LogoMugUp
Back to MugUp

Privacy Policy

Last updated: April 21, 2026

1. Introduction

MugUp ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered learning platform and related services (collectively, the "Service").

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you provide directly to us, including:

  • Account Information: Name, email address, username, and password
  • Profile Information: Learning preferences, goals, and progress data
  • Payment Information: Billing address and payment method details (processed securely through Stripe)
  • Communication Data: Messages, feedback, and support requests
  • Content Data: Learning materials, projects, and user-generated content

2.2 Automatically Collected Information

When you use our Service, we automatically collect certain information:

  • Usage Data: Pages visited, features used, time spent, and interaction patterns
  • Device Information: IP address, browser type, operating system, and device identifiers
  • Performance Data: Learning progress, game scores, completion rates, and analytics
  • Log Data: Server logs, error reports, and system activity

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to collect information about your browsing activities. For more details, please see our Cookie Policy.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision

  • Provide, operate, and maintain the Service
  • Process user registration and manage accounts
  • Generate personalized learning content using AI
  • Track learning progress and provide analytics
  • Process payments and manage subscriptions

3.2 Communication

  • Send service-related notifications and updates
  • Respond to customer support requests
  • Send marketing communications (with your consent)
  • Provide important security and legal notices

3.3 Improvement and Analytics

  • Analyze usage patterns to improve the Service
  • Develop new features and functionality
  • Conduct research and analytics
  • Monitor and analyze trends and usage

3.4 Legal and Security

  • Comply with legal obligations
  • Protect against fraud and security threats
  • Enforce our Terms of Service
  • Resolve disputes and investigate violations

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating the Service:

  • Supabase: Database and authentication services
  • Stripe: Payment processing
  • Google: AI services for content generation
  • Analytics Providers: Usage analytics and performance monitoring

4.2 Legal Requirements

We may disclose your information if required by law or in response to:

  • Valid legal process (subpoenas, court orders)
  • Government requests or investigations
  • Protection of our rights, property, or safety
  • Protection of users or the public

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication mechanisms
  • Secure hosting infrastructure
  • Employee training on data protection

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy. Specific retention periods include:

  • Account Data: Until account deletion or 3 years after last activity
  • Learning Data: Until account deletion or as required for service provision
  • Payment Data: As required by law and payment processors (typically 7 years)
  • Support Communications: 3 years from last interaction
  • Analytics Data: Aggregated data may be retained indefinitely

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

  • Request access to your personal information
  • Receive a copy of your data in a portable format
  • Request information about how we process your data

7.2 Correction and Updates

  • Update your account information through your profile settings
  • Request correction of inaccurate or incomplete data
  • Update your communication preferences

7.3 Deletion and Restriction

  • Delete your account and associated data
  • Request deletion of specific information
  • Restrict processing of your data in certain circumstances

7.4 Objection and Withdrawal

  • Object to processing based on legitimate interests
  • Withdraw consent for marketing communications
  • Opt-out of certain data collection practices

To exercise these rights, please contact us at privacy@mugup.app. We will respond to your request within 30 days.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard contractual clauses approved by relevant authorities
  • Adequacy decisions by data protection authorities
  • Certification schemes and codes of conduct

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

For users between 13 and 18 years of age, we recommend parental guidance and supervision when using the Service.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending an email notification to registered users
  • Displaying a prominent notice on the Service

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@mugup.app

Data Protection Officer: dpo@mugup.app

Address: [Your Company Address]

12. Regional Specific Information

12.1 European Union (GDPR)

If you are located in the EU, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority.

12.2 California (CCPA)

California residents have specific rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and the right to delete personal information.