Privacy Policy

Last updated: March 2026

1. Information We Collect

We collect information you provide directly: name, email address, and payment information when you create an account. We also collect usage data such as quiz responses, scores, and time spent on the platform.

2. Study Insight Data

During onboarding, we optionally ask you for three pieces of information to help us build a better product:

  • Exam date (examDate): When you plan to sit USMLE Step 3 (free text). This is optional and provided voluntarily.
  • Current study approach (studyContext): How you are currently preparing for your exam (free text). This is optional and provided voluntarily.
  • Biggest exam prep challenge (primaryChallenge): What you find most difficult about preparing for Step 3 (free text). This is optional and provided voluntarily.

How we use it: To improve product features, understand user needs, and prioritize development. This information is never used for advertising or sold to third parties.

Retention: Stored as long as your account exists. Deleted automatically when you delete your account (cascading delete on user record).

Your control: You can skip providing this information entirely during onboarding. You can request deletion by contacting us at contact@step3simulator.com.

3. How We Use Your Information

  • To provide and improve the Step3Sim service
  • To process payments and manage subscriptions
  • To send service-related communications
  • To generate performance analytics for your dashboard

4. Cookies

We use essential cookies for authentication and session management. We use analytics cookies (Google Analytics) to understand how the platform is used. You can disable non-essential cookies in your browser settings.

5. Third-Party Services

  • Stripe — payment processing
  • Google Analytics — usage analytics
  • Resend — transactional email

We do not sell your personal data to third parties.

6. Data Retention

We retain your data for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us.

7. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to access, correct, delete, or export your personal data. You also have the right to restrict or object to processing. Contact us to exercise these rights.

8. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest. No real patient data is used. All cases are fictional and created for educational purposes.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or a notice on the platform.

10. Contact

For privacy-related inquiries, contact us at contact@step3simulator.com.