StudyDiff helps students debug STEM homework attempts, prepare for exams, build formula sheets, review grade patterns, and track mistakes. StudyDiff is designed to identify the first wrong step and explain the smallest correction rather than provide full homework answers by default.
Information We Process
StudyDiff may process homework text or images, OCR or extracted steps, uploaded course materials, grade or rubric materials, saved mistake history, subscription entitlement state, and app diagnostics needed to keep the service reliable.
In local demo mode, StudyDiff can run without sending homework, grades, rubrics, notes, or OCR text to a remote backend.
When a production backend is configured, StudyDiff sends structured study requests, upload metadata and text, mistake-history data, account export or deletion requests, and subscription entitlement linkage data to StudyDiff's backend.
Purchases
Purchases are handled by Apple through StoreKit. StudyDiff uses a stable app-account token so Apple's server notifications can update the matching backend entitlement. For backend accounts authenticated with Sign in with Apple, StudyDiff stores the Apple refresh token server-side only so it can revoke Apple authorization during backend account deletion. StudyDiff does not receive full payment-card details.
Model Improvement
Model improvement opt-in is off by default. StudyDiff should not use raw homework, grades, rubrics, or OCR content for model improvement unless a user explicitly opts in and the production privacy labels and provider contracts match that behavior.
Deletion And Export
StudyDiff provides controls to delete latest local uploads or results, delete all mistake history, delete local demo account data, export redacted local history, export backend account data when a backend is configured, and delete backend account data when a backend is configured.
Security
Production backend calls must use HTTPS. The backend verifies Sign in with Apple identity tokens, exchanges Apple authorization codes server-side, enforces object-level authorization, validates upload type and size, scans uploaded source artifacts for malware before accepting them for analysis, verifies S3-backed text and code extractions against stored source bytes when available, and verifies App Store Server Notifications before updating backend entitlements.
Contact
For privacy questions, contact support@studydiff.com.