← Back to home

Legal

Privacy Policy

Last updated 1 June 2026 · Effective 6 June 2026

The short version

  • We collect your email address so you can sign in, and the notes you upload so we can turn them into study sets.
  • To generate a study set, the text of your document is sent to a third-party AI provider — only after you allow it. That provider does not train its models on your content.
  • Your study progress stays on your device. We don’t sell your data and we don’t use advertising or third-party analytics.
  • You can delete any document, your local data, or your whole account at any time.

This summary is for convenience only; the full policy below governs.

1. Who we are

SomEdSer (“Soma Education Service”, “we”, “us”, “our”) is an education app and website that turns a document of your notes into a summary, flashcards and a quiz. SomEdSer is operated by Badrama Technologies Ltd, a company registered in Uganda, which is the data controller responsible for your personal data under the Data Protection and Privacy Act, 2019.

You can reach us about privacy at hello@somedser.com.

2. What this policy covers

This policy applies to the SomEdSer Android app, the SomEdSer website and web app, and the backend services that power them. It explains what data we collect, why, who we share it with, how long we keep it, and the rights you have. It does not cover third-party services we link to, which have their own privacy policies.

3. Information we collect

Account information

When you create an account you give us your email address and a password. We store your password only as a salted, hashed value — never in plain text. We use email and password to authenticate you and keep your study sets tied to your account.

The documents you upload

When you create a study set you upload a source file — a PDF, Word document (.docx) or text/ Markdown file, up to 25 MB. We store that file and the text we extract from it on our servers so we can generate, and later regenerate, your study set. We only process the file’s contents for that purpose.

Study sets we generate

The study set produced from your document — topic summaries, flashcards and quiz questions — is stored on our servers and linked to your account so it is available across your devices.

Data stored on your device

Your study sets are also cached on your device for offline study, and your study progress and resume position are stored only on your device — they are not sent to us. You can clear this local data from the app’s Settings at any time.

Technical and log data

Like any online service, our servers automatically record limited technical information — such as your IP address, request timestamps and error logs — to operate, secure and debug the service. We do not use third-party analytics, advertising or tracking SDKs, and we do not build advertising profiles.

4. How we use your information

We use the information above to:

  • create your account and sign you in;
  • generate study sets from the documents you upload;
  • store and sync your study sets so you can study across devices and offline;
  • operate, secure, maintain and improve the service; and
  • comply with our legal obligations.

We rely on your consent (which you can withdraw) and on the necessity of processing to provide the service you asked for. We do not use your documents or study sets for advertising, and we do not sell your personal data.

5. AI processing and the providers we use

Study sets are generated by a large language model. Before the first time your content is sent for cloud processing, we ask for your permission. When you allow it, the text extracted from your document is sent to a third-party AI provider that runs the model and returns the generated summary, flashcards and quiz.

Our current default provider is Groq, Inc. (GroqCloud). Based on Groq’s published terms, Groq does not use the inputs or outputs of API requests to train or fine-tune its models, and does not retain inference data by default; it may keep temporary logs for up to 30 days only to investigate errors or abuse. You can read Groq’s policies at groq.com/privacy-policy and console.groq.com/docs/your-data.

We may change AI providers, or run models on our own servers, to improve reliability, cost or availability. Where a change materially affects how your data is processed, we will update this policy. On supported devices we plan to offer on-device generation, where your content is processed locally and is not sent to a provider at all; this is not yet available.

6. How we share information

We do not sell your personal data. We share data only with:

  • AI processing providers (such as Groq), strictly to generate your study sets, as described above;
  • infrastructure and hosting providers (such as Amazon Web Services) that host our servers and store data on our behalf under contract;
  • authorities or third parties where we are legally required to, or to protect the rights, safety and security of our users and the service.

These providers act as our processors and are only permitted to use your data to provide their service to us.

7. International data transfers

Our hosting and AI processing providers may store or process your data on servers located outside Uganda, including in the United States. Where we transfer personal data across borders, we take steps required by the Data Protection and Privacy Act, 2019 to ensure it remains protected, including relying on providers that commit by contract to appropriate safeguards.

8. How long we keep data

  • Uploaded documents and study sets are kept until you delete them. Deleting a document removes its file and the study set generated from it from our servers.
  • Account information is kept while your account is active and deleted (or de-identified) after you ask us to close your account, unless we must keep some records to meet a legal obligation.
  • Local data on your device remains until you clear it in Settings or uninstall the app.
  • Technical logs are kept only as long as needed for security and reliability.

9. Your choices and rights

Under the Data Protection and Privacy Act, 2019, you have the right to:

  • be informed about, and access, the personal data we hold about you;
  • have inaccurate or incomplete data corrected;
  • have your data deleted;
  • withdraw your consent to processing at any time;
  • object to or ask us to stop processing that may cause you harm or distress; and
  • complain to the Personal Data Protection Office.

To exercise any of these, email hello@somedser.com. Withdrawing consent does not affect processing already carried out, and some features may not work without the data needed to provide them.

10. Deleting your data

You can delete your data in these ways:

  • delete an individual document and its study set from your library;
  • clear all locally stored study data from the app’s Settings; and
  • request deletion of your entire account and the data associated with it by emailing hello@somedser.com. We will action verified requests within a reasonable period.

11. Security

We protect your data with industry-standard measures, including encryption in transit (HTTPS/ TLS), hashed passwords and access controls that limit who can reach your data. No method of transmission or storage is completely secure, but we work to protect your information and to respond promptly to any incident.

12. Children’s privacy

SomEdSer is intended for students aged 18 and over, or for younger students using the app with the consent and supervision of a parent or guardian. We do not knowingly collect personal data from a child under 18 without such consent. If you believe a child has provided us with personal data without the appropriate consent, contact us and we will delete it.

13. Changes to this policy

We may update this policy from time to time. When we do, we will revise the “Last updated” date above and, for material changes, provide a more prominent notice. Your continued use of SomEdSer after an update means you accept the revised policy.

14. Contact and complaints

For any question or request about this policy or your data, contact us at hello@somedser.com.

If you are in Uganda and are not satisfied with our response, you may also complain to the Personal Data Protection Office (PDPO), under the National Information Technology Authority – Uganda (NITA-U): pdpo.go.ug.