Atomic Anesthesia

Privacy Policy

Last updated: April 10, 2026

1. Introduction

Atomic Anesthesia ("we," "us," or "our") operates the platform at atomicanesthesia.com. We are committed to protecting the privacy of our users, including student registered nurse anesthetists (SRNAs) and institutional partners. This policy explains how we collect, use, disclose, and safeguard your information.

2. Information We Collect

Account Information: Name, email address, school/program affiliation, graduation year, and profile details you provide during onboarding.

Usage Data: Learning activity (lessons viewed, quizzes taken, flashcard reviews), session data, and feature interactions to personalize your experience and track progress.

Payment Information: Processed securely by Stripe. We never store credit card numbers on our servers.

Cookies: Essential cookies for authentication and session management. Optional analytics cookies are used only with your consent.

3. How We Use Your Information

  • Provide and improve the learning platform
  • Track your progress and generate personalized recommendations
  • Process payments and manage subscriptions
  • Send essential communications (password resets, account updates)
  • Generate aggregate, de-identified analytics (no individual student data is shared)

4. FERPA Compliance

We recognize that student educational records may be protected under the Family Educational Rights and Privacy Act (FERPA). When partnering with educational institutions, we act as a "school official" with a legitimate educational interest. We do not share individually identifiable student information with third parties without consent. Institutional partners receive only aggregate, de-identified data unless otherwise authorized.

5. Data Security

We employ industry-standard security measures including encryption in transit (TLS 1.2+) and at rest, row-level security policies, rate limiting, and regular security reviews. Our infrastructure providers (Supabase, Vercel, Stripe) maintain SOC 2 Type II and/or ISO 27001 certifications. See our Security page for details.

6. Data Retention and Deletion

We retain your data for as long as your account is active. You may request account deletion at any time through Settings > Privacy. Upon deletion, personal data is anonymized (attributed to "Deleted User") and your content contributions are preserved in de-identified form for community integrity.

7. Your Rights

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information via your profile settings
  • Deletion: Request account deletion and data anonymization
  • Data Portability: Export your data in a standard format
  • Opt-out: Control cookie preferences and email communications

8. Third-Party Services

We use the following third-party services to operate the platform:

  • Supabase — Database, authentication, file storage (ISO 27001, SOC 2 Type II)
  • Stripe — Payment processing (PCI DSS Level 1)
  • Vercel — Application hosting (SOC 2 Type II)
  • Upstash — Rate limiting (SOC 2 Type II)

9. Changes to This Policy

We may update this policy from time to time. We will notify users of material changes via email or in-platform notification. Continued use of the platform after changes constitutes acceptance of the updated policy.

10. Contact

For privacy-related questions or data requests, contact us at privacy@atomicanesthesia.com.