PeerNest

Privacy Policy

Last updated: May 12, 2026

PeerNest (“PeerNest”, “we”, “us”) provides scheduling, live video, and collaboration tools to tutors and the students they teach. This policy explains what information we collect, how we use it, who we share it with, and the choices available to you.

By using PeerNest you agree to the practices described here. If you do not agree, please do not use the service.

1. Information we collect

1.1 Account information

When you sign in we receive your email address and a unique identifier from our authentication provider (WorkOS). We store the workspace (“organization”) you belong to and your role within that workspace.

1.2 Calendar data (Google)

If you connect your Google Calendar, PeerNest accesses calendar data under the following scopes:

  • calendar.events is used to create, update, and cancel events for tutoring sessions booked through PeerNest, so those sessions appear on your Google Calendar.
  • calendar.freebusy is used to read your free/busy windows so students cannot book over existing commitments. We do not read event titles, descriptions, attendees, or other event content under this scope.
  • openid email profile is used to identify the connected Google account and display its email address in the connection list.

You can disconnect Google Calendar at any time from the Settings page. Disconnecting revokes our access token and stops future synchronization. You can also revoke access directly from your Google Account permissions page.

1.3 Tutoring session content

During live sessions we process video and audio, whiteboard strokes, and any text typed into in-session chat or AI tools. Sessions are not recorded by default. If a recording is started by a tutor, the recording is stored on our infrastructure and only participants in that session can access it.

1.4 Payment information

Tutors who subscribe to PeerNest are billed through Stripe. We do not store full card numbers; Stripe collects and stores payment details directly. We receive a customer identifier, the last four digits of the card, and the subscription status.

1.5 Technical and usage data

We log standard request metadata (IP address, user agent, request timestamp, page or endpoint accessed) to operate the service, investigate errors, and prevent abuse. We do not use third-party advertising or cross-site tracking cookies.

2. How we use information

  • To operate the booking, scheduling, and meeting features.
  • To synchronize tutoring sessions with your Google Calendar when you have connected it.
  • To send transactional email (sign-in codes, invites, booking confirmations).
  • To process subscription payments and prevent fraud.
  • To diagnose problems, monitor performance, and keep the service secure.
  • To comply with legal obligations.

We do not sell personal information, and we do not use your data to train machine-learning models for any purpose other than providing features you have opted into.

3. Google API Services User Data Policy

PeerNest’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, data obtained from Google APIs is used only:

  • To provide and improve user-facing scheduling and calendar features inside PeerNest.
  • In aggregated, anonymized form for internal operations (capacity planning, error budgets).
  • Where strictly necessary to comply with applicable law or respond to valid legal process.

We do not transfer Google user data to third parties except as necessary to provide or improve the features above, for security purposes, or to comply with law. We do not use Google user data to serve advertisements, and we do not allow humans to read Google user data except where required by law, with the user’s explicit consent, for security investigations, or in aggregated, anonymized form for internal operations.

4. How we share information

We share information only with service providers who process data on our behalf to operate PeerNest:

  • WorkOS: authentication and session management.
  • Google: calendar synchronization (only if you connect your account).
  • Cloudflare: application hosting, CDN, storage (R2).
  • PlanetScale: managed Postgres database.
  • Upstash: managed Redis for caching and rate limiting.
  • LiveKit: real-time video and audio transport.
  • Stripe: subscription billing and payments.
  • Resend: transactional email delivery.

Each provider is bound by a data processing agreement that restricts use of the information to providing services to us. We may also disclose information if required by law, or to protect the rights, property, or safety of PeerNest, its users, or the public.

5. Children under 13

PeerNest is designed to be used by tutors and the students they teach, including children under 13, but only when a parent, guardian, or authorized school has granted permission for the child to use the service.

We do not knowingly collect personal information from a child under 13 without verifiable parental consent or authorization from a school acting as the child’s agent under FERPA. If your child received an invite from a tutor or organization, that tutor or organization is responsible for obtaining the necessary consent before issuing the invite.

Parents and guardians of children under 13 have the right to:

  • Review the personal information we hold about their child.
  • Request that we delete their child’s personal information.
  • Refuse to permit further collection or use of their child’s information.

To exercise any of these rights, contact us at ashar@peernest.ai from an email address that can be verified as belonging to the parent or guardian. We may ask for additional information to verify identity before acting on a request.

If we learn that we have collected information from a child under 13 without the required consent, we will delete that information promptly.

6. Data retention

We retain personal information while your account is active and for a limited period after deletion to satisfy legal, accounting, or audit obligations. Specifically:

  • Account records and booking history are retained while the account is active and for up to 90 days after deletion.
  • Calendar tokens are deleted immediately when you disconnect Google or delete your account.
  • Payment records are retained for the period required by tax and accounting law (typically seven years).
  • Operational logs are retained for up to 90 days, then deleted.

7. Security

We use industry-standard measures to protect your information, including TLS in transit, encryption of sensitive credentials at rest (such as OAuth refresh tokens), least-privilege access controls, and audit logging on production systems. No system is perfectly secure; if we become aware of a breach affecting your personal information we will notify you in accordance with applicable law.

8. Your rights

Depending on where you live, you may have the right to access, correct, delete, or export your personal information, to object to certain processing, or to withdraw consent. You can exercise most of these rights directly from your account settings; for the rest, contact us at ashar@peernest.ai.

9. International transfers

PeerNest is operated from infrastructure provided by Cloudflare and other providers whose data centers are located in multiple countries. By using PeerNest you understand that your information may be transferred to, stored in, and processed in countries outside your country of residence.

10. Changes to this policy

We may update this policy from time to time. When we make a material change we will update the “Last updated” date and, where appropriate, notify you by email or through the product. Continued use of PeerNest after the change takes effect constitutes acceptance of the updated policy.

11. Contact us

For privacy questions or requests, write to ashar@peernest.ai. For general support, write to ashar@peernest.ai.