B Benignant

Privacy Policy

How Benignant handles data.

This policy explains what the app processes for accounts, study workflows, AI quiz generation, peer sharing, subscriptions, support, and legal requests.

Last updated: May 5, 2026 Version: privacy_policy_v1_2026-05-05 Status: beta legal draft

1. Who we are

Benignant is an educational study-support app for medical learners. The app is not a medical device, clinical decision tool, diagnosis tool, or treatment service.

Data controller details are being finalized for public launch. Until those details are finalized, contact privacy@benignant.app for privacy questions, access requests, correction requests, export requests, deletion questions, and objections.

2. Data we process

  • Account data such as email address, display name, username, university, class year, cohort grouping, and authentication identifiers.
  • Compliance records such as privacy, KVKK, terms, analytics, and upload-license acknowledgement logs.
  • Study data such as schedules, lecture metadata, PDF attachment metadata, generated quiz progress, Daily Consult activity, and question-bank contribution metadata.
  • Files that you choose to upload or send through app features, including temporary files used for AI quiz generation or peer delivery.
  • Peer-sharing metadata such as requester username, sender username, cohort, request topic, delivery status, timestamps, quotas, and file references.
  • Subscription state and purchase metadata when paid features are enabled through Apple App Store or Google Play.
  • Support and privacy-request messages you send to us.

3. Why we process data

  • To create accounts, authenticate users, and protect accounts from abuse.
  • To provide study-planning, PDF, quiz, Daily Consult, and peer-sharing features.
  • To generate AI-assisted educational quiz questions from user-selected study material.
  • To enforce quotas, subscriptions, safety limits, and security rules.
  • To respond to access, correction, export, deletion, objection, and support requests.
  • To produce aggregate or anonymized usage statistics that do not reasonably identify individual users.

4. Processors and international transfer

Benignant currently relies on third-party infrastructure providers to operate the app:

  • Google Firebase and Google Cloud for authentication, database, Cloud Functions, and storage.
  • Google Vertex AI / Gemini or Gemini Developer API for AI-assisted quiz generation, depending on backend configuration.
  • Apple App Store and Google Play for subscription and purchase management when paid features are enabled.
  • unpkg.com / Cloudflare CDN for PDF viewer worker, font, and character-map assets in the current app build.
  • Domain, hosting, and email providers used for this public website and support email routing.

These providers may process data outside your country. Where required by law, international transfers rely on explicit consent, contract performance, legitimate interests, or appropriate legal safeguards.

5. Local device storage

Many study materials and annotations are stored locally on your device through browser, IndexedDB, Capacitor, or device file storage. Local PDF copies may remain on a shared device after account deletion until you clear app data, remove local files, or uninstall the app.

The app reads files you select through the device file picker. It is not intended to scan your whole file library.

6. Retention and deletion

  • Account-linked server data is processed while your account is active.
  • When account deletion is requested, server-side identity-linked account data is deleted or anonymized within 30 days unless a longer period is legally required.
  • Question-bank educational content may be retained after account deletion only after user attribution is detached or anonymized.
  • Compliance consent logs may be retained for up to 10 years where needed to prove legal compliance or defend legal claims.
  • Aggregate or anonymized statistics may be retained indefinitely if they cannot reasonably identify an individual.

7. Your rights

Depending on your location, you may have rights to access, correct, export, delete, restrict, or object to processing of your personal data. Turkish users may also exercise rights under KVKK Article 11.

Send requests to privacy@benignant.app. We may ask for information needed to verify that the request belongs to the account owner.

8. Children and medical safety

Benignant is intended for university-level learners and is not directed to children under 13. The app provides educational support only and should not be used for patient care, diagnosis, emergency decisions, or treatment.

9. Changes

We may update this policy as the product, legal entity, providers, or paid features change. Material changes should be reflected in the app and on this website.