1. Who we are
p8nda is operated by Volverix sp. z o.o., the data controller for personal data processed through the p8nda mobile app and website.
- Registered office: ul. Grunwaldzka 9C, 34-600 Limanowa, Poland
- Registry court: Sąd Rejonowy dla Krakowa-Śródmieścia w Krakowie, XII Wydział Gospodarczy KRS
- KRS: 0001228922
- NIP: 7372257673
- REGON: 544253033
- Share capital: PLN 5,000
Contact: [email protected]
2. What we collect
When you use p8nda, we may collect:
If you create an account (mobile app or website)
- Email address for sign-in, password reset, and account-related notifications.
- Password hash (bcrypt) if you sign up with email and password. We never store the password itself.
- OAuth identifiers if you sign in with Google or Apple: your provider account ID and verified email. We do not receive your password.
- Web sessions: after you log in on the website, an HTTP-only session cookie keeps you signed in. We store the session record server-side until you sign out or it expires.
Anonymously (no account required)
- Device identifier: a randomly generated ID stored in a first-party cookie (web) or in app storage (mobile). Used for rate limiting, anonymous quotas, and resuming flashcard sessions across reloads.
- Usage data: dictionary searches, OCR uses, and translations counted per device for rate limits and anonymous analytics.
- IP address: retained briefly in standard server logs for abuse prevention.
Feature data (mobile app and website)
- Translation data: text you submit for AI translation is processed by Google's Gemini API. We store your translation history (input, result, timestamp) so you can revisit past translations and so repeated queries return instantly. Tied to your account if signed in, otherwise to your device.
- Flashcard data: custom decks you create, your card lists, per-word study statistics, completed-session history, and the queue/state of any in-progress session you can resume after a reload.
- Word view history: the words you've recently looked at, kept locally and synced if signed in.
- Settings: preferences such as font size, study direction, audio autoplay, and similar options. Stored in cookies (web) or app storage (mobile), and synced if signed in.
Mobile app only
- AI Q&A data: questions you ask about words, processed by Google's Gemini API.
- Stroke practice data: per-character stroke practice scores and streaks, stored locally and optionally synced.
- Audio and stroke cache: pronunciation audio and stroke data downloaded on demand, stored on your device only.
- Device info: platform, OS version, and app version for compatibility and debugging.
Website only
- OCR images: images pasted for text extraction are sent to Google's Gemini API. Images are not stored permanently. They are deleted from our servers within seconds after processing.
- Cookies: a device ID cookie for rate limiting, a session cookie if you log in, and small preference cookies (theme, study settings). No third-party tracking cookies are used.
- Analytics: we use Umami, a privacy-focused, cookie-free, open-source analytics tool self-hosted on our servers. It collects anonymous page views (page URL, referrer, browser, country) and feature usage (searches, audio plays, stroke order practice) without using cookies or tracking individuals. No personal data is collected or shared with third parties.
- Local storage: recent dictionary searches and a few UI flags are stored in your browser's local storage. This data never leaves your device and can be cleared at any time.
3. How we use your data
- To provide the dictionary, translation, OCR, AI Q&A, and flashcard services.
- To authenticate you, keep you signed in, send password resets, and let you delete your account.
- To sync your decks, word history, translations, stroke practice, and settings across your devices when you are signed in.
- To enforce rate limits and prevent abuse.
- To cache translation and OCR results so repeated queries are instant.
- To produce anonymous, aggregated analytics that help us understand which features are used.
4. Data storage
Account and feature data (email, password hash, decks, translation history, flashcard sessions, settings, word history) is stored on our servers in the European Union (Hetzner, Helsinki) when you are signed in.
Mobile app: a local copy is also kept on your device so the dictionary and your data work offline.
Website (signed out): only a device ID cookie and a small amount of browser local storage are stored on your device. Anything you submit (OCR image, translation text) is processed and not retained beyond what is needed to give you the result.
5. Third-party services
- Google Gemini API: used for AI translations and AI Q&A about words, and for image OCR on the website. See Google's Privacy Policy.
- Google / Apple Sign-In: if you choose to sign in with one of these providers, we receive your email and provider account ID. Available on the mobile app and website.
- Resend: used to send transactional email (verification, password reset, email-change confirmation). Resend processes the recipient address and message body. See Resend's Privacy Policy.
- ElevenLabs: used to generate word and example pronunciation audio. No user data is sent to ElevenLabs. Audio files are pre-generated and served from our CDN.
- Umami Analytics: self-hosted, open-source, cookie-free web analytics. No data is shared with third parties. See umami.is.
- Cloudflare R2: hosts audio and stroke data on our CDN. No personal data is stored there.
- Hetzner: hosts our application servers and database in Helsinki, Finland. EU-based infrastructure provider.
6. Your rights (GDPR)
You can access, correct, or delete your data at any time. See how to delete your account for step-by-step instructions on the website and in the mobile app, or contact [email protected].
You also have the right to lodge a complaint with the Polish data protection authority (Prezes Urzędu Ochrony Danych Osobowych, UODO).
7. Data retention
Account deletion anonymizes all personal data immediately. Anonymous usage statistics may be retained. OCR images are never retained beyond processing. Inactive flashcard sessions and web login sessions are pruned automatically (active sessions after 14 days, web login sessions after 7 days past expiry).
8. Children
p8nda is not directed at children under 13. We do not knowingly collect personal data from children under 13.
