Privacy Policy

Scholar is operated by Daniel Castillo-Bernaus, based in the United Kingdom. References to "Scholar", "we", "us", or "our" in this policy refer to him as the data controller. The platform is accessible at https://scholarweb.uk/ and any future domain associated with the service.

If you have any questions about this privacy policy or how your data is used, you can contact us at scholarwebsite1@gmail.com.

We collect the following categories of personal data when you use Scholar.

Account data. When you sign up, we collect your first name, last name, and email address. We also store the date and time your account was created.

Profile data. During and after onboarding, you may choose to provide your date of birth, location (town or city), a profile photo, information about your educational institutions, qualifications and grades, achievements and extracurricular activities, university applications and their status, work experience and internships, hobbies and interests, and a short personal biography.

Content data. If you post achievement updates, shared work, challenge questions, comments, or messages through Scholar, that content is stored and associated with your account.

Connection data. When you send or receive connection requests, we store the status of those requests and the accepted connections associated with your account.

Notification data. We store notifications generated by activity on your account, such as likes, comments, connection requests, and messages.

Usage data. We store the number of times your profile has been viewed by other users.

Technical data. Firebase, our backend provider operated by Google LLC, may collect technical information including your IP address and device information as part of standard platform operation. Please refer to Google's privacy policy for details of this processing.

We use the data we collect to provide and operate the Scholar platform, allow you to create and display your academic profile, enable you to connect and communicate with other students, show you content from students you are connected to, send you notifications about activity on your account, calculate and display your profile completeness score, enable other signed-in users to find your profile via search, and improve the platform over time.

We do not use your data for automated decision-making or profiling that has legal or similarly significant effects on you.

We process your personal data on the following legal bases under UK GDPR.

Contract. Processing your account data and profile data is necessary to provide the Scholar service you have signed up to use.

Legitimate interests. We may process certain usage data and technical data to maintain the security and operation of the platform, where this does not override your rights and freedoms.

Consent. Where you choose to add optional information to your profile such as grades, photos, or personal details, we process that data on the basis of your consent. You can remove this data at any time through the profile editing tools.

Your profile is visible to all signed-in users of Scholar. This includes your name, institution, qualifications (unless you have chosen to hide grades), achievements, and other profile sections you have completed. Anonymous visitors who are not signed in do not have access to profile data.

Your messages are visible only to you and the other party in that conversation.

We do not sell your personal data to third parties. We do not share your personal data with advertisers.

Your data is stored in Google Firebase services, specifically Cloud Firestore for profile and platform data, Firebase Authentication for account credentials, and Firebase Storage for profile photos. The Firestore database region is europe-west (EU). Firebase Storage uses a Google-managed region.

Firebase Authentication handles your password using industry-standard encryption. We do not store your password in plain text. Access to your data in Firestore and Storage is protected by security rules that ensure only you can write to your own profile and only signed-in users can read platform data.

No security system is completely infallible. You should use a strong, unique password for your Scholar account.

We retain your account and profile data for as long as your account is active. If you delete your account through the Settings page, your Firebase Authentication account and your Firestore profile document are deleted immediately. Posts, comments, messages, and connection records associated with your account may persist for a short period before being removed.

If you would like your data removed more thoroughly or if you have concerns about residual data, please contact us at scholarwebsite1@gmail.com.

As a UK resident, you have the following rights regarding your personal data.

Right of access. You can request a copy of the personal data we hold about you.

Right to rectification. You can correct inaccurate data through the profile editing tools or by contacting us.

Right to erasure. You can delete your account through the Settings page, which removes your core data. For more thorough removal, contact us.

Right to restriction. You can ask us to limit how we process your data in certain circumstances.

Right to data portability. You can request a copy of your data in a structured, commonly used format.

Right to object. You can object to processing based on legitimate interests.

To exercise any of these rights, contact us at scholarwebsite1@gmail.com. We will respond within one calendar month.

If you are not satisfied with how we handle your data or your rights request, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Scholar is designed for users aged 14 and over. We take the privacy of young people seriously. Users under the age of 16 require the consent of a parent or legal guardian to use the platform. If you are a parent or guardian and believe your child has created an account without your consent, please contact us at scholarwebsite1@gmail.com and we will remove the account promptly.

We do not knowingly collect data from children under the age of 14. If we become aware that we have done so, we will delete it immediately.

Scholar uses Firebase Authentication, which stores authentication session tokens in your browser's local storage to keep you signed in between visits. This is strictly necessary for the platform to function and does not require your consent. We do not use advertising cookies or tracking cookies.

Scholar uses Google Firebase for its backend infrastructure. Google may process certain technical data as part of providing this service. This processing is governed by Google's privacy policy, available at policies.google.com/privacy. Scholar also queries the UK Government Get Information About Schools API when users search for schools or colleges during onboarding. No personal data is sent to this service.

We may update this Privacy Policy from time to time. When we do, we will update the date at the top of this page. Significant changes will be communicated to users where reasonably practicable. Continued use of Scholar after changes are published constitutes acceptance of the updated policy.

If you have any questions about this Privacy Policy or wish to exercise your rights, you can contact us at scholarwebsite1@gmail.com.