Privacy Policy
Effective date: April 20, 2026 | Version: 1.1
1. Controller
ProCrash
Stefansberg 5, 55116 Mainz, Germany
Email: procrash94@gmail.com
2. Data We Process
- Account and authentication data (UID, email, sign-in method)
- Profile data (display name, avatar, language settings)
- Learning data (folders, questions, answers, progress)
- Upload data (file metadata and uploaded content)
- AI processing data (selected text parts, prompts/instructions, generation settings, generated output)
- Technical data (app settings, notification/session state)
3. Purpose and Legal Basis (GDPR)
- Contract performance (Art. 6(1)(b) GDPR): app functionality and account services
- Legitimate interests (Art. 6(1)(f) GDPR): security, abuse prevention, stability
- Consent (Art. 6(1)(a) GDPR): push notifications where required
- Consent (Art. 6(1)(a) GDPR): third-party AI processing for AI features
- Legal obligations (Art. 6(1)(c) GDPR): where applicable
4. Service Providers
- Firebase Authentication
- Cloud Firestore
- Firebase Storage
- Cloud Functions
- Firebase Cloud Messaging
- Google Cloud Vertex AI (Gemini)
5. AI Consent and Third-Party Processing
Before any AI feature is used, the app requests explicit user consent in-app.
Without consent, no data is sent to the third-party AI service.
If consent is granted, selected study content (for example extracted text from PDF/PPTX),
user prompts/instructions, and generation settings (such as language and question format)
may be sent to Google Cloud Vertex AI (Gemini) to generate study material.
Users can revoke this consent at any time in app settings.
After revocation, AI transfers are blocked until consent is granted again.
6. Retention
- Account/profile data: until account deletion
- Learning data: until user deletion or account deletion
- Uploaded files: up to 30 days after processing
- Technical logs: only as long as operationally necessary
7. Your Rights
You may request access, correction, deletion, restriction, portability, and objection.
Contact: procrash94@gmail.com
8. International Transfers
If data is processed outside the EEA, transfer safeguards such as contractual protections are applied.
9. AI Transparency
Uploaded content can be automatically processed to generate study material.
AI output may be imperfect and should be reviewed by the user.
10. Complaints
You can file a complaint with a competent data protection authority.