Privacy Policy

Effective date: April 2, 2026

Version: v1.2

This policy applies to processing carried out by the application on iOS/iPadOS devices.

1. Who processes the data

The controller is the entity displayed on the developer's App Store page. Under the GDPR, this entity is generally considered the “controller” of the data.

2. Design principles: minimalism & local first

  • The application adopts a “backend-less” or “local priority” architecture, avoiding the collection/storage of personal data on our servers.
  • We do not collect, store, or upload any data that could directly identify you (name, phone number, precise location, etc.), unless you voluntarily contact us via a dedicated feature (see section 6).

This principle is in line with the requirements of the CNIL (French Data Protection Authority) regarding necessary data collection and prior consent for non-essential processing.

3. What data is processed

3.1 Data processed/stored locally (not sent to our servers)

  • Progress, simulation results, error log, favorites/history: stored only in the iOS sandbox (AsyncStorage, Keychain, local database).
  • Application settings (language, preferences, etc.).

Deletion: uninstalling normally erases this data. We also recommend a “Reset Data” button within the app to enhance user control.

3.2 Data related to purchases/subscriptions (processed by Apple/third parties)

  • Apple In-App Purchase: payment and refund management by Apple; we never access credit card data or passwords.
  • RevenueCat (optional): manages purchase/subscription status and receipt verification. It may process anonymized identifiers (device ID, app instance, receipt information) as a “processor.”

3.2.1 Subscription and Apple Family Sharing processing

  • Family Sharing eligibility, household composition, and shareability are determined by Apple rules (Apple Account, country/region, eligibility), not by us.
  • When sharing is active, we generally receive only minimal technical subscription status (active/expired, product ID, expiry date, pseudonymous transaction/receipt identifiers) through Apple and/or our purchase management provider.
  • We do not receive full identity details of Apple family members and we do not build family-relationship profiles.
  • Billing, renewals, cancellation, refunds, and dispute handling are processed by Apple under platform rules.

3.3 What we do not do

We do not perform cross-app/site tracking or sell personal data.

We do not reference any advertising tracking SDKs.

4. Permissions used

  • Internet: download/update question banks, access educational resources, verify purchases with Apple.
  • Local notifications: only if you enable reminders, to deliver locally generated alerts without transmitting your personal data.
  • Access to files/downloads: only so you can view or import/export PDFs/resources. Delete files if you no longer need them.

5. Third-party services & cross-border flows

We may use services such as RevenueCat for purchase management. Their servers may be located outside the EU and apply cross-border transfer mechanisms (standard contractual clauses, etc.) from their own privacy policy.

6. Data when you contact us voluntarily

When you send a message (form/contact/email), we process the information you provide:

  • contact details (email, name if provided),
  • content of your message and necessary technical information (device model, system version, related order, screenshot, etc.).

Purposes: customer support, corrections, compliance, dispute resolution.

Retention period: reasonable (approximately 12–24 months) to meet regulatory obligations or additional requests; after this period, deletion or anonymization.

7. Legal basis (GDPR)

  • Contract performance: providing access to question banks, paid services, and purchase restorations (including verifications with Apple/RevenueCat).
  • Consent: for example, reminder notifications (which can be disabled via system settings).
  • Legitimate interest: fraud prevention, security, and compliance (without infringing on user rights).

8. Your rights

You can exercise your rights of access, rectification, erasure, restriction, objection, or portability.

As most data is local, you can delete it by uninstalling the app or using a “reset” button.

For data managed by third parties (RevenueCat, etc.), we can forward your request or guide you through their procedures.

If you have any doubts about compliance, you can contact the competent authority (in France: CNIL).

9. Security measures

We apply reasonable technical and organizational measures:

  • data isolation in the iOS sandbox;
  • least privilege principle and network calls/notifications only when necessary.

That said, no system is completely secure, especially on jailbroken devices or those exposed to malware.

10. Minors

The application is intended for learners; if you are a minor, please use it under the supervision of a legal guardian.

11. Policy updates

We may adjust this policy due to legal or product developments. Updates are communicated in the app with the version and date. Continued use implies your acceptance.