Privacy

Pathlio Privacy Notice

Plain-English details about how Pathlio collects, uses, discloses, and protects personal information. Last updated April 29, 2026.

On this page

Jump to the section you need without losing the full legal text.

Privacy summary

Relatively narrow data collectionNo photos, image uploads, or general file uploadsNo precise geolocation or GPS locationNo targeted advertising or remarketing data flows

This Privacy Notice explains how Pathlio LLC ("Pathlio," "we," "us," or "our") collects, uses, discloses, and protects personal information in connection with the Pathlio website, account flow, student questionnaire, checkout flow, report generation flow, report delivery flow, and related services (collectively, the "Service").

Pathlio is built to keep collection relatively narrow. Please do not enter Social Security numbers, financial account numbers, medical records, diagnoses, therapy notes, or other highly sensitive personal information into free-text fields.

Last updated April 29, 2026

1. Scope of this Privacy Notice

This Privacy Notice applies to personal information Pathlio collects through the Service, including when you create an account, enter student or family information, request the free starter guide, complete checkout, receive a report, contact support, or otherwise interact with Pathlio.

Pathlio is a direct-to-family educational planning service. It is not a school, college, or school official, and it does not ask schools to send official education records to Pathlio.

2. Who controls the information

Pathlio is operated by Pathlio LLC, a Florida limited liability company.

Contact details:

Email: hello@yourpathlio.com

You can also start from the Contact page.

3. The information Pathlio collects

Depending on how you use the Service, Pathlio may collect the following categories of personal information:

Account information

email address
login credentials processed through Pathlio's authentication provider and related account security information
if you choose Google sign-in, Google account identifiers and basic profile fields such as email address, email verification status, name, and profile picture or avatar if Google provides them through the sign-in flow
account identifiers
records of legal version acceptance and account events

Pathlio uses Google sign-in information only for account creation, login, authentication, account security, support, and duplicate-account prevention. Pathlio does not receive your Google password and does not request access to Gmail, Google Drive, Google Calendar, Google Contacts, YouTube, or other Google account content.

Homepage guide requests

email address submitted to receive the free starter guide
records that the guide was requested from the public homepage
delivery, consent, source, and support records tied to the guide request

Student and questionnaire information

student first name
student age range
grade level, graduation timing, academic preferences, goals, interests, and other information entered into the questionnaire
survey responses and form submissions
information manually entered by the user; Pathlio does not ask schools to transmit official education records to Pathlio
other planning-related information you choose to provide through the Service

Transaction and checkout information

records related to checkout and purchase status
adult checkout attestation records
authority-basis selection made at checkout
receipt/contact information associated with the purchase
limited transaction metadata
Pathlio does not receive or store full payment card numbers through the Pathlio app; payment collection is handled by Stripe

Report and service output information

generated report content
report status and delivery records
support and service history tied to the account

Technical and service interaction information

basic device, browser, session, and log information reasonably needed to operate, secure, and troubleshoot the Service
records of account activity relevant to security, fraud prevention, service delivery, and support
privacy-safe diagnostic metadata used to operate report generation and support manual privacy request handling, with a bias toward summaries rather than copied questionnaire or report content

4. What Pathlio does not collect

Pathlio is designed not to collect or process:

photos
image uploads
general file uploads
precise geolocation or GPS location
public profiles
student-to-student messaging
public community posting features
targeted advertising or remarketing data flows
sale/share style personal data flows for advertising purposes

5. Where Pathlio gets information

Pathlio collects information:

directly from you when you request the free starter guide, create an account, complete forms, answer planning questions, complete checkout-related steps, or contact support
from Google if you choose Google sign-in, limited to the account and basic profile information Google provides for authentication
from the adult completing checkout
from Stripe and related payment events needed to confirm payment status
from service providers that help Pathlio host, secure, and operate the Service
automatically through basic technical means necessary to run, secure, and improve the Service

6. How Pathlio uses personal information

Pathlio uses personal information to:

send the free starter guide when requested
create and manage accounts
allow students and families to move through the questionnaire flow
process purchases and confirm payment status
record the required adult checkout attestation where applicable
generate, prepare, deliver, and maintain the Pathlio report
provide support and respond to questions or requests
maintain service security, detect misuse, troubleshoot issues, and prevent fraud
maintain basic legal, operational, and audit records
operate, maintain, secure, support, and improve the Service

When Pathlio uses submitted information for those purposes, Pathlio does not use it to train public or shared AI models unless Pathlio separately discloses that practice.

Pathlio does not use the Service to provide targeted advertising based on student or family behavior across different websites or services.

7. AI-assisted processing

Pathlio may use automated systems, language models, and other AI-assisted tools to help process submitted information and generate portions of the Service output, including the student report.

This means the information you submit through the questionnaire may be processed by service providers, including OpenAI, that help Pathlio generate report content. Because AI-assisted tools can make mistakes or produce incomplete or outdated results, users should use judgment and verify important facts before acting on them.

Pathlio does not use submitted information through this flow to train public or shared AI models unless Pathlio separately discloses that practice.

8. Minor users and adult authorization

Pathlio is not available for students under 13 years old. If a user identifies a student as under 13, Pathlio may block account creation, use of the Service, checkout, and report delivery.

For students ages 13 through 17, the student may move through parts of the Service, but the report is only purchased and released after an adult completes checkout and provides the required attestation.

If the student is under 18, the person completing checkout represents that they are 18 years of age or older and that they are the parent, legal guardian, authorized adult for the student, or have obtained any required parental or guardian consent.

9. How Pathlio discloses information

Pathlio may disclose personal information:

to service providers that help operate the Service
to payment processors and infrastructure providers as needed to complete the transaction and run the Service
to vendors that support hosting, database storage, AI-assisted report generation, marketing email delivery, security, or support operations
if required by law, legal process, or valid government request
to protect Pathlio, users, families, or the public
in connection with a merger, acquisition, financing, reorganization, sale of assets, or similar business transaction, subject to applicable law

Pathlio's service providers may include:

Supabase for authentication and database storage
Google for optional Google sign-in and OAuth identity verification
Stripe for payment processing
Resend for transactional email delivery and starter-guide email delivery
HubSpot for starter-guide lead capture, consent, and contact/source tracking
OpenAI for report-generation support
Vercel for hosting and background job infrastructure

10. No sale or targeted advertising

Pathlio does not sell personal information for money.

Pathlio also does not knowingly share personal information for cross-context behavioral advertising or targeted advertising, including personal information relating to minors.

If Pathlio later adds targeted advertising, third-party marketing pixels, or similar features, this Privacy Notice would need to be updated before those changes go live.

11. Cookies and similar technologies

Pathlio is designed to rely on cookies and similar technologies only to the extent reasonably necessary to operate the website, keep users signed in, secure the Service, and support core functionality.

If you use Google sign-in, Pathlio and its authentication provider may use OAuth redirects, temporary sign-in state, and session cookies needed to complete authentication and keep the account signed in.

Pathlio is not intended to use advertising cookies, remarketing pixels, or similar targeted-marketing technologies.

12. How long Pathlio keeps information

Pathlio keeps personal information for as long as reasonably necessary to provide the Service, maintain account and transaction records, support users, protect the Service, comply with legal obligations, resolve disputes, and enforce agreements.

Retention periods may vary depending on the type of data, whether the account remains active, whether a purchase was completed, whether support or legal issues are pending, and whether Pathlio has a legitimate operational need to keep the information.

When Pathlio no longer reasonably needs personal information, Pathlio will delete it, de-identify it, or retain it only as permitted or required by law.

13. Security

Pathlio uses reasonable administrative, technical, and organizational measures designed to protect personal information.

However, no method of transmission over the internet and no method of electronic storage is completely secure. As a result, Pathlio cannot guarantee absolute security.

14. Your choices and privacy requests

Depending on where you live and subject to applicable law, you may have the right to request that Pathlio:

confirm whether Pathlio processes your personal information
provide access to personal information
correct inaccurate personal information
delete personal information
provide a copy of certain personal information in a portable format

Pathlio handles deletion, export, and similar privacy requests through a lightweight manual support process rather than a fully self-serve tool.

To make a privacy-related request, contact:

hello@yourpathlio.com
That same address also handles privacy requests.

Pathlio may need to verify your identity and authority before completing certain requests.

If the request relates to a student under 18, Pathlio may ask for information reasonably needed to confirm that the requester is the account holder, adult purchaser, parent, guardian, or otherwise authorized adult.

15. U.S. state privacy disclosures

Depending on where you live and whether an applicable state privacy law applies, you may have rights to access, correct, delete, or obtain a copy of certain personal information, and to opt out of certain types of data sale, targeted advertising, or profiling.

Pathlio states the following:

Pathlio does not sell personal information for money
Pathlio does not knowingly share personal information for cross-context behavioral advertising
Pathlio does not use targeted advertising
Pathlio does not knowingly engage in sale/share style data flows involving minors

If Pathlio's practices change, this Privacy Notice will be updated accordingly.

16. Third-party services and links

The Service may involve third-party services, including Stripe for payment processing. Third-party services may have their own terms and privacy notices governing their practices.

This Privacy Notice describes Pathlio's practices, not every third party's separate practices.

17. International use and data transfers

Pathlio is currently designed as a U.S.-first service. If you access the Service from outside the United States, you understand that your information may be processed and stored in the United States or other jurisdictions where Pathlio or its service providers operate.

Pathlio does not intentionally target or market the Service to residents outside the United States at launch. If Pathlio later expands its intended markets, Pathlio will review and update its privacy disclosures and practices before doing so.

Those jurisdictions may not provide the same level of legal protection as your home jurisdiction.

18. Changes to this Privacy Notice

Pathlio may update this Privacy Notice from time to time. When Pathlio does, Pathlio will update the effective date or version reflected on the page.

If Pathlio makes a material change, Pathlio may provide notice through the website, the account, checkout flow, or the email associated with the account, as appropriate.

19. Contact Pathlio

If you have questions about this Privacy Notice, the Service, or a privacy request, contact Pathlio at:

Email: hello@yourpathlio.com

You can also review Pathlio's Terms of Service and Billing, Refunds, and Report Delivery Policy from the website.