Legal
Privacy Policy
Last updated:
Recommended: use iubenda.com or termly.io to generate a compliant UK GDPR policy.
Required sections are marked below.
1. Who we are
Quorum is a trading name of Stephen Nolan, based in the United Kingdom. We can be contacted at hello@quorumsqe.uk.
We are the data controller for personal data collected through this service under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. What data we collect
We collect and process the following personal data:
- Account data: your email address and a hashed (unreadable) version of your password
- Study data: your flashcard ratings, MCQ answers, and study session history
- Usage data: session cookies required to keep you logged in
- Payment data: processed by Stripe. We do not store card details.
We do not collect advertising data, sell your data to third parties, or use tracking cookies.
3. How we use your data
- To provide the spaced repetition service (scheduling cards based on your ratings)
- To manage your account and subscription
- To send transactional emails (email verification, password reset)
- To comply with legal obligations
Our lawful basis for processing is contract performance (providing the service you subscribed to) and, for cookies, your consent.
4. How long we keep your data
We retain your account and study data for as long as your account is active. If you delete your account, all personal data is permanently deleted within 30 days.
5. Your rights
Under UK GDPR, you have the right to:
- Access your data — export your full study history from your account settings
- Rectify inaccurate data — update your email or profile from your account
- Erasure — delete your account and all associated data from your account settings
- Data portability — download your data in JSON format from your account settings
- Object to processing — contact us at hello@quorumsqe.uk
- Complain to the ICO at ico.org.uk if you believe we have misused your data
6. Cookies
We use one session cookie to keep you logged in. This is a strictly necessary cookie. The service cannot function without it. We do not use advertising or analytics cookies.
7. Third parties
- Stripe — payment processing. Their privacy policy applies to payment data: stripe.com/gb/privacy
- Google Fonts — typography, loaded from Google's CDN
- Fly.io — hosting provider. Servers located in London (LHR)
8. Contact
For any data-related enquiries, email hello@quorumsqe.uk. We aim to respond within 30 days.