Privacy Policy

Effective Date: February 17, 2026
Last Updated: February 17, 2026

NeuroPractica ("we," "us," or "our") operates the NeuroPractica mobile application and website (neuropractica.org). This privacy policy explains what information we collect, how we use it, and your rights regarding your data.

We believe in plain language. This policy is meant to be read and understood — not buried in legalese.

What We Collect

Account Information

When you create an account, we collect:

  • Email address — used for login, account recovery, and transactional emails (like subscription receipts)
  • Name — provided by Google or Apple when you sign in with those services
  • Authentication provider — whether you signed in with Google, Apple, or email (magic link)

Profile Information

During onboarding and in your settings, you may provide:

  • Training stage — such as medical student, resident year, or nurse practitioner
  • Learning goals — your self-selected focus areas
  • Timezone and preferred daily case time — used to schedule your daily case reminder
  • Subspecialty preferences — topics you want to focus on

All profile information is optional except training stage, which helps us recommend an appropriate starting difficulty level.

Learning Data

As you use NeuroPractica, we collect:

  • Case attempts — which cases you started, completed, or left incomplete
  • Your responses — the options you selected on each decision step
  • Scores and performance — how you performed on each case
  • Weakness patterns — areas where you frequently miss questions, used to personalize your experience
  • Case ratings and feedback — your optional ratings and comments on cases

This data powers our personalization engine, which selects cases tailored to strengthen your weak areas. We do not share your individual learning data with anyone — not employers, not training programs, not other users.

Payment Information

If you subscribe to NeuroPractica Advanced, payment is processed entirely by Stripe. We do not store your credit card number, bank account details, or other payment credentials on our servers. We receive only:

  • Subscription status (active, trial, canceled)
  • Billing cycle dates
  • A Stripe customer identifier

For Stripe's own privacy practices, see Stripe's Privacy Policy.

Device Information

If you enable push notifications, we store:

  • Device token — a unique identifier provided by Apple (APNs) or Google (FCM) to deliver notifications to your device

We do not collect device identifiers, hardware information, or location data.

How We Use Your Information

We use your information to:

  • Operate the app — authenticate you, save your progress, deliver cases
  • Personalize your learning — select daily cases targeting your weaknesses, track your improvement over time
  • Send transactional communications — magic link emails, subscription receipts, daily case reminders (if enabled)
  • Improve the product — aggregate, anonymized usage patterns help us understand which features are working and where cases need improvement

We do not:

  • Sell your personal information to anyone
  • Share your individual learning performance with third parties
  • Use your data for advertising
  • Train AI models on your personal data

Third-Party Services

We use the following third-party services to operate NeuroPractica:

Service Purpose What They Receive
Google Sign-In Authentication Your Google account email and name (when you choose to sign in with Google)
Apple Sign-In Authentication Your Apple ID email and name (when you choose to sign in with Apple)
Stripe Payment processing Payment details you enter during checkout
Resend Transactional email delivery Your email address and message content (magic links, receipts)
Firebase Cloud Messaging / APNs Push notifications Your device token and notification content
Railway Cloud hosting All data stored in our database (encrypted at rest and in transit)

Each of these services has their own privacy policy. We only share the minimum information necessary for each service to function.

Data Retention

  • Active accounts — We retain your data for as long as your account is active.
  • Account deletion — You can delete your account at any time from the Settings screen. Deletion is a soft delete with a 7-day recovery window, after which your data is permanently removed.
  • Incomplete case data — Abandoned case attempts are retained so you can resume them. You can discard incomplete cases at any time.
  • Subscription data — Billing records are retained as required for tax and legal compliance, even after account deletion.

Data Security

We take reasonable measures to protect your information:

  • All data transmitted between the app and our servers is encrypted using TLS (HTTPS)
  • Database access is restricted and encrypted at rest
  • Authentication tokens expire and are refreshed regularly
  • Admin access to production systems requires separate credentials with short-lived sessions

No system is 100% secure. If you believe your account has been compromised, contact us immediately.

Your Rights

You have the right to:

  • Access your data — View your profile, learning history, and performance data within the app
  • Correct your data — Update your profile information at any time in Settings
  • Delete your data — Delete your account and all associated data from Settings
  • Opt out of notifications — Disable push notifications or daily reminders at any time

If you are located in the European Economic Area (EEA), United Kingdom, or California, you may have additional rights under GDPR or CCPA. Contact us to exercise these rights.

Children's Privacy

NeuroPractica is designed for medical professionals and students. We do not knowingly collect information from anyone under the age of 16. If we learn that we have collected data from someone under 16, we will delete it promptly.

Changes to This Policy

We may update this privacy policy from time to time. When we do, we will update the "Last Updated" date at the top and, for significant changes, notify you through the app or by email.

Contact Us

If you have questions about this privacy policy or your data, contact us at:

Email: privacy@neuropractica.org
Website: neuropractica.org

NeuroPractica is operated by Adam Rizvi, MD. This privacy policy applies to the NeuroPractica mobile application (iOS and Android) and the NeuroPractica website (neuropractica.org).