Privacy Policy

Effective date: March 29, 2026

QuizTheClass ("we," "us," or "our") is a product of Gargasz Interactive LLC. This Privacy Policy explains what information we collect, how we use it, and the choices you have. It applies to all users of https://www.quiztheclass.com (the "Service"), including teachers (account holders) and students (participants who join classroom sessions).

If you are a school district reviewing this Service under a Student Data Privacy Agreement (SDPA), please also see our Student Data & Privacy page.

1. Information we collect

1a. Teacher accounts

When a teacher creates an account we collect:

• Name and email address — used for authentication, communication, and account recovery.
• Password — stored only as an irreversible hash (PHP password_hash, bcrypt).
• Login metadata — IP address, approximate city/region/country (via ip-api.com), browser user-agent string, and timestamp. Used to detect unauthorized access and enforce single-session login.

1b. Subscription & billing

Paid subscriptions are processed by Stripe, Inc. We never receive or store full credit card numbers. We store only:

• Stripe customer ID and subscription ID (opaque identifiers).
• Subscription type (monthly/yearly), status, and expiration date.

Stripe's own privacy policy governs how they handle payment card data: stripe.com/privacy.

1c. Students (session participants)

Students do not create accounts. To join a session a student provides only:

• A short join code given by the teacher.
• A display name (e.g., first name or nickname chosen by the student or teacher).

We do not ask students for an email address, phone number, date of birth, school name, or any other personal identifier.

During a session we also store:

• Answers to questions (text, choice selections, or drag-and-drop mappings).
• Correctness results and timestamps.

1d. Automatically collected technical data

Standard web-server logs (IP address, URL requested, HTTP referrer, browser type) may be recorded by our hosting provider. We do not embed third-party analytics, advertising trackers, or social-media pixels in the Service.

2. How we use information

• Provide the Service — delivering questions, collecting answers, grading, and displaying scores in real time.
• Account administration — authentication, password resets, email verification, subscription management.
• Security — detecting unauthorized logins, enforcing single-session access.
• Service communications — transactional emails (verification, password reset, session summaries). We do not send marketing email to students. Teacher marketing, if any, uses the teacher's email only.
• Improvement — aggregated, de-identified usage statistics (e.g., total sessions run) to improve the product.

3. Information sharing

We do not sell personal information. We share data only in these limited circumstances:

• Stripe — teacher email, name, and Stripe-assigned IDs for payment processing.
• Email delivery — teacher name and email are passed to PHP's mail() function (server-local sendmail or configured SMTP relay) for transactional messages.
• IP geolocation — teacher IP addresses are sent to ip-api.com for approximate location lookup at login. No student IPs are sent to this service.
• Legal obligation — if required by law, court order, or governmental authority.

We do not share, sell, or provide student data to advertisers or data brokers.

4. Data retention

• Teacher accounts — retained until the teacher deletes their account or requests deletion.
• Session data (students, questions, responses) — retained as long as the session exists. Teachers can delete individual sessions and questions from their dashboard; deleting a session removes all associated student records and responses (cascading database delete). When a teacher account is removed, session ownership is unlinked.
• Login logs — retained for security review; older entries may be purged periodically.

To request deletion of your teacher account or any associated data, contact us at support@quiztheclass.com.

5. Security

• The Service is served over HTTPS (TLS encryption in transit).
• Passwords are hashed with bcrypt and never stored in plaintext.
• Teacher sessions use server-side PHP sessions with token-based single-device enforcement.
• Students do not have passwords or persistent credentials.
• Stripe handles all payment card security under PCI DSS standards.

No system is perfectly secure. If we discover a breach affecting personal data we will notify affected users and, where applicable, the relevant school district, within a reasonable timeframe consistent with applicable law.

6. Children's privacy

QuizTheClass is designed for use in a school classroom under teacher direction. Students join sessions without creating accounts and without providing an email address or other personally identifiable information beyond a display name. We rely on the school or teacher to obtain any necessary parental consent under applicable law (e.g., COPPA, FERPA) before directing students to use the Service.

We do not knowingly collect personal information from children under 13 outside of the school context. If you believe a child has provided personal information without appropriate consent, please contact us and we will delete it promptly.

7. Your rights

Depending on your jurisdiction you may have the right to access, correct, or delete personal data we hold about you. Teachers can manage their account and session data from their dashboard. For any request, contact support@quiztheclass.com.

8. Changes to this policy

We may update this Privacy Policy from time to time. The "Effective date" at the top reflects the most recent revision. If we make material changes, we will notify teachers by email or a prominent notice on the Service.

9. Contact

If you have questions about this Privacy Policy or our data practices, contact us:

• QuizTheClass (Gargasz Interactive LLC)
• Email: support@quiztheclass.com
• Website: https://www.quiztheclass.com