Legal

Privacy Policy

Last updated: 1 March 2026

Axiom is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and your rights under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. What Data We Collect

We collect the following types of information when you use Axiom:

Account information

  • Email address
  • Hashed password (we never store your password in plain text)
  • Account creation date and subscription tier

Content you upload

  • Lecture audio files and recordings
  • Transcripts and notes you paste or generate
  • Quiz responses and study session data

Usage data

  • Pages visited and features used within the app
  • Session timestamps, device type, and IP address
  • Subscription and billing events (via Stripe)

2. How We Use Your Data

We use your data to:

  • Provide, operate, and improve the Axiom service
  • Process your lecture content through AI to generate study materials
  • Manage your subscription and process payments via Stripe
  • Send transactional emails (account verification, billing receipts, security alerts)
  • Detect and prevent account sharing, abuse, and unauthorised access
  • Comply with legal obligations

We do not use your uploaded lecture content to train our AI models, share it with third parties for marketing, or sell it.

We do not send marketing emails without your explicit consent. You can opt out of any non-essential communications at any time.

3. Data Storage and Security

Your data is stored on secure servers provided by Supabase (PostgreSQL database hosted on AWS infrastructure). Lecture files and transcripts are stored in Supabase Storage.

We implement the following security measures:

  • Passwords are hashed using bcrypt before storage
  • All data is transmitted over HTTPS/TLS
  • Authentication tokens are short-lived and invalidated on logout
  • Single-session enforcement to prevent concurrent unauthorised access
  • Device verification for new login locations

While we take reasonable security precautions, no system is completely secure. We encourage you to use a strong, unique password for your Axiom account.

4. Third-Party Services

Axiom uses the following third-party services to operate:

ServicePurposeData shared
SupabaseDatabase and file storageAccount data, uploaded content
StripePayment processingEmail, subscription events (no card details stored by us)
Anthropic (Claude)AI note generation, Q&A, quizzesLecture transcripts (processed, not stored by Anthropic)
OpenAI (Whisper)Audio transcriptionAudio files (processed, not stored by OpenAI)
Railway / RenderBackend hostingRequest logs
VercelFrontend hostingCDN request logs
Resend / SendGridTransactional emailEmail address

Each third-party provider has its own privacy policy and data processing terms. We select providers who meet reasonable data protection standards.

5. Data Retention

We retain your account data for as long as your account remains active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law (e.g. billing records may be retained for 7 years for tax compliance).

Uploaded lecture content (audio files, transcripts) is retained while your account is active. You can delete individual lectures at any time from the Dashboard.

6. Your Rights

Under Australian privacy law, you have the right to:

  • Access — request a copy of the personal information we hold about you
  • Correction — request correction of inaccurate personal information
  • Deletion — request deletion of your account and associated data
  • Complaint — lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy rights have been breached

To exercise any of these rights, email us at support@axiomstudy.co. We will respond within 30 days.

7. Cookies and Tracking

Axiom uses essential session cookies for authentication. We do not use third-party advertising cookies or tracking pixels. No data is shared with advertising networks.

8. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or in-app notice. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

10. Contact

For privacy enquiries or to exercise your rights, contact us at:

support@axiomstudy.co

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.