Privacy Policy

Solingo is committed to protecting the personal data of its users. This privacy policy explains what data we collect, how we use it, and your rights under the General Data Protection Regulation (GDPR).

We collect the following data:

Account Information

• Email address (used for authentication and communication)
• Username (optional, for display on certificates)
• Password (encrypted with bcrypt, never stored in plain text)

Progress and Activity Data

• Lessons completed
• Exercises attempted and results
• Projects submitted
• Certificates earned
• Learning preferences and settings

Payment Data

• Payment transactions are processed by Lemon Squeezy (Merchant of Record)
• We do not store credit card information
• We receive only confirmation of payment status and subscription type

Technical Data

• IP address (for security and fraud prevention)
• Browser type and version
• Device type and operating system
• Connection timestamps

Your data is used for the following purposes:

• Service provision: Manage your account, save your progress, deliver course content
• Communication: Send important notifications about your account, subscription, or service updates
• Improvement: Analyze usage patterns to improve the platform (anonymized data)
• Security: Detect and prevent fraud, abuse, and technical issues
• Legal compliance: Fulfill legal obligations (accounting, taxation)

We never sell your personal data to third parties.

Data Location

• Supabase (PostgreSQL): User data and progress stored in EU data centers
• Cloudflare: Hosting and CDN with edge locations worldwide
• Lemon Squeezy: Payment data stored by our payment processor (PCI-DSS compliant)

Security Measures

• HTTPS encryption for all communications
• Passwords hashed with bcrypt (industry standard)
• Regular security audits and updates
• Access control and role-based permissions
• PCI-DSS compliant payment processing

Solingo uses cookies and local storage to provide essential functionality:

• Authentication cookies: Keep you logged in (Supabase)
• Local storage: Save your progress and preferences locally
• Payment cookies: Process subscription payments (Lemon Squeezy)

For more details, see our Cookie Policy.

You have the following rights regarding your personal data:

• Right of access: Request a copy of your data
• Right to rectification: Correct inaccurate or incomplete data
• Right to erasure: Request deletion of your account and data
• Right to data portability: Receive your data in a structured format
• Right to object: Object to certain data processing activities
• Right to withdraw consent: Withdraw consent at any time

To exercise these rights, contact us at [email protected].

• Active accounts: Data retained as long as your account is active
• Deleted accounts: Data permanently deleted within 30 days of deletion request
• Payment records: Retained for 5 years for legal and tax compliance
• Anonymized analytics: May be retained indefinitely (no personal identifiers)

For any questions about this privacy policy or to exercise your rights, contact us at:

[email protected]