MachReach
MachReach
Iniciar Sesión Comenzar EN

Privacy Policy

Last updated: May 19, 2026

Plain-English summary: MachReach helps students track focus time, courses, grades, flashcards, quizzes, rankings, streaks, and study progress. We collect only what the product needs, we never sell your data, passwords are hashed with bcrypt, and you can disconnect Canvas or delete your account from Settings.

1. Information We Collect

Account information: your name, institutional or Canvas email address, and password hash. When you create an account through Canvas, MachReach reads the email address exposed by your Canvas profile so you can log in later with that email and the password you set.

Canvas LMS data: if you connect Canvas, the MachReach browser extension reads your course list from your own logged-in Canvas session and sends it to MachReach so we can show your classes and power class-level leaderboards. We only read your course list — we do not submit assignments, change grades, or publish content.

Study materials: files, notes, and text you choose to upload or type for features such as quizzes and flashcards.

Study activity: focus sessions, minutes studied per course, XP events, streaks, badges, quiz attempts, flashcard reviews, leaderboard rank, course outcomes, grades you enter, and in-app coin activity.

Focus Guard extension: extension settings and active-session state are used to support focus sessions. Some settings may be stored locally in your browser.

Payment data: billing is processed by Lemon Squeezy. We receive subscription status and IDs, never card numbers.

2. How We Use Your Information

  • To create your account, authenticate you, and let you reset your password
  • To sync your Canvas courses when you choose to connect Canvas
  • To generate and manage quizzes, flashcards, focus sessions, grade tracking, and course analytics
  • To track XP, streaks, leaderboard rankings, badges, coins, and study-group activity
  • To process subscriptions and service notifications such as password resets and study emails you opted into
  • To keep the service secure, reliable, and improving over time

3. Data Security

We use HTTPS/TLS, CSRF protection, rate limiting, strict security headers, parameterized SQL, HTML escaping, secure cookies in production, hashed passwords, and access controls for sensitive account data.

4. Sub-processors

  • OpenAI: content you submit for AI-generated quizzes or flashcards may be sent to generate those study tools. OpenAI does not train on API data per its API data-usage policy.
  • Instructure / Canvas LMS: optional profile and course import when you connect Canvas.
  • Lemon Squeezy: payment and subscription processing.
  • Render: application hosting and database infrastructure.
  • Sentry: error reporting with sensitive fields scrubbed where possible.

5. Your Rights

You can access, export, correct, or delete your data from Settings, disconnect Canvas at any time, opt out of optional study emails, or contact support@machreach.com for data-rights requests.

6. Contact

Questions or data-rights requests: support@machreach.com.

×
--:--
Focus