We value your privacy

We use cookies to personalise your experience, analyse usage, and power chat support. You can change your choices anytime.

CLICKINST.
HomeHow It WorksFeaturesSubjectsHelp CenterContact SupportCareers
HomeHow It WorksFeaturesSubjectsHelp CenterContact SupportCareers
Privacy

Privacy Policy

Learn how we collect, use, and protect personal data for students, tutors, and visitors.

Last Updated: December 29, 2025

Table of Contents

  • Overview
  • Information We Collect
  • Information You Provide to Us
  • Information We Collect Automatically
  • Information from Third Parties
  • How We Use Personal Information
  • How We Share Personal Information
  • Third-Party Service Providers
  • Cookies and Similar Technologies
  • Session Recording and Quality Assurance
  • Data Security
  • Data Retention
  • Your Rights and Choices
  • Children's Privacy
  • International Data Transfers
  • Updates to This Policy
  • Contact Us

Overview

Welcome to ClickInst ("ClickInst", "we", "us", or "our"). This Privacy Policy explains how we collect, use, share, and protect personal information when you use our online tutoring platform, including our website at `clickinst.co`, mobile applications (iOS and Android), and related services ("Services"). By accessing or using the Services, you agree to the practices described here. If you do not agree, please discontinue your use of the Services.

This policy applies to everyone who interacts with the platform, including prospective and enrolled students, parents or guardians, tutors, visitors, and applicants. We comply with privacy regulations in Kuwait, the United Arab Emirates (UAE), and any other jurisdictions in which we operate. When local law requires additional disclosure or consent, we provide contextual notices at the point of collection.

Information We Collect

We collect personal information so we can operate the platform, deliver tutoring experiences, meet legal obligations, and improve our services.

Information You Provide to Us

  • Personal identifiers: Your name, email address, phone number, age or date of birth, preferred language, timezone, and account credentials.
  • Profile information: Education level, academic interests, biography details, languages you speak, profile photos, and preferred tutoring subjects or goals.
  • Tutor application data: Qualifications, certifications, teaching experience, professional references, identity documents, background check responses, and any other documentation you choose to upload when applying to tutor on the platform.
  • Payment information: Billing address, payment method details, transaction history, and payout preferences. We rely on Stripe as our payment processor and do not store full card numbers on our systems.
  • Communications: Messages, lesson notes, support requests, feedback, reviews, surveys, and any other content you share with us or exchange through the platform.
  • Files and documents: Application materials, session resources, and support attachments uploaded via our file storage service (Uploadthing). We accept PDF, DOCX, JPG, and PNG files up to 10MB per file, with a maximum of 3 files per upload.
  • Referral details: Codes or invitation links you use, and (where you provide it) limited contact information for invitees so we can send referral messages and allocate incentives.
  • Calendar data: If you connect your Google Calendar, we access calendar event information to create, update, and delete tutoring session events on your behalf.

Please ensure that the information you provide is accurate and up to date. Let us know promptly if something changes so we can maintain correct records.

Information We Collect Automatically

  • Usage information: Pages visited, features used, searches performed, session duration, actions taken within the platform, and timestamps to help us ensure reliable service and diagnose issues.
  • Device and technical data: IP address, browser type, device type, operating system, device identifiers (including push notification tokens), network and cookie identifiers, and general location such as city or country derived from your IP address.
  • Video session data: When you participate in video tutoring sessions via Daily.co, we collect connection quality metrics, session duration, and participant interaction data to ensure service quality.
  • Cookies and similar technologies: Session cookies, persistent cookies, local storage, and tracking pixels that keep you signed in, remember preferences, and provide analytics or performance insights. See Cookies and Similar Technologies for more detail.

Information from Third Parties

  • Authentication providers: If you sign up or log in via Google or Apple, we receive the basic profile information you authorise (for example, name, email, avatar). We use Google OAuth 2.0 and Apple Sign-In for secure authentication.
  • Payment processors: Stripe, our payment partner, sends us confirmation tokens, transaction details, fraud signals, and payout status so that we can reconcile accounts, issue receipts, and support tutors.
  • Verification and compliance services: Identity verification vendors, background check providers, academic credential evaluators, and other compliance partners share results that help us validate tutor suitability and meet legal obligations.
  • Referrals and affiliates: When another user refers you, we link their account ID to yours to administer programme rewards while limiting what either party can see about the other.
  • Publicly available or permitted sources: Where allowed by law, we may consult public professional profiles, references, or academic records to confirm qualifications, verify identities, or investigate safety concerns.

How We Use Personal Information

  • Deliver and manage the Services: Create and manage user accounts, enable scheduling, facilitate live tutoring sessions via Daily.co video conferencing, match students with tutors, and operate communication, document-sharing, and classroom tools.
  • Process transactions: Charge for lessons or packages via Stripe, calculate tutor payouts, provide invoices or receipts, manage refunds, and administer credits or promotions.
  • Provide support and communication: Send confirmations, reminders, service announcements, policy updates, and responses to questions or complaints through email (via Resend), in-app messaging, push notifications (via Firebase Cloud Messaging), or other channels you select.
  • Sync calendars: Create, update, and remove Google Calendar events for booked tutoring sessions when you have connected your calendar.
  • Verify identity and protect safety: Validate tutor credentials, perform background checks (where legal), detect fraud or misuse, enforce our Terms of Use, monitor suspicious behaviour, and investigate disputes.
  • Personalise the experience: Recommend tutors or subjects, tailor dashboard content, remember preferences, and surface relevant resources based on your activity.
  • Improve our services: Analyse aggregated usage trends using Microsoft Clarity and Google Analytics, debug errors, test new features, perform quality assurance, train support teams, and gather feedback to refine the platform.
  • Marketing and engagement: With your consent where required, send newsletters, announcements, special offers, or surveys via email. We do not send marketing SMS unless you explicitly agree and we never sell or spam your contact details.
  • Referral programme administration: Track invitations, prevent abuse of referral incentives, confirm whether a referral resulted in an eligible action, and notify referrers of earned rewards without exposing unnecessary personal data.
  • Legal compliance and dispute resolution: Maintain records required for tax, accounting, and reporting obligations; respond to lawful requests; enforce contracts and policies; and defend or exercise legal claims.

How We Share Personal Information

  • Students and tutors: We share only the information necessary to facilitate lessons (for example, name, profile summary, grade level, subject requests). Direct contact details remain hidden unless you choose to disclose them.
  • Service providers: Trusted vendors support hosting, customer support, video conferencing, communications, analytics, marketing tools, authentication, identity verification, payment processing, file storage, push notifications, and security monitoring. Each provider is contractually bound to use data solely for the required service and to protect it appropriately. See Third-Party Service Providers for a detailed list.
  • Affiliates and partners: Where services are delivered with local partners or corporate affiliates, we share information required for support, localisation, compliance, and programme delivery.
  • Referral acknowledgements: When you accept an invitation, we may inform the referrer that their code was used so incentives can be issued. We do not share more about you unless you consent.
  • Legal, safety, and enforcement: We may disclose information to comply with legal obligations, respond to lawful requests, enforce our Terms, prevent fraud or security incidents, or protect the rights, property, and safety of users, ClickInst, or others.
  • Business transactions: If ClickInst is involved in a merger, acquisition, financing, reorganisation, bankruptcy, or sale of assets, personal data may be transferred to a successor entity that is bound to honour this policy or seek consent where law requires it.

We share the minimum information necessary in each situation and require third parties to protect the data they receive.

Third-Party Service Providers

We use the following third-party services to operate our platform. Each provider has its own privacy policy governing how they handle your data:

Payment Processing

  • Stripe (stripe.com/privacy): Processes all credit/debit card payments, handles refunds, manages tutor payouts, and provides fraud detection. Stripe is PCI-DSS compliant and does not share your full card details with us.

Video Conferencing

  • Daily.co (daily.co/privacy): Powers all live video tutoring sessions, including video/audio streaming, screen sharing, and in-session chat. Daily.co processes video and audio data in real-time and may temporarily store session metadata for quality assurance.

Email Communications

  • Resend (resend.com/legal/privacy-policy): Delivers transactional emails including booking confirmations, session reminders, password resets, and support communications. Resend processes your email address and email content for delivery.

File Storage

  • Uploadthing (uploadthing.com/privacy): Stores application documents, session materials, and support attachments. Files are encrypted at rest and in transit. Maximum file size is 10MB with support for PDF, DOCX, JPG, and PNG formats.

Authentication

  • Google OAuth 2.0 (policies.google.com/privacy): Enables "Sign in with Google" functionality and Google Calendar integration. We request access only to your basic profile information and, optionally, calendar permissions.
  • Apple Sign-In (apple.com/legal/privacy): Enables secure sign-in on iOS devices. Apple may provide a private relay email address to protect your real email.

Push Notifications

  • Firebase Cloud Messaging (firebase.google.com/support/privacy): Delivers push notifications to iOS and Android devices for session reminders, booking updates, cancellations, and important announcements. Firebase processes device tokens and notification content.

Analytics and Performance

  • Google Analytics 4 (policies.google.com/privacy): Collects anonymised usage data to help us understand how users interact with our platform, identify popular features, and improve the user experience. Only activated with your consent.
  • Microsoft Clarity (privacy.microsoft.com): Provides session recordings, heatmaps, and behaviour analytics to help us identify usability issues and improve the platform. Only activated with your consent. Clarity masks sensitive data by default.
  • Vercel Analytics (vercel.com/legal/privacy-policy): Monitors web performance metrics (Core Web Vitals) to ensure fast page loads and optimal user experience.

Social Sharing (Mobile Apps Only)

  • Instagram/Facebook Sharing (facebook.com/privacy): Allows you to share session achievements or referral codes to Instagram Stories. Only activated when you explicitly choose to share content.

Calendar Integration

  • Google Calendar API (policies.google.com/privacy): Creates, updates, and deletes calendar events for your booked tutoring sessions when you connect your Google Calendar.

Biometric Authentication (Mobile Apps Only)

  • Device Biometrics: On supported devices, we use fingerprint or facial recognition for secure app access. Biometric data is processed locally on your device and never transmitted to our servers.

Cookies and Similar Technologies

We use cookies and comparable technologies to keep you logged in, remember preferences, analyse usage, measure performance, and deliver relevant content. Our cookie categories include:

  • Essential Cookies: Required for the platform to function (authentication, security, session management). Cannot be disabled.
  • Preference Cookies: Remember your settings such as language and timezone preferences. Optional.
  • Analytics Cookies: Power Google Analytics and Microsoft Clarity to help us understand usage patterns. Only activated with your consent.
  • Chat Cookies: Support any embedded chat functionality. Optional.
  • Marketing Cookies: Currently not in active use. If implemented in the future, they will require your explicit consent.

Most browsers allow you to control or disable cookies; however, blocking essential cookies may prevent you from using certain features (for example, signing in or accessing secure areas). We display a cookie consent banner on your first visit, allowing you to choose which optional cookie categories to enable.

For more details about the categories of cookies we use and how to manage your choices, please review our Cookie Policy.

Session Recording and Quality Assurance

We may offer optional session recording for tutoring sessions. Recording is subject to the following:

  • Consent required: Session recording is only enabled when all participants (student, tutor, and any observers) provide explicit consent before or at the start of the session.
  • Purpose: Recordings may be used for quality assurance, training, dispute resolution, or to allow students to review lessons later.
  • Access: Recorded sessions are accessible only to the participants, their guardians (for minors), and authorised ClickInst staff with a legitimate business need.
  • Retention: Session recordings are retained for a limited period (typically 30-90 days) unless a longer retention is required for dispute resolution or by law.
  • Deletion: You may request deletion of recordings in which you participated, subject to any legal or contractual retention requirements.
  • No recording without consent: If any participant declines recording, the session proceeds without recording enabled.

Data Security

We implement technical, organisational, and physical safeguards designed to protect personal information against unauthorised access, disclosure, alteration, or destruction, including:

  • Encryption: Sensitive data is transmitted using TLS/HTTPS and critical fields (such as passwords and tokens) are stored using industry-standard hashing or encryption. Google Calendar tokens and other OAuth credentials are encrypted at rest.
  • Access controls: Only authorised employees and contractors with a legitimate business need may access personal information, and they are bound by confidentiality obligations.
  • Secure infrastructure: We host systems on secure cloud infrastructure (Vercel, with PostgreSQL database and Redis caching), maintain firewalls and intrusion detection, monitor system health, and apply security patches regularly.
  • Payment security: All payment processing is handled by Stripe, a PCI-DSS Level 1 certified service provider. We never store full credit card numbers on our systems.
  • Monitoring and testing: We log access, watch for suspicious activity, conduct audits or penetration tests as appropriate, and maintain incident response plans.
  • Training and awareness: Team members receive privacy and security training so they can handle data responsibly and respond quickly to potential issues.

Despite our efforts, no online service can guarantee absolute security. If we learn about a data breach that affects your personal information, we will notify you and any relevant authorities in line with applicable laws.

Data Retention

We retain personal information only as long as necessary for the purposes described above or to meet legal, accounting, or reporting requirements. Typical retention periods include:

  • Active accounts: Account details, lesson histories, credits, and related records remain while your account is active so we can deliver services and support.
  • Closed or inactive accounts: If you delete your account or stop using the platform, we retain limited data for a reasonable period (for example, to comply with tax, legal, or fraud-prevention requirements, maintain financial records, or honour outstanding credits). After that period we delete or anonymise remaining data unless a longer retention period is required by law or justified for legitimate interests such as dispute resolution.
  • Tutor applications: When an application is not approved, we may keep the submission (for example, for around one year) in case you reapply or for audit and compliance purposes, unless you request earlier deletion where permitted.
  • Support communications: Customer support interactions are stored until the matter is resolved and for a short time afterwards to monitor quality and handle follow-up requests.
  • Session recordings: Retained for 30-90 days, unless required longer for dispute resolution or legal compliance.
  • Usage analytics: Aggregated or anonymised usage data that no longer identifies individuals may be retained for statistical and product improvement purposes.
  • Legal holds or obligations: We may keep specific information longer if required to resolve disputes, enforce agreements, meet regulatory record-keeping requirements, or cooperate with investigations.

When no legitimate need remains, we securely delete personal information or transform it so that it can no longer be associated with a specific individual.

Your Rights and Choices

Depending on your jurisdiction, you may have the following rights over your personal information:

  • Access and portability: Request a copy of the personal data we hold about you, often in a commonly used electronic format. In many cases you can view or download key profile information directly through your account.
  • Correction: Ask us to rectify inaccurate or outdated information. You can also update certain details yourself through account settings.
  • Deletion: Request deletion of personal data or account closure. We will honour the request unless retention is required for legal, contractual, or legitimate business reasons. When we delete data, we also ask relevant service providers to delete the information they hold on our behalf.
  • Withdrawal of consent: If processing is based on consent (for example, marketing communications, analytics cookies, or session recording), you may withdraw consent at any time without affecting prior lawful processing.
  • Objection and restriction: Object to certain processing (such as direct marketing) or request temporary restriction while we verify concerns or you prefer limited processing over deletion.
  • Push notification opt-out: You can disable push notifications at any time through your device settings or within the app's notification preferences.
  • Cookie preferences: Manage your cookie preferences through our cookie consent banner or browser settings.
  • Complaints: Contact us with any privacy concerns. Depending on your location, you may also lodge a complaint with your data protection authority.

To exercise these rights, please reach out via the contact methods in Contact Us. We may request additional information to verify your identity before fulfilling a request and will respond within the timeframes required by applicable laws.

Children's Privacy

  • Parental involvement: Users under 18 should have a parent or guardian create and supervise their account. Children under 13 cannot register or provide personal data directly without verifiable parental consent.
  • Tutor expectations: Tutors must keep interactions professional, avoid unnecessary collection of students' personal information, and refrain from taking conversations off-platform.
  • Monitoring: We encourage parents or guardians to monitor sessions and communications. We may monitor or review interactions where legally permitted for quality and safety.
  • Educational records: Lesson notes, assessments, or progress reports are treated as sensitive educational information and are accessible only to the student, their guardian, relevant tutors, and authorised ClickInst staff.
  • Incident response: If we learn that we collected personal information from a child without the required consent, we will delete it promptly. Please contact us immediately if you believe that has occurred.

International Data Transfers

ClickInst may process personal data on servers located outside your home country. Our primary infrastructure is hosted on Vercel's global network, with data potentially processed in the United States, European Union, or other regions. Our third-party service providers (including Stripe, Daily.co, Google, Firebase, Resend, and Uploadthing) may also process data in various jurisdictions.

We implement safeguards such as standard contractual clauses, adequacy decisions, or other recognised transfer mechanisms, and we seek explicit consent where required before transferring data to jurisdictions without an adequacy determination.

By using the Services, you acknowledge that your information may be transferred to, stored in, or processed in countries with different data protection laws. Where localisation rules apply, we work to honour those requirements or obtain necessary permissions. Regardless of location, we continue to protect your information with appropriate administrative, technical, and organisational measures.

Updates to This Policy

We may revise this Privacy Policy to reflect changes in our services, legal obligations, or privacy practices. When we make material updates, we update the "Last Updated" date, provide prominent notice, and seek additional consent if required by law. Continued use of the Services after an update signifies acceptance of the revised policy. If you do not agree with the changes, please discontinue use of the Services and contact us so we can discuss options such as deleting your data where permitted.

Contact Us

If you have questions, requests, or concerns about this Privacy Policy or how we handle your personal information, please contact us:

  • Email: `support@clickinst.co`
  • Postal mail: ClickInst Privacy Team, Kuwait City, Kuwait
  • Support channels: Submit a request through the ClickInst help centre or live chat and indicate that your enquiry relates to privacy.

We strive to respond promptly and appreciate your help in maintaining a safe, respectful learning community.

CLICKINST

Connect with PhD specialist tutors for personalized academic excellence.

Contact

support@clickinst.co

Available 24/7

Quick Links

  • Home
  • Careers
  • Apply Now

Support

  • Help Center
  • Contact Support
  • Report Bug

Policies

  • Terms of Service
  • Privacy Policy
  • Cookie Policy

© 2026 Click Institution. All rights reserved.