provided in the Service.