Privacy Policy

The short version

PASA is a German-language learning app. Almost everything stays on your device. The text you choose to send to AI features (lesson topics, journal entries, your written answers) is processed by Google's Gemini API to produce the AI response, then dropped. We do not run a server that stores your data, and we do not sell your data to anyone.

Who we are

PASA is built and operated by Weerayoot Yotasing, an independent developer based in Berlin, Germany. For data-protection questions you can reach the developer through the App Store listing's "App Support" link, or by replying to any subscription receipt email from Apple.

What stays on your device

The following data lives only on your iPhone or iPad and never leaves it unless you explicitly enable iCloud sync (see below):

Your XP, streak, and progress through lessons
Your vocabulary banks and favorite words
Your generated lessons and minigame packs
Your writing-tool sessions (Smart Journal, Story Weaver, Live Scenario, Visual Challenge)
Your settings and preferences

This data is stored using Apple's SwiftData (a local database). Removing the app removes the local database.

What goes through Google's Gemini API

PASA's AI features (lesson generation, vocabulary analysis, writing feedback, "explain why this was wrong" hints, daily journal prompts) are powered by Google's Gemini language model. When you use those features:

The text you typed (e.g. "lesson about going to the doctor", or your full journal entry) is sent over HTTPS to Google's Gemini API.
Google generates the response and returns it to your device.
Google's data-handling for Gemini API is governed by the Google Cloud Privacy Notice. As of 2026, paid-tier Gemini API requests are not used to train Google's models.
We send the request through a thin Cloudflare Worker that holds the API key. The Worker logs only the request IP and timestamp for rate-limiting, and does not log the prompt or response body.
We do not attach your name, email, device identifier, or location to any Gemini request.

If you do not want any text to leave your device, do not use the AI features. The curated Feature Pack lessons (Pflege, Alltag, Reise, Bewerbung) work entirely offline once they have been seeded.

iCloud sync (optional, on by default)

PASA uses Apple's CloudKit to sync your local data between your own Apple devices (iPhone and iPad) signed in to the same Apple ID. This data is encrypted in transit and at rest by Apple, lives in your private iCloud container, and is not visible to PASA's developer or to anyone else. We do not run a server that touches this data.

You can disable this in iOS Settings → your name → iCloud → Apps Using iCloud → PASA.

Sign in with Apple

PASA may offer Sign in with Apple as an account option. If you use it, Apple shares only the identifier you choose to share (your real email or a private relay address) with PASA. We do not request any other profile information.

Anonymous analytics (opt-out)

By default, PASA collects anonymous, aggregated usage analytics through TelemetryDeck (a privacy-first analytics service). This includes:

App version and iOS version
Counts of which features are used (e.g. "lesson generated", "minigame played")
Crash and error events

This data is not personally identifying. We do not collect your name, email, contacts, location, IP address, or anything you typed. You can turn analytics off at any time in Settings → Privacy → Share anonymous analytics.

TelemetryDeck's own privacy notes are at telemetrydeck.com/privacy.

Subscriptions and Apple's role

If you subscribe to PASA Plus, the purchase is handled entirely by Apple's App Store. We never see your payment details. Apple shares with us only:

The fact that an active subscription exists for your Apple ID, via Apple's StoreKit transaction system.
An anonymous transaction identifier so the app can verify the entitlement on launch.

For Apple's handling of your purchase information, see the Apple Privacy Policy.

What we do not collect

We do not collect your name, email address, postal address, phone number, or contacts.
We do not collect your real-time location.
We do not show third-party advertising.
We do not use Facebook SDK, Google Analytics, AdMob, or any tracking SDK.
We do not sell your data to anyone, ever.

Your rights under GDPR (EU users)

If you are in the European Union, the United Kingdom, or another jurisdiction with similar data-protection law, you have the following rights regardless of whether you have an account with PASA:

Right to access any personal data we hold about you.
Right to rectification of inaccurate data.
Right to erasure ("right to be forgotten"). Because almost all of your data lives on your device, you can exercise this immediately by deleting the app or by tapping Settings → Privacy → Delete All My Data.
Right to data portability.
Right to object to processing, including the right to opt out of analytics (see above).
Right to lodge a complaint with your local data-protection authority. For Germany, that is your state's Datenschutzbeauftragte or the federal BfDI.

To exercise any of these rights regarding data we may indirectly hold (e.g. analytics events sent through TelemetryDeck), reach out via the App Store support channel.

Children

PASA is intended for users aged 13 and older. We do not knowingly collect data from children under 13. If you believe a child under 13 has used PASA, contact us through the App Store and we will help confirm and remove any associated data.

Data retention

On-device data: kept until you delete it or uninstall the app.
Cloudflare Worker request logs: rate-limit counters expire after 10 minutes. No request bodies are logged.
TelemetryDeck analytics events: retained per TelemetryDeck's own retention policy (typically rolling 12 months at aggregate level).

Security

Data sent over the network (Gemini requests, iCloud sync, App Store purchases) is encrypted in transit using TLS. Local data is stored in iOS's secure app sandbox and benefits from Apple's full-disk encryption when your device has a passcode set. We do not have a server that stores your personal data, so there is no central breach surface.

International transfers

Your AI requests pass through Cloudflare's edge network and reach Google's Gemini servers, which may be located outside the EU. These transfers are governed by the Standard Contractual Clauses where applicable.

Changes to this policy

If we change this policy in a substantive way, we will update the "Last updated" date above and surface a notice in the app on next launch. Continuing to use PASA after a change means you accept the updated policy.

Contact

For privacy-related questions, contact the developer through the App Store listing's "App Support" link, or by replying to any subscription receipt email from Apple. We aim to respond within 7 business days.

This policy is provided in plain English so it is actually readable. If you need a sworn translation for legal proceedings, contact us. The English version governs.