Privacy, plainly.
What we collect, why, and how to turn it off. No dark patterns.
If you only read one paragraph
- We collect the minimum needed to run the app: your learning content (lesson topics, writing answers, minigame topics) and your Apple sign-in identifier.
- Your learning content is sent to Google Gemini through our Cloudflare Worker proxy so the AI can generate lessons, grade writing, and explain vocabulary.
- We use TelemetryDeck for anonymous analytics. No advertising IDs. No fingerprinting.
- We do not sell your data and do not use your content to train AI models.
Information we collect
Account information
When you sign in with Apple, we receive a sign-in identifier and any name you choose to share. If you select "Hide My Email", we only see the Apple relay address (e.g. xyz@privaterelay.appleid.com). We use this solely to identify your account.
Content you create or generate
- Topics you type into the lesson generator, minigame builder, or writing tools
- Text you write in writing exercises, journals, story-weaver entries, and visual-challenge responses
- Your minigame answers and progress
- Words you save, lessons completed, XP earned, settings preferences
This content lives in your iCloud account (encrypted by Apple, not visible to us) when iCloud sync is on, and on your device otherwise.
Device information
Anonymous device metadata: iOS version, device model class, app version, system language. Used for crash diagnostics and analytics. We do not collect IDFA, advertising identifiers, IP-based location, or device fingerprints.
How we use your information
- Run the app's AI features. Topics and writing you submit are forwarded to Google Gemini through our Cloudflare Worker. The Worker holds the API key; your content travels over HTTPS to Gemini, and Google's privacy practices apply (policies.google.com/privacy).
- Sync your progress across your devices via iCloud, if you enable it. Your data stays in your private iCloud account; we don't see it.
- Improve the app via TelemetryDeck anonymous analytics (feature usage, errors). TelemetryDeck records events, not individuals. See telemetrydeck.com/privacy.
- Authenticate you via Sign in with Apple.
Third parties
| Service | Purpose | Data shared | Region |
|---|---|---|---|
| Google Gemini (via our Cloudflare Worker) | AI generation and grading | Active request content. Not your email or account ID. | Google data centers |
| Cloudflare Workers | API proxy | Same request payload, passed through. We do not log payloads. | Cloudflare edge |
| Apple | Sign in with Apple, App Store, iCloud | Auth and iCloud as set by Apple | Apple |
| TelemetryDeck | Anonymous analytics | Anonymized events, no user identifiers | EU-hosted |
We do not sell your data. We do not use your content to train AI models. We do not show ads.
Data retention
- Account data: kept while your account is active. Delete any time (Section 6).
- Content sent to Gemini: Google retains per Gemini's policy. We do not separately retain a copy.
- Anonymous analytics: retained by TelemetryDeck per their policy. Cannot be linked back to you.
Children's privacy
PASA is rated 4+ on the App Store and intended for general audiences. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, contact us and we will delete it.
Your rights
You can:
- Access the personal data we hold about your account
- Correct inaccurate information
- Delete your account and associated data
- Export your data
- Withdraw consent for analytics in app Settings
To exercise these rights, email kcc.wera.bc@gmail.com. We respond within 30 days.
EU residents have additional rights under GDPR, including the right to lodge a complaint with your local data protection authority.
Security
All network traffic uses HTTPS. API keys are stored server-side on Cloudflare Workers, never in the app binary. Your iCloud-synced data is encrypted by Apple. Our Worker validates a shared client token and does not log request bodies.
Changes to this policy
When we make material changes, we update the effective date above and notify you via an in-app banner. Continued use of the app after changes constitutes acceptance.
Contact
Weerayoot Yotasing
Berlin, Germany
Email: kcc.wera.bc@gmail.com
For privacy requests, please put "Privacy" in the subject line.