Can I delete my account and personal data?

Yes. Under your Right to Erasure, you can request permanent deletion of your account and all associated personal data. Submit a request to support@smartacademicwriting.com. We process deletion requests within 30 days. Transaction records may be retained for 7 years under legal accounting requirements even after account deletion.

How will a data breach be communicated?

In the event of a breach affecting your personal data, we will notify you and the relevant supervisory authority within 72 hours of confirming the breach, in compliance with GDPR Article 33. The notification will specify what data was affected, the likely consequences, and the steps being taken to address the breach.

Are cookies used and can I opt out?

Yes, cookies are used for session management, analytics, and functionality. A cookie consent banner is displayed on first visit. You can manage cookie preferences at any time through the banner or through your browser settings. Functional cookies required for account login cannot be disabled without affecting service access. See our Cookie Policy at smartacademicwriting.com/cookie-policy/ for the complete list of cookies used.

Does GDPR apply to my data even if I am outside the EU?

GDPR applies where we process data of individuals located in the EU/EEA, regardless of where our servers are located. If you are based in the EU, all GDPR rights apply to your data including access, rectification, erasure, restriction, portability, and objection. For clients outside the EU, we apply equivalent protections as a general standard, and CCPA rights apply to California residents.

Privacy Policy

Q: Do you publish or resell completed papers?

No. Completed papers are never resold, published, or shared. Once delivered, the paper is removed from the writer's access. It remains in your encrypted account for your use only.

Q: Do writers see my real name?

No. Writers see only your Customer ID number. Your name, email address, phone number, and institution are not disclosed to any writer. Do not share personal contact details in the platform chat — messages are reviewed by quality assurance staff and personal contact information shared there is redacted.

Q: How long is my data retained?

Account data is retained while your account is active and for up to 90 days after deletion is requested. Order files and manuscripts are retained for 12 months after delivery to support revisions and disputes, then deleted. Transaction records are retained for 7 years under accounting and tax law. Chat logs are retained for 6 months for quality assurance review, then deleted.

Q: Is payment information stored on your servers?

No. We do not store credit card or bank account data. All payment processing is handled by PCI-DSS Level 1 compliant third-party processors (Stripe and PayPal). We receive only a transaction reference number and payment status confirmation. Your card data never passes through or rests on our servers.

Q: What appears on my bank statement?

Charges appear under a neutral descriptor — not 'Essay Writing Service' or 'Academic Writing.' The descriptor used is a neutral business name. Contact support before placing your order if you require confirmation of the specific descriptor that will appear.

$54.00

Estimated total

Order Securely

Privacy Policy

This document defines how Smart Academic Writing collects, stores, protects, and processes your personal data. It applies to all users of the website and services at smartacademicwriting.com.

256-bit SSL GDPR Compliant Writer Anonymity PCI-DSS Payments

Last Updated: October 24, 2024

Smart Academic Writing Secure Order

256-bit SSL Encryption

Writer Identity Anonymized

No Data Sold or Shared

PCI-DSS Payment Processing

GDPR & CCPA Compliant

01 Introduction

Smart Academic Writing (“we”, “us”, or “our”) operates the website at smartacademicwriting.com and all associated subdomains and services. This Privacy Policy describes the categories of personal data we collect, the purposes for which that data is used, the security measures applied to protect it, and the rights available to you under applicable data protection law.

By accessing or using our services, you confirm that you have read and understood this policy. If you disagree with any part of it, you should not use our services and should contact us to request account deletion.

This policy applies to all users globally. Specific rights under the General Data Protection Regulation (GDPR) apply to users in the European Economic Area. Specific rights under the California Consumer Privacy Act (CCPA) apply to California residents. We apply both frameworks as general standards across our entire user base rather than restricting enhanced protections to users in specific jurisdictions.

Zero-Tolerance Policy on Data Disclosure: We do not share, sell, or disclose your personal data to academic institutions, professors, third-party marketing firms, or any organization not named in this policy. This applies regardless of any external pressure or inquiry. We have never responded to an educational institution inquiry about a specific client order and have no legal obligation to do so in most jurisdictions where we operate.

Smart Academic Writing is registered at 651 North Broad Street, Middletown, DE 19709, United States. For privacy inquiries, contact support@smartacademicwriting.com. We aim to respond to all privacy-related communications within five business days.

This policy was last substantively updated on October 24, 2024. A summary of changes from the previous version is available on request. The current version supersedes all prior versions of this document.

02 Information We Collect

We collect only the data necessary to operate our services. We do not collect data speculatively or build behavioral profiles beyond what is required for service delivery and legal compliance. The following categories describe what is collected, how, and why.

Account and Registration Data

When you create an account or place an order, you provide: your name, email address, and in some cases a phone number. Your email address is the primary identifier for your account. We do not require your institution name, student ID, or academic affiliation — this information is not part of our standard registration and providing it is not recommended.

Order and Assignment Data

When placing an order, you provide the content of your assignment brief: academic level, subject area, required word count, deadline, referencing style, and any uploaded documents including rubrics, prompt sheets, or reading materials. This content is transmitted to your assigned writer through our internal platform. It is not shared externally.

Recommendation: Do not include personally identifying information in your assignment brief that you do not want a writer to see — such as your full name, student ID, or institution login credentials. Include only the assignment content and instructions required to complete the work. Writers see only your Customer ID, not your account name or contact details.

Technical and Usage Data

Our servers and analytics tools automatically collect technical data when you visit the site: your IP address, browser type and version, operating system, referring URL, pages visited, time on page, and device type. This data is used for security monitoring, fraud detection, and aggregate traffic analytics. It is not linked to your personal account unless a security incident requires cross-referencing.

Communication Data

Messages sent through our platform — including chat with support agents and messages within the order chat with your assigned writer — are logged and retained for quality assurance review. Support chat logs are retained for six months. Order communication logs are retained for 12 months alongside the order file.

Account Data: Name, email, phone (optional). Used for account management and order communication.
Order Data: Assignment brief, uploaded files, instructions. Used solely for order fulfillment.
Technical Data: IP address, browser, device. Used for security monitoring and aggregate analytics.
Communication Data: Chat logs within the platform. Retained for quality assurance and dispute resolution.
Cookie Data: Session identifiers and analytics cookies. See Section 9 for full cookie details.
Payment Data: Transaction reference numbers and payment status only. Card data is processed by third-party PCI-DSS processors and never stored on our servers.

03 How We Use Your Data

Each category of data we collect has a specific, defined purpose. We do not use data collected for one purpose to serve a different one. The legal basis for each processing activity is identified below in compliance with GDPR Article 6.

Processing Purpose	Data Used	Legal Basis (GDPR)
Order fulfillment and delivery	Account data, order data, communication data	Performance of contract (Art. 6(1)(b))
Payment processing	Transaction reference, payment status	Performance of contract (Art. 6(1)(b))
Customer support	Account data, communication data, order data	Performance of contract (Art. 6(1)(b))
Service quality monitoring	Communication data, order data	Legitimate interests (Art. 6(1)(f))
Security and fraud prevention	Technical data, account data	Legitimate interests (Art. 6(1)(f))
Legal and regulatory compliance	Transaction records, account data	Legal obligation (Art. 6(1)(c))
Marketing communications	Email address	Consent (Art. 6(1)(a)) — opt-out available at any time
Aggregate analytics and reporting	Technical data (anonymized)	Legitimate interests (Art. 6(1)(f)) — data not linked to identity

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects on any individual user. Our order matching system uses order parameters (subject, level, deadline) to match assignments to writers — this is a filtering function, not a decision with legal consequence, and is not governed by GDPR Article 22.

Marketing emails are sent only to users who have opted in during registration or who have previously used our services, under the “soft opt-in” provision applicable in relevant jurisdictions. An unsubscribe link is included in every marketing email. Transactional emails — order confirmations, delivery notifications, revision updates — are sent regardless of marketing preference as they are required for service delivery.

04 Data Protection & Security

We apply technical and organizational security measures proportionate to the sensitivity of the data processed and the risks associated with our operations. The following describes the primary safeguards in place.

TLS / SSL Encryption in Transit

All data transmitted between your device and our servers is encrypted using TLS 1.2 or TLS 1.3 with 256-bit AES encryption. Connections over unencrypted HTTP are automatically redirected to HTTPS. Our SSL certificate is maintained with a Certificate Authority and renewed before expiry. Mixed content is not served on any page of the platform.

Encryption at Rest

Data stored in our databases — including account records, order files, and communication logs — is encrypted at rest using AES-256. Database encryption keys are managed separately from the data stores and rotated on a defined schedule. Backup copies of data are encrypted to the same standard as the primary stores.

Writer Identity Separation

Writers access only the content of order briefs and the communication thread within their assigned order. They see your Customer ID, not your name, email, phone, or institution. Account profiles are not accessible to writers at any point during or after an order. This architectural separation is enforced at the database permission level.

Access Controls

Access to personal data is restricted to employees whose role requires it — primarily support staff and dispute resolution personnel. Access is role-based, logged, and audited quarterly. No single employee has unrestricted access to the full dataset of client records. Administrative access to production systems requires multi-factor authentication.

Anonymization in Analytics

Technical usage data used for site analytics is aggregated and anonymized before analysis. We use analytics tools configured to mask the final octet of IP addresses before storage, preventing individual user identification from analytics data. Raw IP logs used for security monitoring are not shared with analytics systems.

Infrastructure Security

Our hosting infrastructure is managed by a provider that maintains ISO 27001 certification. Servers are located in secure data centers with physical access controls, redundant power, and environmental monitoring. Security patches are applied on a defined schedule. Penetration testing is conducted on a periodic basis by a third-party security firm.

No system is completely immune to breach. Our security measures are designed to reduce the likelihood and impact of unauthorized access to an acceptable level. In the event of a breach, our notification protocol is described in Section 12. The measures described above represent our current standard, which we review and update at minimum annually.

05 Third-Party Sharing

We do not sell, trade, rent, or share your personal identifying information with third parties for any commercial purpose. This includes academic institutions, universities, educators, advertising networks, and data brokers. This restriction has no exception for financial consideration — we do not sell data.

Limited data sharing occurs only in the following circumstances, all of which are necessary for service operation:

Payment Processors: Transaction data is shared with Stripe and PayPal for payment processing. These processors are PCI-DSS Level 1 certified. They receive only the payment data required to process the transaction. They do not receive order content, assignment briefs, or any information about the nature of our service beyond the transaction amount.
Hosting and Infrastructure Providers: Our servers are operated by a managed hosting provider. This provider has access to server infrastructure but not to unencrypted personal data. Data processing agreements are in place with all infrastructure providers.
Analytics Tools: Anonymized and aggregated traffic data is processed by website analytics tools. These tools are configured to not store personally identifiable information. We do not use analytics configurations that enable user-level tracking or cross-site behavioral profiling.
Legal Obligations: We may disclose specific data if required by a valid legal order from a court or regulatory authority with jurisdiction over our operations. We are not aware of any legal mechanism that would require us to disclose client data to an educational institution. If we receive such a request, we will seek legal advice before complying and will notify the affected user where legally permitted to do so.
Business Transfers: In the event of a merger, acquisition, or sale of substantially all of our assets, client data may be transferred to the acquiring entity. You will be notified by email at the address associated with your account before any such transfer occurs and will be given the option to request deletion of your data prior to the transfer.

We do not use client data to train machine learning models, including large language models or AI systems, whether operated by us or by third parties.

Writers on our platform are independent contractors. They are bound by confidentiality agreements that prohibit them from disclosing order content, retaining copies of completed work, or contacting clients outside the platform. Violations of these terms result in immediate suspension and are addressed through contractual enforcement.

06 Payment Security

Smart Academic Writing does not store credit card numbers, bank account details, or CVV codes on our servers at any point during or after a transaction. All payment data is entered directly into the payment processor’s secure form using an iframe hosted on the processor’s infrastructure — card data does not pass through our web server.

Payment processing is handled by Stripe and PayPal, both of which hold PCI-DSS Level 1 certification — the highest level of compliance under the Payment Card Industry Data Security Standard. The PCI DSS is the framework governing secure handling of cardholder data. Our processors undergo annual audits by a Qualified Security Assessor (QSA) to maintain this certification. More information about PCI-DSS is available at the PCI Security Standards Council Document Library^[1].

We receive from our payment processors only: a transaction reference number, payment status (succeeded / failed / pending), the last four digits of the card used (for support reference), and the billing country code. This is the minimum information required to manage your order and support payment disputes. We cannot initiate charges from this information alone.

Bank Statement Descriptor: To protect your privacy, charges from Smart Academic Writing will not appear on your bank statement as “Essay Writing Service” or any description that identifies the nature of our service. Charges appear under a neutral business descriptor. Contact support before placing your order if you require the specific descriptor name to confirm it in advance.

Refunds processed through our refund policy are returned to the original payment method. We do not issue refunds to a different card or account than the one used for payment, as this would conflict with anti-money-laundering compliance requirements. Refund processing times are determined by your card issuer or PayPal, typically 5–10 business days.

Disputes raised through your bank or payment provider (chargebacks) are responded to through the processor’s dispute resolution process. We provide transaction records and delivery evidence to support the resolution of disputes. Initiating an unjustified chargeback for a delivered order may result in account suspension pending resolution.

07 Data Retention Policy

We retain personal data only as long as necessary for the purpose for which it was collected, subject to legal obligations that may require longer retention. The following schedule applies to all categories of data we collect.

Data Category	Retention Period	Reason	Deletion Method
Account data (name, email)	Active account duration + 90 days after deletion request	Service provision; 90-day window to reverse accidental deletion	Permanent deletion after grace period
Order files and manuscripts	12 months after delivery date	Revision period support; dispute resolution	Automated deletion at 12-month mark
Assignment briefs and instructions	12 months after delivery date	Revision support; writer quality review	Deleted with associated order file
Transaction records	7 years from transaction date	Legal requirement: tax, accounting, and audit obligations	Retained for legal period then deleted
Support chat logs	6 months from conversation close date	Quality assurance; dispute resolution reference	Automated deletion at 6-month mark
Order communication logs	12 months after delivery date	Dispute resolution; writer quality review	Deleted with associated order file
Security logs (IP, access)	90 days	Security incident investigation	Automated rolling deletion
Cookie data (analytics)	Session cookies: deleted on browser close. Persistent cookies: up to 13 months	Session management; analytics	Browser-controlled or server-side expiry

If you request account deletion, your account data is flagged for deletion and removed within 90 days. During this grace period, your data remains accessible to you if you change your mind. After 90 days, personal account data is permanently deleted. Transaction records are retained for 7 years even after account deletion due to legal accounting requirements — these records are anonymized where possible once the account no longer exists.

We do not indefinitely accumulate data on inactive accounts. Accounts that have been inactive for more than three years with no open orders and no login activity receive an automated notification and are scheduled for deletion 30 days after notification unless the account owner logs in or responds.

08 International Data Transfers

Smart Academic Writing operates as a global service. Our servers are located in the United States. If you access our services from outside the United States — including from the European Economic Area, United Kingdom, Canada, or Australia — your data will be transferred to and processed in the United States.

The United States does not benefit from an EU adequacy decision under GDPR, meaning it is not deemed to provide an automatically equivalent level of data protection to the EEA. To ensure your data remains protected during transfer, we use the following safeguards:

Standard Contractual Clauses (SCCs): Where we transfer personal data from the EEA or UK to a country without an adequacy decision, we rely on the European Commission’s Standard Contractual Clauses (SCCs) incorporated into our data processing agreements with infrastructure and service providers. SCCs create legally binding obligations on the data importer to protect the data to EEA standards.
Data Processing Agreements (DPAs): All third-party processors who handle personal data — including our hosting provider and payment processors — are bound by data processing agreements that specify the technical and organizational security measures they must maintain and the purposes for which they may use the data.
UK GDPR Compliance: For data transfers from the United Kingdom, we apply the UK International Data Transfer Agreement (IDTA) as the transfer mechanism where required, following the UK’s post-Brexit data transfer framework.
Encryption as a Supplementary Measure: All data in transit is encrypted before transfer, meaning the data is not in a form accessible to any intermediary or the recipient infrastructure provider without the encryption keys, which we retain.

Writers on our platform are distributed globally. When order content is transmitted to a writer outside your jurisdiction, that transmission constitutes an international transfer subject to the same safeguards described above. Writer confidentiality agreements include data protection obligations consistent with our privacy policy requirements.

09 Cookies and Tracking Technologies

We use cookies and similar technologies for three distinct purposes: functional operation of the platform, security, and analytics. A cookie consent banner is displayed to all users on first visit, allowing you to accept or decline non-essential cookies before they are set.

Cookie Category	Purpose	Can Be Declined?	Retention
Strictly Necessary	Session management, account login state, CSRF protection tokens, shopping cart state during order placement	No — required for service functionality	Session or up to 24 hours
Analytics	Aggregate traffic analysis: page views, session duration, bounce rate, traffic sources. IP address is anonymized before storage.	Yes — can be declined via consent banner	Up to 13 months
Functional	Remembering user preferences: language, currency display, calculator widget state	Yes — declining may affect site personalization	Up to 12 months
Security	Bot detection, rate limiting, fraud prevention signals	No — required for platform security	Session or up to 30 days

We do not use third-party advertising cookies or allow advertising networks to set cookies on our platform. We do not participate in cross-site tracking or retargeting programs. Analytics data is processed using tools configured to respect Do Not Track (DNT) browser signals.

You can manage or delete cookies at any time through your browser settings. Deleting session cookies will log you out of the platform. Blocking strictly necessary cookies will prevent the platform from functioning correctly. The full cookie policy, including a complete list of cookies set and their specific retention periods, is available at smartacademicwriting.com/cookie-policy/.

10 Your Data Rights

Under GDPR and equivalent legislation, you have the following rights regarding your personal data. California residents have additional rights under CCPA, described at the end of this section. We process all rights requests within 30 days of receipt.

Right of Access

Request a copy of the personal data we hold about you. We will provide a structured export of your account data within 30 days.

Right to Erasure

Request permanent deletion of your account and personal data. Subject to retention requirements for transaction records under accounting law.

Right to Rectification

Correct inaccurate personal data in your profile at any time through account settings or by contacting support.

Right to Restrict Processing

Request that we limit how we use your data while a complaint or correction is being resolved.

Right to Portability

Receive your personal data in a structured, machine-readable format (JSON or CSV) for transfer to another service.

Right to Object

Object to processing based on legitimate interests, including marketing communications. Marketing opt-outs are processed immediately.

CCPA Rights (California Residents)

Under the California Consumer Privacy Act, California residents have the right to know what personal information is collected and how it is used; the right to delete personal information held by us; the right to opt out of the sale of personal information (we do not sell personal information); and the right to non-discrimination for exercising CCPA rights.

California residents may submit a verifiable consumer request by emailing support@smartacademicwriting.com with the subject line “CCPA Request.” We will respond within 45 days, with a possible 45-day extension where required. We process no more than two verifiable consumer requests from any individual in a 12-month period.

To exercise any of the rights above, email support@smartacademicwriting.com from the email address associated with your account. Include the specific right you are exercising and, where relevant, the data or processing activity your request concerns. We may ask you to verify your identity before processing the request to prevent unauthorized access to your data by third parties.

11 Children’s Privacy

Our services are intended for use by individuals aged 18 and above who are enrolled in or applying to academic programs. We do not knowingly collect personal information from anyone under the age of 13, or under the age of 16 where that higher age threshold applies under local law (including in the European Union under GDPR).

If you become aware that a minor has created an account or provided personal data to us, contact support@smartacademicwriting.com immediately. We will verify the account and, if confirmed to belong to a minor, delete all associated data within 72 hours of confirmed identification.

Our registration process does not include age verification beyond a checkbox declaration. We rely on users to provide accurate information about their age. If we have reason to believe that a user is under the minimum age, the account is suspended pending age verification.

12 Data Breach Notification Protocol

A personal data breach is any security incident that results in unauthorized access to, disclosure of, alteration of, or destruction of personal data we process. Our protocol for responding to a confirmed breach is as follows.

Detection and Containment (0–6 hours): Upon becoming aware of a potential breach, our security team isolates the affected system to prevent further unauthorized access, preserves evidence, and begins forensic investigation to determine the scope and nature of the incident.
Assessment (6–24 hours): We determine whether the incident constitutes a personal data breach under applicable law — specifically, whether personal data of identifiable individuals has been compromised. We assess the categories of data affected, the likely number of individuals affected, and the probable consequences.
Regulatory Notification (within 72 hours of confirmation): If the breach is likely to result in a risk to the rights and freedoms of individuals, we notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required under GDPR Article 33. The notification includes the nature of the breach, categories and approximate number of individuals and records affected, the name and contact details of our Data Protection Officer, the likely consequences, and the measures taken or proposed to address the breach.
Individual Notification: Where a breach is likely to result in a high risk to your rights and freedoms, we notify you directly without undue delay. The notification is sent to the email address associated with your account and will describe the nature of the breach, the data affected, the steps we recommend you take to protect yourself, and the contact information for our privacy team.
Remediation: Following containment and notification, we implement technical and organizational measures to prevent recurrence. These measures are documented and reviewed by independent security assessment within 90 days of the incident.

The 72-hour regulatory notification window runs from the time we become aware that a breach has occurred — not from the time we complete the full investigation. Notifications made before the investigation is complete will be supplemented with additional information as it becomes available. We do not delay notification to conduct a complete investigation first.

13 Writer Privacy and the Team Behind Your Orders

Our writers are independent contractors based in multiple countries. Their personal data — including payment information, identity documents submitted during onboarding, and communication records — is processed separately from client data and subject to the same technical security standards described in this policy.

Writer profiles are published publicly on our authors page with their consent. Public profiles include: the writer’s chosen display name, their academic background and qualifications, their subject specializations, and their completed order count. Contact details, identity documents, and payment information are never published. Writers may request removal from the public authors page at any time.

The following writers have public profiles published at smartacademicwriting.com/authors/:

Our Writers

The Team Behind Your Orders

All writer profiles are published publicly. Browse writer backgrounds, qualifications, and subject expertise before placing an order.

Stephen Kanyi

Education & Academic Writing

Specialist in educational reports, policy documents, academic proposals, and essays across the social sciences. Stephen’s profile is one of the most viewed on the authors page and he maintains a consistent record of on-time delivery. His work is most frequently cited by clients for structural clarity and correct APA and Harvard referencing.

Michael Karimi

Business & Corporate Writing

Expert in business plans, strategic reports, investment proposals, and MBA-level assignments. Michael holds an advanced degree in Business Administration and handles the platform’s most complex business writing orders. Client reviews consistently describe his work as analytically rigorous with sound use of theoretical frameworks.

Julia Muthoni

Nursing & Health Sciences

Clinical writer specializing in nursing case studies, care plans, health assessments, and public health writing. Julia is the platform’s primary nursing writer and applies evidence-based practice guidelines correctly throughout her work. Nursing clients most frequently mention correct clinical terminology and properly applied NMC standards in their reviews.

Shivachi

Economics & Financial Analysis

Specialist in financial reports, economic analyses, market research, and grant proposals. Shivachi handles the platform’s economics and finance assignments. Reviews frequently cite the accuracy of quantitative analysis and the sourcing of current economic data from credible institutional databases including the World Bank and IMF.

Zacchaeus Kiragu

Social Sciences & Research Methods

Specialist in research methodology, quantitative and qualitative analysis, and academic writing across the social sciences. Zacchaeus handles literature reviews, dissertation chapters, and research papers where methodological rigor is the primary marking criterion. His literature reviews are consistently praised for thematic organization and critical evaluation of methodology.

Browse All Writers

All Academic Disciplines

The Smart Academic Writing team includes specialists across all major academic disciplines. All writer profiles — including educational background, subject expertise, completed order count, and client satisfaction rating — are publicly listed on the authors page. You can browse profiles before placing an order to select a writer whose background aligns with your assignment requirements.

View All Writers

14 Policy Changes and Version History

We reserve the right to update this Privacy Policy at any time. Updates are made in response to changes in applicable law, changes in our data processing practices, changes in the services we offer, or recommendations from legal counsel or data protection authorities.

When we make material changes — changes that affect how we use your personal data in a way that could affect your rights — we will notify you by email to the address associated with your account at least 14 days before the changes take effect. For non-material changes (such as formatting updates, clarifications that do not change the substance of the policy, or corrections to typographical errors), we update the “Last Updated” date at the top of this page without individual notification.

The version of this policy in effect at the time you placed an order governs the handling of the data collected in connection with that order. If you continue to use our services after a material change takes effect and the notification period has passed, you are deemed to have accepted the updated policy. If you disagree with a material change, you may request account deletion before the change takes effect.

Previous versions of this policy are available on request by emailing support@smartacademicwriting.com with the subject line “Privacy Policy Version History.” We retain previous versions for a minimum of three years after supersession.

15 Privacy FAQs

Do you publish or resell completed papers?

No. Completed papers are never resold, published in databases, or shared with any third party. Once delivered to you, the paper is removed from the writer’s access. It remains in your encrypted account area for your use only, for 12 months after delivery. After 12 months, the file is deleted from our servers. We do not maintain a database of previously written papers for any purpose including plagiarism detection, resale, or reuse.

Can I delete my account and all personal data?

Yes. Email support@smartacademicwriting.com with the subject line “Account Deletion Request.” We verify your identity, flag the account for deletion, and process the request within 30 days. Account data is permanently deleted after a 90-day grace period. Transaction records are retained for 7 years after account deletion as required by accounting and tax law — these records are anonymized to the extent permitted by legal requirements.

Do writers see my real name or contact details?

No. Writers see only your Customer ID number — not your name, email address, phone number, or institution. This separation is enforced at the database permission level, not just by policy. Do not include personal contact details in the order chat or in your assignment brief. Any personal information included in order content is visible to your assigned writer as part of the assignment context.

How long is my data retained?

Account data: retained while your account is active + 90 days after deletion is confirmed. Order files and manuscripts: 12 months from delivery date. Transaction records: 7 years under legal accounting requirements. Support chat logs: 6 months. Security and IP logs: 90 days. Analytics cookie data: up to 13 months. See Section 7 for the complete retention schedule.

Is payment information stored on your servers?

No. Card numbers, CVV codes, and bank account data are entered directly into Stripe or PayPal’s secure payment form — card data does not pass through or rest on our servers at any point. We receive only a transaction reference number, payment status, the last four digits of the card (for support reference), and the billing country. Both processors are PCI-DSS Level 1 certified.

How will I be notified of a data breach?

If a breach is confirmed that likely risks your rights and freedoms, we notify you by email to your account address without undue delay. The notification describes what data was affected, the likely consequences of the breach, and what steps we recommend you take. Regulatory authorities are notified within 72 hours of breach confirmation, as required under GDPR Article 33.

What appears on my bank statement?

Charges appear under a neutral business descriptor — not “Essay Writing Service” or any description that identifies the nature of our service. Contact support before placing an order to confirm the exact descriptor that will appear if this is a concern for you.

Can I opt out of marketing emails?

Yes. Every marketing email contains an unsubscribe link. Clicking it removes your email from our marketing list within 72 hours. You can also email support@smartacademicwriting.com with “Unsubscribe” in the subject line. Opting out of marketing does not affect transactional emails — order confirmations, delivery notifications, and revision updates are sent regardless of marketing preference as they are required for service delivery.

Does GDPR apply to my data if I am outside the EU?

GDPR applies to processing of data belonging to individuals located in the EU/EEA, regardless of where our servers are located. If you are EU-based, all GDPR rights apply. For users outside the EU, we apply GDPR-equivalent protections as a general standard. California residents have additional rights under CCPA, described in Section 10. Users in Canada, Australia, and the UK have rights under applicable local legislation that we also recognize.

16 Contact Us

For all privacy-related inquiries — rights requests, data deletion, complaints about how your data has been handled, or questions about this policy — contact our privacy team directly. We respond to all privacy communications within five business days. Rights requests under GDPR or CCPA are processed within 30 days of receipt.

Smart Academic Writing — Privacy Team

Email: support@smartacademicwriting.com

Address: 651 North Broad Street, Middletown, DE 19709, United States

Subject line for rights requests: Use “GDPR Request”, “CCPA Request”, or “Data Deletion Request” as appropriate so your email is routed to the correct team.

Response time: General inquiries within 5 business days. Rights requests within 30 days. Breach notifications within 72 hours (regulatory) and without undue delay (individual).

Related policies: Cookie Policy · Terms of Service · Revision Policy · Refund Policy

External References

[1] PCI Security Standards Council — Document Library. The PCI Security Standards Council publishes and maintains the Payment Card Industry Data Security Standard (PCI DSS), the framework governing secure handling of cardholder data by organizations that accept, process, store, or transmit credit card information. Smart Academic Writing uses Stripe and PayPal as payment processors, both of which are PCI-DSS Level 1 certified — the highest compliance tier, requiring annual audits by a Qualified Security Assessor. The official documentation library, including the current PCI DSS standard and compliance guidelines, is maintained at the URL cited below and is publicly accessible. https://www.pcisecuritystandards.org/document_library/

[2] European Commission — General Data Protection Regulation (GDPR): Official Text and Guidance. The GDPR is the primary data protection regulation governing the processing of personal data of individuals in the European Economic Area. It establishes requirements for lawful processing, data subject rights, breach notification obligations (Article 33: 72-hour supervisory authority notification; Article 34: individual notification where high risk exists), international transfer mechanisms (Standard Contractual Clauses), and the appointment of Data Protection Officers. The complete regulation text, recitals, and official guidance are published by the European Commission and maintained at the URL cited below. Smart Academic Writing applies GDPR as the baseline standard for all users globally, not only EU residents. https://commission.europa.eu/law/law-topic/data-protection/data-protection-eu_en

Your Privacy Is Protected

Place a Secure, Confidential Order

256-bit SSL encryption, anonymized identity, PCI-DSS payment processing, and a zero-disclosure policy on your personal data.

Order Securely

Privacy Policy

Privacy Policy

01 Introduction

02 Information We Collect

Account and Registration Data

Order and Assignment Data

Technical and Usage Data

Communication Data

03 How We Use Your Data

04 Data Protection & Security

TLS / SSL Encryption in Transit

Encryption at Rest

Writer Identity Separation

Access Controls

Anonymization in Analytics

Infrastructure Security

06 Payment Security

07 Data Retention Policy

08 International Data Transfers

09 Cookies and Tracking Technologies

10 Your Data Rights

Right of Access

Right to Erasure

Right to Rectification

Right to Restrict Processing

Right to Portability

Right to Object

CCPA Rights (California Residents)

11 Children’s Privacy

12 Data Breach Notification Protocol

13 Writer Privacy and the Team Behind Your Orders

The Team Behind Your Orders

14 Policy Changes and Version History

15 Privacy FAQs

16 Contact Us

Smart Academic Writing — Privacy Team

Place a Secure, Confidential Order

Article Edited by

Simon