Privacy Policy

Last updated: March 18, 2026

PolyFlow ("we", "our", "the App") is operated by PolyFlow Developer. For the purposes of applicable data protection laws, this entity acts as the data controller of your personal data.

This Privacy Policy describes what data we collect, how we use it, how we share it, and how we protect it.

1. Information We Collect

We collect information necessary to provide our services and improve the App experience.

1.1. Account Information

When you sign in using a supported authentication method (such as Google Sign-In), we receive the following data from your account:

• Email address: used for account identification and communication.
• Display name: shown within the App interface and to other users.
• Profile photo: (if available) used for interface personalization.

1.2. Learning & Usage Data

We automatically collect data about your interaction with the App:

• Study session data (language, duration, skill type, activity type).
• Gamification progress (XP, level, achievements, streak, league).
• Lists of languages being studied and learning goals.
• In-app currency balances (gems) and boost usage.

1.3. Social & Messaging Data

• Friends list: user IDs of people you connect with in the App.
• Challenges: challenge data including participants, wagers, and scores.
• Messages: the App supports end-to-end encrypted (E2E) messaging. Message content is encrypted on your device before being sent to our servers. We cannot read the plaintext content of your messages. We store encrypted message data, sender/receiver IDs, and timestamps.
• Flames: records of support interactions sent between users.
• Public Visibility: Certain profile and activity information may be visible to other users as part of the social features of the Service, such as your display name, profile photo, level, achievements, or leaderboard position, depending on your privacy settings and the functionality you use.

1.4. Referral Data

If you use a referral code or share your own, we collect referral relationships (who referred whom) to distribute referral rewards.

1.5. Push Notifications

If you grant notification permission, we collect your device's Firebase Cloud Messaging (FCM) token to deliver push notifications such as study reminders, friend requests, and challenge updates. You can disable notifications at any time in your device settings.

1.6. AI-Generated Insights

For Premium users, your aggregated session statistics (total minutes, languages studied, daily averages) are sent to Google Gemini AI to generate personalized learning recommendations. To generate AI-based insights, we may send limited, de-identified or aggregated usage metrics to our AI service provider. We do not intentionally include direct identifiers such as your name or email in those requests.

1.7. Technical & Diagnostic Data

For error diagnostics and performance improvements, we may collect device information including device model, operating system version, and crash logs (via Sentry). This data is used to monitor performance, diagnose errors, and improve App stability. We aim to minimize the inclusion of directly identifying information in diagnostic reports, and our systems are configured to mask sensitive information where possible.

1.8. Website Cookies

We may use cookies or similar tracking technologies on our website (e.g., fact0ry.xyz) to provide basic functionality and analyze site traffic.

2. Legal Basis for Processing

We process personal data where necessary to provide the Service, comply with legal obligations, protect our legitimate interests, or where you have given consent. For users in the EEA/UK, we process your data based on: (1) your consent; (2) the necessity to perform the contract (providing App services); and (3) our legitimate interests in improving the Service and maintaining security.

3. How We Use Your Information

We use the collected data for the following purposes:

• Service delivery: operating the learning tracker, saving your progress, syncing data across your devices.
• Personalization: providing AI-powered learning recommendations based on your statistics (Premium feature).
• Social features: enabling friend connections, challenges, messaging, and flames.
• Analytics: understanding how users interact with the App to improve it.
• Communication: sending important notifications regarding your account, activity reminders, or service updates.
• Safety & security: detecting abuse, enforcing rate limits, and protecting against unauthorized access.

4. How We Share Your Information

We do not sell your personal data. We share data only with service providers acting on our behalf or where required by law:

• Google Firebase: authentication, database storage, cloud functions, analytics, and hosting (Google LLC, USA).
• Google Gemini AI: anonymized session statistics for generating AI learning insights (Premium feature only).
• Sentry: encrypted error/crash logs for monitoring App stability (Functional Software Inc., USA).

These providers process data in accordance with their own privacy policies and applicable data protection regulations.

5. Data Retention

Your data is retained for as long as your account is active. Specifically:

• Account & profile data: retained until you delete your account.
• Study sessions & progress: retained until account deletion.
• Messages: encrypted message data is retained for as long as necessary to provide the messaging feature, unless deleted earlier by account deletion, conversation deletion, or our retention policies.
• Crash logs (Sentry): automatically deleted after 90 days.
• Rate limit records: automatically cleaned up daily.

When you delete your account, we will delete or anonymize your personal data, except where retention is required or permitted by law, or reasonably necessary for security, fraud prevention, dispute resolution, or operational backups. Please note that while data is removed from our active databases immediately upon account deletion, some information may remain in our encrypted backups for up to 60 days before being fully overwritten. Referral relationships may also be anonymized.

6. Your Rights

Depending on your location and applicable law, you may have rights to access, correct, delete, export, or restrict the use of your personal data. Some rights may be subject to legal exceptions. You have the right to:

• Access your personal data — you can view your data within the App at any time.
• Rectify inaccurate data — update your profile information in Settings.
• Delete your account and all associated data — use the "Delete Account" feature in Settings, or contact us.
• Data portability — request an export of your data by contacting us.
• Withdraw consent — you may revoke permissions (e.g., notifications) at any time via device settings.

To exercise any of these rights, use the corresponding features in the App or contact us at the address below. We may need to verify your identity before processing certain privacy requests.

7. Children's Privacy

Our Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal data from a child under 13, we will take steps to delete that information promptly.

8. Data Security

Your data is stored on secure Google Firebase servers. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These measures include server-side access controls, encrypted data transmission (HTTPS/TLS), and end-to-end encryption for private messages.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States, subject to appropriate safeguards where required by applicable law.

10. Do Not Track

The App does not track users across third-party websites or services. We do not respond to "Do Not Track" browser signals as there is no industry standard for compliance.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy within the App. The "Last updated" date at the top of this page indicates when the policy was last revised.