Privacy Policy

ABA Play helps you prepare for ABA certification exams. This policy describes what we collect, how we protect it, and what choices you have.

When you create an account, we store your name, email, exam goal, and a secure password fingerprint (hash)—not your password in plain text. When you are signed in, we sync study progress (practice answers, flashcard reviews, exam attempts, and related settings) to our server so you can continue on another device.

If you use the app without signing in, some progress may remain only on your device until you create an account.

Passwords are hashed with bcrypt before storage. Sign-in and registration use HTTPS in production. After login, the app uses a short-lived access token instead of sending your password again. Login attempts are rate-limited to reduce guessing attacks.

Choose a strong, unique password and sign out on shared devices.

Account and progress data are stored on the servers that host ABA Play (currently our VPS provider). Data is not published to public code repositories.

You can sign out at any time from Account. Signed-in students can delete their server account and synced progress from Account. Resetting local progress on your device does not delete server data unless you use delete account while signed in.

To request help with your data or ask us to delete your account, email questions@abaplay.live.

Questions about the app, content, or your account: questions@abaplay.live.

We may update this policy as the product changes. Material changes will be reflected on this page with an updated effective date when we publish them.