Trust and data

Privacy Policy

This page explains what Key2MD collects, why it is collected, and how students can ask for data to be removed.

Last updated: 8 May 2026.

Key2MD is run by Dan Brittain in Australia. The site provides admissions guidance, coaching enquiries, AI practice feedback, mock exams, email updates and payment links. This policy is written plainly because students should not need a law degree to understand what happens to their information.

Information We Collect

Depending on what you use, Key2MD may collect your name, email address, enquiry details, selected universities, exam timing, account login details, payment status, practice answers, AI feedback, uploaded or recorded MMI/CASPer mock responses, usage limits, credits, subscription status, basic device information, IP address and site analytics events.

The chances calculator can be used without creating an account. If you choose to subscribe or make an enquiry after using it, your email and the information you submit in that form may be stored.

How Information Is Collected

Information is collected when you submit it through forms, create or use an account, buy credits or subscriptions, request AI feedback, upload or record a mock response, subscribe to email updates, or use site pages that include security, analytics or abuse-prevention tools.

How We Use It

Key2MD uses student information to provide the service requested, reply to enquiries, manage accounts, process payments, deliver AI feedback, maintain review history, send subscribed email updates, prevent abuse of free limits, improve the tools, and keep admin records needed to run the business.

AI Practice Content

Practice answers and recordings may be processed by AI services to generate feedback. Students should avoid submitting highly sensitive personal, health, financial or third-party information unless it is genuinely needed for the practice task.

Sensitive Information

Some practice answers may reveal sensitive information if a student chooses to include health, racial or ethnic background, religious or political views, biometric, sexuality, criminal-record or other sensitive details. Do not include sensitive information about yourself or another person unless it is necessary for the task. Where it is submitted, Key2MD uses it only for the relevant service, support, safety, legal or accounting purpose.

Payments

Payments are handled through Stripe. Key2MD does not store full card numbers. Stripe may process payment information according to its own privacy and security policies.

Service Providers and Overseas Processing

Key2MD may use trusted service providers for hosting, databases, security, analytics, email, payments, AI processing and file storage. These providers may process or store data in Australia or overseas depending on their infrastructure and policies.

Email Updates

If you subscribe or submit an enquiry, your email may be added to the Key2MD subscriber list. You can unsubscribe at any time using the unsubscribe page or by contacting Dan.

Who Can Access Student Data

Student data is intended to be accessed only by Key2MD admin users and the services needed to run the site, such as hosting, database, email, payments and AI processing providers. Admin areas are protected and are not intended for public access.

Data Retention

Key2MD keeps data while it is useful for providing the service, maintaining student history, resolving support issues, meeting payment/accounting obligations, and improving safety. Students can request deletion of personal data where deletion is reasonable and legally possible.

Delete or Access Your Data

To request access, correction or deletion, email brittainmbbs@gmail.com. Include the email address used on Key2MD so the right records can be found.

Students Under 18

Key2MD is designed for senior secondary, undergraduate, graduate and doctor-applicant audiences. If a student is under 18, they should use paid services with parent or guardian involvement.

Security

Key2MD uses account authentication, admin authentication, protected API endpoints and payment-provider security controls. No website can guarantee perfect security, but the site is designed to keep student records out of public access.

Changes

This policy may be updated as the site changes. The latest version will be published on this page.