Boulder MCAT

Privacy Notice

Last updated: June 8, 2026

1. Who we are

This Privacy Notice describes how BOULDER MCAT ("Boulder MCAT", "we", "us", or "our") collects and uses your personal data when you use our website, tutoring services, and student portal (the "Service"). Boulder MCAT acts as the data controller for personal data processed through the Service.

2. Personal data we collect

  • Account data — name, email address, password (hashed), profile photo.
  • Tutoring data — session bookings, lesson progress, assignment submissions, materials uploaded, messages with your tutor.
  • Support data — emails and messages you send us.
  • Usage and device data — IP address, browser/device identifiers, pages visited, actions taken, log timestamps.
  • Payment-related data — handled by our payment processor Stripe. We receive a transaction reference, customer email, amount, billing address (for tax purposes), and product purchased — we do NOT receive or store full card details.

3. How we use your data

  • To create and manage your account (legal basis: contract).
  • To deliver tutoring sessions, lessons, and study materials (contract).
  • To process payments and fulfill orders through Stripe (contract).
  • To respond to support requests (contract / legitimate interests).
  • To secure the Service and prevent fraud or abuse (legitimate interests / legal obligation).
  • To improve our content and platform (legitimate interests).
  • To send service announcements; marketing emails only with your consent.
  • To comply with applicable laws and tax obligations (legal obligation).

4. Who we share data with

  • Stripe — our payment processor, which handles card processing, tax calculation, invoicing, and refunds. See stripe.com/privacy.
  • Service providers / subprocessors — hosting, database, authentication, analytics, video delivery, email, and support tooling vendors acting on our instructions.
  • Professional advisers — accountants and lawyers where necessary.
  • Authorities — when required by law, court order, or to protect rights, safety, or property.

We do not sell your personal data.

5. International transfers

Some of our service providers are located outside your country of residence (for example, in the United States). Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

6. Data retention

We retain personal data only as long as needed to provide the Service, comply with legal/tax obligations, resolve disputes, and enforce our agreements. Account data is deleted or anonymised on request, subject to legal retention requirements. Payment and tax records are retained as required by law.

7. Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, or port your personal data, to object to certain processing, and to withdraw consent at any time. UK/EEA users have additional rights under GDPR, including the right to lodge a complaint with their local supervisory authority. We aim to respond to requests within one month.

To exercise any of these rights, email william@bouldermcat.com.

8. Security

We use appropriate technical and organisational measures — including encryption in transit, access controls, and least-privilege practices — to protect personal data. No system is perfectly secure; please use a strong, unique password for your account.

9. Cookies

We use essential cookies and similar technologies to keep you signed in, to remember preferences, and to keep the Service secure. We may also use limited analytics cookies to understand how the Service is used. You can control cookies through your browser settings; disabling essential cookies may break parts of the Service.

10. Children

The Service is intended for users aged 16 and over. We do not knowingly collect personal data from children under 16 without parental consent.

11. Changes to this notice

We may update this Privacy Notice from time to time. Material changes will be posted on this page with a new "Last updated" date.

12. Contact

For any privacy questions or requests, contact us at william@bouldermcat.com.