Privacy Policy

Last updated: April 17, 2026

Data Makes the Difference, LLC ("Company," "we," "us," or "our") operates the Self & Match platform at selfandmatchapp.com ("Service"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the Service.

1. Information We Collect

1.1 Account Information (Users)

When you register for an account, we collect:

  • First and last name
  • Email address
  • Password (stored securely using bcrypt hashing)
  • Organization name and address
  • Role within the organization

1.2 Learner Information

Authorized Users may create learner accounts. Learner data is collected and managed by the User's organization. We may store:

  • First and last name (encrypted at rest)
  • Date of birth (encrypted at rest)
  • Email address, if provided (encrypted at rest)
  • Username
  • Gender and language preferences
  • Behavioral self-monitoring responses and match scores

1.3 Usage and Behavioral Data

We collect data generated through use of the Service, including form submissions, teacher matching observations, match scores, reward progress, and analytics data. This data is used solely to provide the self-monitoring and reporting features of the Service.

1.4 Payment Information

Payments are processed by Stripe, Inc. We do not store full credit card numbers on our servers. Stripe may collect payment information in accordance with their privacy policy. We retain transaction records (amounts, dates, license quantities) for billing purposes.

1.5 Automatically Collected Information

We may automatically collect:

  • IP address and approximate location
  • Browser type and device information
  • Pages visited and features used
  • Date and time of access

2. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Service
  • Authenticate users and manage accounts
  • Process payments and manage licenses
  • Generate analytics and reports for authorized Users
  • Send transactional emails (account confirmation, purchase receipts, password resets)
  • Provide customer support
  • Detect and prevent fraud, abuse, or security incidents
  • Comply with legal obligations

3. What We Do NOT Do With Your Information

We do not sell, rent, lease, or trade your personal information or learner data to third parties for advertising, marketing, or any commercial purpose.

We do not:

  • Sell personal information to data brokers or advertisers
  • Use learner data for targeted advertising
  • Share learner behavioral data with third parties for their independent use
  • Build advertising profiles from learner or user data
  • Use learner data for any purpose other than providing the Service to the organization

4. Data Encryption and Security

We take the security of your data seriously. Sensitive learner information (names, dates of birth, email addresses) is encrypted at rest using AES-256 encryption. All data is transmitted over HTTPS/TLS encryption. Passwords are hashed using bcrypt and are never stored in plain text.

We implement administrative, physical, and technical safeguards aligned with industry standards. For details on our security posture and compliance certifications, visit our trust center at trust.datamtd.com.

5. HIPAA Compliance

The Service is designed to comply with the Health Insurance Portability and Accountability Act (HIPAA). We implement safeguards to protect Protected Health Information (PHI) where applicable. Organizations that are covered entities or business associates under HIPAA may request a Business Associate Agreement (BAA) by contacting us at info@datamtd.com.

6. FERPA Compliance

For educational institutions, we operate as a "school official" under the Family Educational Rights and Privacy Act (FERPA). We use education records solely to provide the Service to the institution and do not use such records for any other purpose. The educational institution retains control of its education records.

7. COPPA Compliance

The Service may be used with learners under the age of 13. We rely on the educational institution or authorized User to obtain verifiable parental consent as required by the Children's Online Privacy Protection Act (COPPA). We do not knowingly collect personal information directly from children under 13 without such consent. Learner accounts are created and managed by authorized adult Users.

8. Data Sharing and Disclosure

We may share information only in the following circumstances:

  • Within your organization: Users within the same organization may access learner data based on their role and permissions.
  • Service providers: We use trusted third-party services to operate the platform, including cloud hosting (AWS), payment processing (Stripe), and customer support (Intercom). These providers are contractually obligated to protect your data.
  • Legal requirements: We may disclose information if required by law, subpoena, court order, or government request.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.
  • With your consent: We may share information when you explicitly authorize us to do so.

9. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Upon account termination, you may request export of your data within 30 days. After the retention period, data is securely deleted or anonymized. We may retain certain information as required by law or for legitimate business purposes (e.g., billing records, dispute resolution).

10. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Export: Request a portable copy of your data
  • Restriction: Request that we limit processing of your information
  • Objection: Object to certain types of processing

To exercise any of these rights, contact us at info@datamtd.com. We will respond within 30 days. Organizations may submit requests on behalf of their learners.

11. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential cookies: Required for authentication and session management
  • Analytics: To understand how the Service is used and improve it
  • Customer support: To provide live chat support via Intercom

We do not use cookies for advertising or cross-site tracking. You can manage cookie preferences through your browser settings.

12. Third-Party Services

The Service integrates with the following third-party providers:

  • Amazon Web Services (AWS): Cloud infrastructure and data storage
  • Stripe: Payment processing
  • Intercom: Customer support chat
  • Vimeo: Hosted tutorial videos

Each provider has their own privacy policy. We select providers that meet our security and compliance requirements.

13. International Data Transfers

Your data is primarily stored and processed in the United States. If you access the Service from outside the United States, your information may be transferred to and processed in the United States. By using the Service, you consent to such transfer.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the revised policy.

15. Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, please contact us: