WeeBytes

Privacy Policy

Last updated: May 2026

1. Who We Are

WeeBytes is a microlearning app for AI literacy. For privacy requests, contact hi@weebytes.com. This notice is written for users in the UK, European Economic Area, and other regions with similar data protection rights.

2. Data We Collect

  • Account information: name, email address, encrypted password, and sign-in provider details.
  • Learning preferences: selected topics, difficulty level, pace, and onboarding answers.
  • Activity data: cards viewed, swipes, saves, questions, sessions, streaks, and karma.
  • Start-free preview data: anonymous signed cookie ID, cards seen, preview swipes, streak wall visits, and signup/login clicks.
  • Technical and security data: IP address or hashed IP, browser/device data, logs, and abuse-prevention signals.
  • Communication data: support emails, transactional emails, and email preference choices.

3. Why We Use Data

  • To provide the service, create accounts, keep users signed in, and show learning cards.
  • To personalize the learning feed, maintain streaks and karma, and remember saved content.
  • To merge start-free preview progress into an account after signup or login.
  • To send transactional emails such as account, password, and product service messages.
  • To measure product performance with optional analytics only after consent.
  • To prevent fraud, abuse, unauthorized access, and service misuse.

4. Lawful Bases

  • Contract: to provide the WeeBytes account and learning service.
  • Legitimate interests: to secure the service, prevent abuse, improve reliability, and understand aggregate product usage.
  • Consent: for optional analytics cookies and similar technologies.
  • Legal obligation: where we must keep or disclose limited records to comply with law.

5. Cookies and Analytics

Essential cookies and local storage keep login, security, preferences, and the start-free preview working. Optional analytics are disabled unless you accept them. You can reject optional analytics as easily as accepting them, and you can withdraw consent at any time.

6. Third-Party Processors

We use service providers to run WeeBytes, including hosting, database, authentication, email, file/image storage, and optional analytics providers. Examples include Vercel, Neon/Postgres, Auth.js/Google sign-in, Resend, and Vercel Analytics. We do not sell personal data.

7. International Transfers

Some providers may process data outside the UK or EEA. Where this happens, we rely on appropriate safeguards such as adequacy decisions, standard contractual clauses, or processor terms designed to protect personal data.

8. Retention

We keep account data while the account is active. If you delete your account, we delete or anonymize personal data within 30 days unless we need limited records for security, legal, or abuse-prevention reasons. Anonymous start-free preview records are kept only as long as needed for conversion, security, and aggregate product measurement.

9. Your UK/EU Rights

  • Access a copy of your personal data.
  • Correct inaccurate or incomplete data.
  • Delete your account and request erasure where the law allows.
  • Restrict or object to certain processing, including direct marketing.
  • Request portability of data you provided to us.
  • Withdraw consent for optional analytics at any time.
  • Complain to your local data protection authority. In the UK, this is the Information Commissioner's Office.

To exercise rights, email hi@weebytes.com. We aim to respond within one month where required.

10. Children

WeeBytes is not intended for children under 13. If you believe a child has provided personal data, contact us and we will review it.

11. Changes

We may update this notice when the product, providers, or legal requirements change. The date at the top shows the latest update.

Terms of ServiceBack to WeeBytes