1. Data We Collect (The "Evidence")

To provide our service, we collect the following personal data:

• Account Information: When you sign up, we collect your email address and username. This is the bare minimum needed to identify you and save your progress.
• Usage Data: We track your points, daily streak, completed phrases, earned badges, and bookmarked phrases. This data is essential for the App's features to function.
• AI Interaction Data: If you use the AI personalization feature, we process the inputs you provide (knowledge level, area of law) to generate your tailored maxim. We do not store these inputs after the maxim is generated.
• Payment Information: We do not process or store your payment details. All subscription transactions are handled securely by our third-party payment processor, PayPal. We only receive a confirmation that your subscription is active.

2. How We Use Your Data (The "Legal Argument")

Our legal basis for processing your data is primarily the performance of our contract with you (i.e., providing the App's services). We use your data to:

• Create and manage your user account.
• Provide the core gamified learning experience (streaks, points, levels, badges).
• Allow you to save and review phrases in your library.
• Deliver personalized content via our AI features.
• Notify a designated email address upon account deletion, as per your request.

3. Data Storage & Security (The "Secure Facility")

Your data is stored securely using Google Firebase, which provides robust security measures. While we take all reasonable steps to protect your data, no system is infallible. We cannot guarantee absolute security, but we promise we've done our due diligence. We won't be held liable for a data breach that occurs despite our commercially reasonable security efforts, but we will notify you if such an unfortunate event occurs.

4. Your Rights Under GDPR (Your "Day in Court")

You are the ultimate authority over your data. You have the right to:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Erasure ("Right to be Forgotten"): Request the permanent deletion of your account and all associated data. You can exercise this right directly from your profile page in the "Danger Zone". This action is irreversible.
• Object to Processing: Object to our processing of your data. However, as processing is essential for the App to function, this would require account deletion.
• Data Portability: Request your data in a machine-readable format.

To exercise any of these rights, please contact us. All requests will be handled in a timely manner.

5. Third Parties (The "Amicus Curiae")

We rely on a few trusted third parties to provide our service:

• Google Firebase: For database hosting, authentication, and security.
• PayPal: For processing premium subscriptions.
• Resend: For sending email notifications related to account deletion.

We do not sell or share your personal data with any other third parties for marketing purposes. That would be bad form.

6. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and we encourage you to review it periodically. Continued use of the App after changes constitutes acceptance of the new terms.

7. Contact Us

If you have any questions about this Privacy Policy, please file a motion... or just send us an email at privacy@example.com (This is a placeholder email).