Pathaxis Back
Legal · Privacy

Privacy Policy

Effective date: May 24, 2026. Your privacy matters to us. This policy explains what data we collect, why, and how you can control it.

1. Who We Are

Pathaxis ("we", "us", "our") operates the Pathaxis learning platform at pathaxis.io. For privacy enquiries, contact us at privacy@pathaxis.io.

2. Data We Collect

Information you provide directly:

  • Account details: full name, email address, password (stored as a secure hash), and occupation/role.
  • Profile information: display name, emoji avatar, public username.
  • Learning content: course topics you generate, practice queries you submit, and chat messages with the AI tutor.

Information we collect automatically:

  • Usage data: pages visited, features used, lesson progress, streak activity.
  • Technical data: IP address, browser type, operating system, referring URL, and session identifiers.
  • Cookies and similar technologies: see Section 6.

Information we do not collect:

  • Payment card numbers (processed directly by our payment provider; we receive only a token).
  • Biometric data.
  • Precise geolocation.

3. How We Use Your Data

We use the data we collect to:

  • Create and manage your account, and authenticate you securely.
  • Personalise AI-generated courses, roadmaps, and recommendations to your skill level and goals.
  • Track your learning progress, streaks, and achievements.
  • Improve the accuracy and quality of our AI models and course content.
  • Send transactional emails (account confirmation, password reset).
  • Send product updates and learning tips — you may opt out at any time.
  • Detect and prevent fraud, abuse, and security incidents.
  • Comply with legal obligations.

4. Legal Basis for Processing (EEA / UK Users)

If you are located in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases:

  • Contract performance — to provide the Service you signed up for.
  • Legitimate interests — to improve the Service, ensure security, and send relevant communications.
  • Consent — for optional marketing communications and non-essential cookies.
  • Legal obligation — where required by applicable law.

5. Sharing Your Data

We do not sell your personal data. We share it only with:

  • Service providers acting on our behalf (e.g. cloud hosting, email delivery, analytics). They are contractually prohibited from using your data for their own purposes.
  • AI model providers (e.g. Anthropic) for generating course content. Inputs may be processed on their servers subject to their privacy policies.
  • Law enforcement or regulators if required by law or to protect legal rights.
  • A successor entity in the event of a merger, acquisition, or sale of substantially all our assets — you will be notified in advance.

6. Cookies

We use cookies and similar technologies to keep you logged in, remember your preferences, and understand how the Service is used.

Types of cookies we use:

Essential Required for authentication and core functionality. Cannot be disabled.
Analytics Help us understand usage patterns. You may opt out via your browser settings or our cookie banner.
Preferences Remember your theme, language, and display choices.

You can manage or delete cookies through your browser settings. Disabling essential cookies may prevent the Service from functioning correctly.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required by law to retain it longer.

Aggregated, anonymised usage statistics that cannot identify you may be retained indefinitely to improve the Service.

8. Your Rights

Depending on your location, you may have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — correct inaccurate or incomplete data.
  • Erasure — request deletion of your data ("right to be forgotten").
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing based on legitimate interests.
  • Restriction — request that we limit how we process your data.
  • Withdraw consent — at any time, where processing is based on consent.

To exercise any of these rights, email privacy@pathaxis.io. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

9. International Transfers

Pathaxis is based in the United States. If you access the Service from outside the US, your data may be transferred to and processed in the US. Where required, we implement Standard Contractual Clauses or other appropriate safeguards to protect such transfers.

10. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal data from anyone under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Security

We use industry-standard security measures including encryption in transit (TLS), hashed passwords (bcrypt), and access controls to protect your data. No system is perfectly secure — if you suspect a security incident, contact us immediately at security@pathaxis.io.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent in-app notice at least 14 days before they take effect. The date at the top of this page reflects the most recent revision.

13. Contact Us

Questions, concerns, or requests regarding this Privacy Policy? Contact our privacy team at privacy@pathaxis.io.

Also read

Understand your rights and responsibilities.

Terms of Service →