Privacy Policy
Last updated: June 9, 2026
1. Who we are
Essay+ (Essay+, we, us, our) is a writing-evaluation platform operated by Serenium LLP (A+ Learning), with its registered office at Kharadi, Pune, Maharashtra, India.
Essay+ helps students see the strengths in their own writing and revise it with more clarity and confidence. We evaluate writing; we do not write it. We never generate replacement essay text for submission.
This Privacy Policy explains what personal data we collect, why we collect it, how we protect it, who we share it with, and the rights you have. Because many of the people who use Essay+ are students under the age of 18, we treat children's privacy with particular care, as described in Section 7.
For the purposes of applicable data-protection laws, Serenium LLP is the data controller (data fiduciary) for the personal data described here.
2. Scope
This policy applies to the Essay+ marketing site, web application, and any related services that link to it. It does not apply to third-party sites or services we link to, which have their own privacy policies.
3. The personal data we collect
Account data. Your name, email address, and a securely hashed password when you create an account. Your selected role (student, parent, or teacher).
Profile and evaluation-context data. To evaluate writing fairly, we collect context such as your grade or stage, age band where relevant, broad geographic or education context, and the purpose of a piece of writing.
Content you submit. The essays and drafts you provide, whether typed, uploaded as a document, or uploaded as a photo or scan of handwriting. For handwriting, we process the image through optical character recognition (OCR) to extract text, which you review and confirm before evaluation.
Evaluation data. The scores, written feedback, ranked suggestions, revision history, and draft-to-draft comparisons we generate from your content.
Payment data. If you purchase a paid plan, our payment processor (Stripe) handles your card details. We do not collect or store full payment-card numbers. We retain limited billing records such as plan, transaction status, and partial card identifiers provided by the processor.
Usage and device data. Through analytics, we collect information such as pages viewed, features used, approximate location derived from IP, device and browser type, and similar diagnostic data. See our Cookie Policy.
Communications. Messages you send us via the contact form or support, and our replies.
4. How we collect it
We collect data directly from you when you create an account, build a profile, submit content, or contact us; automatically through cookies and analytics when you use the site (see Cookie Policy); and from a parent, guardian, or teacher where they create or manage a linked student profile on a child's behalf.
5. How and why we use it
We use personal data to:
- provide the service, meaning evaluate writing, generate reports, track progress across drafts, and enable revision comparison;
- create and manage your account, and authenticate you;
- process payments and manage subscriptions;
- respond to your questions and provide support;
- maintain security, prevent fraud and abuse, and protect our users;
- understand and improve the product, including aggregated and de-identified analysis; and
- comply with our legal obligations.
What we do not do. We do not sell your personal data. We do not display third-party advertising in the product. We do not use your essays or other content to train our own or any third party's general-purpose AI models, and we do not permit our AI sub-processors to use your content to train their models (see Section 8).
6. Legal bases (where GDPR or similar laws apply)
Where required, we rely on: performance of a contract (to provide the service you signed up for); consent (for example, for non-essential cookies, and for processing a child's data via verifiable parental consent); legitimate interests (to secure and improve the service, balanced against your rights); and legal obligation (to meet regulatory requirements).
7. Children's privacy
A large share of our users are students. We design Essay+ to be a safe, learning-focused environment, and we do not track, profile, or advertise to children.
Our approach by age:
- Under 13. We require verifiable consent from a parent or guardian before we create an account or process the child's personal data. In a school setting, an authorised institution acting under appropriate consent may provide this. We do not knowingly collect personal data from a child under 13 without such consent, and if we learn that we have, we delete it.
- 13 to 17. A student may hold an account, but we require that a parent or guardian be informed of that account. Parental consent is not required in this band, but a parent or guardian keeps the rights described below.
- 18 and over. Standard account terms apply, with no parental step.
No behavioural tracking or targeting of children. We do not use behavioural monitoring, profiling, or targeted advertising directed at children, and we do not process children's data in ways likely to harm their well-being.
Parental rights. A parent or guardian may access, correct, or request deletion of their child's personal data, and may withdraw consent where it was given, by contacting us at support@essayplus.pro.
Some regions set their own rules for minors. Where a local law that applies to you sets a higher age of digital consent or additional requirements, we follow that law.
If you believe a child has provided us personal data without proper consent, contact us at support@essayplus.pro and we will take prompt action.
8. Who we share data with (sub-processors)
We do not sell personal data. We share it only with service providers who help us run Essay+, under contracts that require them to protect it and use it only on our instructions. Our key sub-processors are:
| Provider | Purpose | Data involved |
|---|---|---|
| Supabase | Database, authentication, and file storage | Account, profile, content, evaluation data |
| Vercel | Application hosting and delivery | Technical and request data |
| Vercel AI Gateway | Routing of AI evaluation requests to model providers | Essay text and evaluation context |
| OpenAI | AI evaluation of submitted writing (accessed via Vercel AI Gateway) | Essay text and evaluation context |
| Google Cloud (Document AI) | OCR of handwritten uploads | Uploaded images and extracted text |
| Stripe | Payment processing and billing | Billing and transaction data |
| Resend | Transactional and support email | Name, email, message content |
| PostHog | Product analytics | Usage, device, and diagnostic data |
A note on AI processing. When you submit writing for evaluation, the text is routed through Vercel AI Gateway to our model provider (currently OpenAI) to generate feedback. Under that provider's business and API terms, content submitted via the API is not used to train its models. We do not use your content to train any general-purpose model without your explicit, separate consent.
We may also disclose data where required by law, to enforce our Terms, or to protect the rights, safety, and security of our users or others.
9. International transfers
Some of our providers process data outside your country, including in the United States and the European Union. Where we transfer personal data across borders, we use appropriate safeguards (such as standard contractual clauses) as required by applicable law.
10. How long we keep data
We keep personal data only as long as needed for the purposes above:
- Account and profile data: while your account is active.
- Essays, OCR images, and evaluation data: retained for up to five years from your last activity, then deleted, unless we must keep them longer for legal, security, or accounting reasons, or you ask us to delete them sooner.
- Billing records: as required by applicable tax and accounting law.
- Analytics data: kept in aggregated or de-identified form for up to five years.
You can request deletion at any time, as described in Section 12.
11. How we protect data
We use technical and organisational safeguards including encryption of data in transit and at rest, role-based access controls, minimised privileged access, and monitored, auditable systems. No method of transmission or storage is perfectly secure, but we work to protect your data and to respond responsibly to any incident.
12. Your rights
Depending on where you live, you may have the right to: access the personal data we hold about you; correct inaccurate data; delete your data; restrict or object to certain processing; receive a copy of your data in a portable format; and withdraw consent where processing is based on consent.
To exercise any of these rights, contact us at support@essayplus.pro. We will respond within the timeframe required by applicable law. You also have the right to complain to your local data-protection authority.
Grievance Officer (India, DPDP Act). Our Grievance Officer can be reached at support@essayplus.pro.
13. Cookies
We use cookies and similar technologies as described in our Cookie Policy at /cookies.
14. Changes to this policy
We may update this policy from time to time. We will post the updated version here with a new “Last updated” date and, where the change is material, give you reasonable notice.
15. Contact
Questions about this policy or your data: support@essayplus.pro, Serenium LLP, Kharadi, Pune, Maharashtra, India.
Essay+ is powered by A+ Learning.