How close are the practice questions to the real USMLE?

Our vignettes mirror NBME formatting and timing, with detailed step-by-step rationales and references to first-line guidelines.

Can I target weak systems or disciplines?

Yes. Create custom blocks by system (e.g., cardiovascular) and discipline (e.g., pharm, phys), plus difficulty filters.

Do you offer free content?

Join the list to unlock 50 free questions and weekly high-yield article drops. No credit card required.

Privacy Policy — MDSteps USMLE Prep

1. Introduction

MDSteps (“MDSteps,” “we,” “us,” or “our”) provides web-based educational tools for medical students and professionals preparing for USMLE and other exams. This Privacy Policy explains how we collect, use, disclose, and protect information in connection with your use of our websites, applications, and related services (collectively, the “Services”). By using the Services, you agree to the practices described in this Policy.

We are an independent educational platform and are not affiliated with, endorsed by, or sponsored by the NBME, FSMB, USMLE, or NCSBN.

2. Information We Collect

2.1 Information You Provide

Account & Profile: name, email address, password, institution (optional), graduation year (optional), and any information you submit via forms or surveys.

Payment: if you purchase a subscription, our payment processor (e.g., Stripe) collects billing information such as card number and billing address. We only receive limited details (e.g., last4 digits, expiration month/year) and do not store full payment card numbers.

Support: communications you send to us (e.g., email, chat) and any attachments you provide.

2.2 Information Collected Automatically

Usage data: pages viewed, features used, referring/exit pages, and timestamps. Device & log data: IP address, browser type, operating system, device identifiers, and error logs.

Approximate location: derived from IP address to help localize content, security, and detect fraud. We do not collect precise geolocation.

2.3 Information from Third Parties

We may receive limited information from third-party services you connect (e.g., single sign-on providers) or from marketing partners, in accordance with their privacy policies and your settings.

3. How We Use Information

Provide, operate, personalize, and improve the Services, including recommending content and tracking progress.
Process transactions, manage subscriptions, and provide customer support.
Monitor performance, fix bugs, and conduct analytics to improve reliability and usability.
Send transactional messages (e.g., receipts, service updates). With your consent or as permitted by law, send educational content and product updates.
Detect, investigate, and prevent fraud, abuse, security risks, and violations of our Terms.
Comply with legal obligations and enforce our agreements.

4. Cookies & Tracking Technologies

We use cookies, web beacons, and similar technologies to keep you signed in, remember preferences, analyze traffic, and measure the effectiveness of features and communications.

Choices: You can manage cookies through your browser settings. Some features may not function properly if certain cookies are disabled. If we use analytics tools (e.g., Google Analytics), they may set their own cookies; consult their privacy practices for details.

We do not sell personal information. We may share information as follows:

Service Providers: with vendors who process data on our behalf (e.g., hosting, analytics, payment processing) under contractual confidentiality and security obligations.
Legal: to comply with law, legal process, or governmental request; to enforce our Terms; to protect the rights, property, or safety of MDSteps, our users, or the public.
Business Transfers: in connection with a merger, acquisition, financing, or sale of assets. We will continue to protect information as required by applicable law and provide notices where required.
With Your Direction: when you connect third-party tools or share content through integrations.

6. Data Security

We maintain administrative, technical, and physical safeguards designed to protect information against accidental or unlawful destruction, loss, alteration, and unauthorized access or disclosure. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Children’s Privacy

The Services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn that a child under 13 has provided personal information, we will take steps to delete such information. If you believe a child has provided personal information, please contact us at the email below.

8. Your Rights & Choices

Depending on your jurisdiction, you may have rights to access, correct, update, or delete personal information; object to or restrict certain processing; and request portability. You may also opt out of marketing communications by following unsubscribe links or contacting us.

To exercise these rights, contact us at the email address below. We may take steps to verify your identity. We will not discriminate against you for exercising your rights.

9. International Transfers

If you access the Services from outside the United States, your information may be processed in the U.S. or other countries where we or our vendors operate. We take steps to ensure appropriate safeguards are in place consistent with applicable law.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated Policy and adjust the “Last updated” date. Your continued use of the Services after the effective date constitutes acceptance of the updated Policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact: privacy@mdsteps.com.