Last updated: May 29, 2026
2026 Compliance Notice: This Privacy Policy has been updated to comply with the comprehensive data protection requirements of 2026, including the California Consumer Privacy Act (CCPA/CPRA), the General Data Protection Regulation (GDPR), state privacy laws across the United States (Colorado CPA, Connecticut CTDPA, Virginia VCDPA, Utah UCPA, Florida FDBR, Montana MTCDPA, Delaware DPDP, Nevada NDAP), Google AdSense requirements, and AI/machine learning transparency standards.
Math Tools ("we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (the "Service"). Please read this Privacy Policy carefully. By using the Service, you consent to the practices described herein.
Information Collected Automatically: When you access the Service, certain information may be collected automatically, including your IP address, browser type and version, operating system, referring URLs, pages viewed, time spent on pages, and the date and time of your visit. This information is collected via server logs and analytics tools.
API Usage Data: When using the AI Chat API, we collect the following information:
Cookies and Tracking Technologies: We and our third-party partners (including advertising partners such as Google AdSense) may use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing activity. Cookies are small data files stored on your device. You can control cookies through your browser settings, but disabling cookies may affect the functionality of the Service.
Information You Provide: The Service does not require you to create an account or provide personal information to use its mathematical tools. All calculations are performed client-side in your browser. We do not transmit, store, or process the numbers or expressions you input into our calculators on our servers. The study tools (Flashcards and Quiz Maker) store your created content exclusively in your browser's local storage on your device. This data never leaves your device and is not accessible to us or any third party. Clearing your browser data will permanently delete this locally stored content. The grammar checker processes all text entirely within your browser — your essays, documents, and written content are never sent to or stored on any server. Your writing remains private on your device at all times.
We use the information we collect to: operate, maintain, and improve the Service; understand how users interact with the Service to improve user experience; comply with legal obligations; detect and prevent fraud or abuse; and serve relevant advertisements via third-party ad networks.
We may use third-party advertising companies, including Google AdSense, to serve advertisements on the Service. These companies may use cookies and similar technologies to collect information about your visits to this and other websites in order to provide advertisements about goods and services that may interest you.
Google's use of advertising cookies enables it and its partners to serve ads based on your visit to this site and/or other sites on the Internet. You may opt out of personalized advertising by visiting Google Ads Settings. You may also visit www.aboutads.info/choices to opt out of third-party vendor cookies for personalized advertising.
We may use Google Analytics to help us understand how visitors use the Service. Google Analytics collects information such as how often users visit the site, what pages they visit, and what other sites they visited prior to coming to the Service. We use the information we get from Google Analytics to improve the Service. Google Analytics collects only the IP address assigned to you on the date you visit the Service, rather than your name or other identifying information. For more information on how Google uses data, visit Google's Privacy & Terms.
Grammar Checker: Our grammar checking tool uses rule-based pattern matching and natural language processing algorithms to analyze text for grammatical errors, style suggestions, and writing clarity. This processing occurs entirely within your browser on your device. Your text input is never transmitted to our servers, third-party AI services, or external language models. No machine learning model training data is extracted from your submissions. The tool operates with a static ruleset and does not learn from or retain your input for any purpose.
AI Chat API: The AI Chat API uses the deepseek-r1:8b local AI model (processed via Ollama) to generate responses to your prompts. Your chat messages are sent to this local model for processing and are deleted after response generation. The model is operated locally on our servers and is not a cloud-based third-party service. We do not share your chat data with external AI service providers. The AI model may produce inaccurate, incomplete, biased, or inappropriate responses. You acknowledge that AI-generated content carries inherent limitations and should be verified independently before relying on it for critical decisions.
Analytics & Usage Data: We may use non-personal analytics data (such as aggregated tool usage patterns) to improve the Service through machine learning models trained on anonymized, aggregated data only. No individual user data is used for model training.
Google AdSense: We use Google AdSense to display advertisements on our Service. AdSense uses cookies and similar tracking technologies to serve personalized ads based on your browsing history across the web. By using our Service, you consent to Google's collection and processing of your data for advertising purposes in accordance with Google's Privacy Policy.
Ad Choices & Opt-Out: You have the right to opt out of personalized advertising:
Required Disclosures: We comply with Google AdSense program policies, including disclosure that our site uses Google AdSense advertising services. Our site also complies with the Telephone Consumer Protection Act (TCPA) and CAN-SPAM regulations regarding any promotional communications.
This API uses a zero-persistence architecture. Personal data is not stored persistently at any stage:
Because no personal data persists:
We collect and process IP addresses for security and operational purposes:
This approach balances security needs with your privacy by providing real-time protection against threats and abuse while ensuring that IP information is not retained long-term or used for tracking purposes.
API Key Authentication: Users accessing the API must authenticate using an API key transmitted via the HTTP Authorization header using the Bearer token scheme. API keys are generated server-side and stored securely in environment variables, never hardcoded. You are responsible for keeping your API key confidential and secure. Do not share your API key publicly or with untrusted parties. Sharing your API key voids confidentiality protections and may result in suspension of your access.
Session Token Authentication: The frontend domain (tools-for-students.com) may issue temporary session tokens valid for 60 minutes. These tokens are generated using cryptographically secure methods and must be transmitted only over HTTPS. Session tokens cannot be refreshed; you must request new tokens after expiration.
Rate Limiting: To ensure fair service access and prevent abuse, we enforce rate limits:
CORS & Domain Restrictions: The API enforces Cross-Origin Resource Sharing (CORS) restrictions limiting requests to authorized domains (tools-for-students.com and goingcougars.org). Requests from other origins require API key authentication.
Prompt Injection Prevention: The API implements input validation and sanitization to prevent prompt injection attacks and other malicious input patterns. Input is limited to a maximum of 50 messages per request and 10,000 characters per message.
We implement reasonable administrative, technical, and physical security measures to protect the information we collect and transmit:
However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of your local storage data.
The Service is designed to be used by students of various ages as an educational tool. We do not knowingly collect personal information from children under the age of 13 (or the applicable age in your jurisdiction under laws such as COPPA). If you are a parent or guardian and believe we have collected personal information from a child, please contact us immediately and we will take steps to delete such information.
Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activity tracked. There is currently no uniform standard for how companies should respond to DNT signals. We currently do not respond to DNT browser signals, but we encourage you to review the privacy settings in your browser.
The Service may contain links to third-party websites or services that are not operated by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party websites or services. We encourage you to review the privacy policy of every site you visit.
Depending on your jurisdiction, you may have the right to: access the personal information we hold about you; request correction of inaccurate information; request deletion of your information; object to or restrict certain processing of your information; and withdraw consent where processing is based on consent. To exercise any of these rights, please contact us using the information below. We will respond to verifiable consumer requests within 45 days.
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
If you are a resident of Colorado (Colorado Privacy Act), Connecticut (Connecticut Data Privacy Act), Virginia (Virginia Consumer Data Protection Act), Utah (Utah Consumer Privacy Act), Delaware (Delaware Personal Data Privacy Act), Montana (Montana Consumer Data Privacy Act), Nevada (Nevada Privacy of Information Practices), Florida (Florida Digital Bill of Rights), or other states with privacy laws, you have the following rights:
How to Submit Requests: To exercise any of these rights, please contact us through our website's contact form. We will verify your identity and respond within the timeframe required by applicable law (typically 30-45 days). You can designate an authorized agent to submit requests on your behalf.
If you are located in the European Economic Area (EEA), United Kingdom, Switzerland, or other jurisdictions with comprehensive privacy laws, you have the following rights under the General Data Protection Regulation (GDPR) and equivalent laws:
Legal Basis for Processing: Our legal basis for processing personal data is: (1) legitimate interest in operating and improving the Service; (2) consent for cookies and personalized advertising; (3) compliance with legal obligations.
Data Protection Officer Contact: For GDPR-related inquiries, you can contact us using the information in the Contact Us section below.
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes. Your continued use of the Service after any modifications to this Privacy Policy constitutes your acceptance of those changes.
If you have any questions, concerns, or wish to exercise your privacy rights under any applicable law, please contact us:
Privacy Request Processing: Upon receipt of a verifiable consumer request, we will: (1) verify your identity; (2) confirm your request; (3) respond within the timeframe required by applicable law; (4) provide the requested information at no cost (unless requests are excessive); (5) maintain records of all requests and responses.
This Privacy Policy and your use of the Service are governed by the laws of the State of Oregon, without regard to conflict of law principles, as stated in our Terms of Service. However, we comply with all applicable privacy laws in the jurisdictions where our users are located, including GDPR, CCPA, CPRA, and other state and international privacy regulations.