Privacy policy

Last updated: 22. 07. 2025

This Privacy Policy explains how Blekota collects and uses personal data.

TL;DR (not legally binding)

We only need your email + learning data to run the app.

We use PostHog & GA for analytics; no selling of data.

Data stays until you ask us to delete it.

We’ll email & notify you in the app 30 days before big changes.

1. Who Is Responsible (Controller)

Filip Šanda (OSVČ) – Business ID: 09867881
Špitálská 775/5, 190 00 Prague, Czech Republic
Email: [email protected] (also Data Protection contact)

2. What We Collect & Why

Data Category Examples Purpose / Lawful Basis

Account data Email address; (optional) college Create & maintain your account; perform the contract (Art. 6(1)(b) GDPR)

Learning / app data Your progress, inputs, AI context, settings Provide and improve core functionality; contract + legitimate interest (Art. 6(1)(b), (f))

Analytics data Page views, events, device/IP (short-term), cookies Service analytics & debugging; legitimate interest (Art. 6(1)(f)). We don’t sell data.

Operational logs Error logs, security logs Ensure security & reliability; legitimate interest + legal obligations

Data Category	Examples	Purpose / Lawful Basis
Account data	Email address; (optional) college	Create & maintain your account; perform the contract (Art. 6(1)(b) GDPR)
Learning / app data	Your progress, inputs, AI context, settings	Provide and improve core functionality; contract + legitimate interest (Art. 6(1)(b), (f))
Analytics data	Page views, events, device/IP (short-term), cookies	Service analytics & debugging; legitimate interest (Art. 6(1)(f)). We don’t sell data.
Operational logs	Error logs, security logs	Ensure security & reliability; legitimate interest + legal obligations

3. Cookies & Tracking

We use PostHog and Google Analytics for product/web analytics. Cookies (or similar tech) may be set for these purposes. We rely on legitimate interest where allowed. If local law requires consent for non-essential cookies, we will request it via a banner.

4. Third‑Party Processors / Transfers

We use:
Hosting: Vercel
Authentication: Google Firebase / OAuth
Analytics: PostHog, Google Analytics

These providers act as processors or independent controllers for specific purposes. Data may be transferred outside the EU using appropriate safeguards (e.g., SCCs).

5. Data Retention

We retain account and learning data until you ask us to delete it or your account is closed. Backups may persist for a limited period. Analytics data is kept as needed for trend analysis.

6. Your Rights (GDPR/EU)

You can:
Access, correct, or delete your data
Object to or restrict processing in some cases Data portability (export) Request by emailing [email protected]. We respond within 14 days.
You can also lodge a complaint with your local supervisory authority.

7. Security

We apply reasonable technical and organizational measures (e.g., HTTPS/TLS in transit, restricted access).

8. Children

We do not knowingly collect data from children under the applicable age of consent without appropriate authorization. If you believe this happened, contact us for deletion.

9. Changes to This Policy

If we make material changes, we will notify you via in‑app notice and email at least 30 days in advance.

10. Contact

Privacy questions or requests: [email protected]

Privacy Policy

Last updated: 22. 07. 2025

This Privacy Policy explains how Blekota collects and uses personal data.

TL;DR (not legally binding)

We only need your email + learning data to run the app.

We use PostHog & GA for analytics; no selling of data.

Data stays until you ask us to delete it.

We’ll email & notify you in the app 30 days before big changes.

1. Who Is Responsible (Controller)

Filip Šanda (OSVČ) – Business ID: 09867881
Špitálská 775/5, 190 00 Prague, Czech Republic
Email: [email protected] (also Data Protection contact)

2. What We Collect & Why

3. Cookies & Tracking

We use PostHog and Google Analytics for product/web analytics. Cookies (or similar tech) may be set for these purposes. We rely on legitimate interest where allowed. If local law requires consent for non-essential cookies, we will request it via a banner.

4. Third‑Party Processors / Transfers

We use:
Hosting: Vercel
Authentication: Google Firebase / OAuth
Analytics: PostHog, Google Analytics

These providers act as processors or independent controllers for specific purposes. Data may be transferred outside the EU using appropriate safeguards (e.g., SCCs).

5. Data Retention

We retain account and learning data until you ask us to delete it or your account is closed. Backups may persist for a limited period. Analytics data is kept as needed for trend analysis.

6. Your Rights (GDPR/EU)

You can:
Access, correct, or delete your data
Object to or restrict processing in some cases Data portability (export) Request by emailing [email protected]. We respond within 14 days.
You can also lodge a complaint with your local supervisory authority.

7. Security

We apply reasonable technical and organizational measures (e.g., HTTPS/TLS in transit, restricted access).

8. Children

We do not knowingly collect data from children under the applicable age of consent without appropriate authorization. If you believe this happened, contact us for deletion.

9. Changes to This Policy

If we make material changes, we will notify you via in‑app notice and email at least 30 days in advance.

10. Contact

Privacy questions or requests: [email protected]

Start Learning Smarter.

Ace college or any topic easily with your personal AI tutor.
No more pressure and stress, go at your own pace.

Ace college or any topic easily with your personal AI tutor.

Subscribe for study tips.

Subscribe to get
the best study tips.

Privacy Policy

Last updated: 22. 07. 2025

This Privacy Policy explains how Blekota collects and uses personal data.

TL;DR (not legally binding)

We only need your email + learning data to run the app. We use PostHog & GA for analytics; no selling of data. Data stays until you ask us to delete it. We’ll email & notify you in the app 30 days before big changes.

1. Who Is Responsible (Controller)

Filip Šanda (OSVČ) – Business ID: 09867881Špitálská 775/5, 190 00 Prague, Czech RepublicEmail: [email protected] (also Data Protection contact)

2. What We Collect & Why

3. Cookies & Tracking

We use PostHog and Google Analytics for product/web analytics. Cookies (or similar tech) may be set for these purposes. We rely on legitimate interest where allowed. If local law requires consent for non-essential cookies, we will request it via a banner.

4. Third‑Party Processors / Transfers

We use: Hosting: Vercel Authentication: Google Firebase / OAuth Analytics: PostHog, Google Analytics These providers act as processors or independent controllers for specific purposes. Data may be transferred outside the EU using appropriate safeguards (e.g., SCCs).

5. Data Retention

We retain account and learning data until you ask us to delete it or your account is closed. Backups may persist for a limited period. Analytics data is kept as needed for trend analysis.

6. Your Rights (GDPR/EU)

You can: Access, correct, or delete your data Object to or restrict processing in some cases Data portability (export) Request by emailing [email protected]. We respond within 14 days. You can also lodge a complaint with your local supervisory authority.

7. Security

We apply reasonable technical and organizational measures (e.g., HTTPS/TLS in transit, restricted access).

8. Children

We do not knowingly collect data from children under the applicable age of consent without appropriate authorization. If you believe this happened, contact us for deletion.

9. Changes to This Policy

If we make material changes, we will notify you via in‑app notice and email at least 30 days in advance.

10. Contact

Privacy questions or requests: [email protected]

We only need your email + learning data to run the app.

We use PostHog & GA for analytics; no selling of data.

Data stays until you ask us to delete it.

We’ll email & notify you in the app 30 days before big changes.

Filip Šanda (OSVČ) – Business ID: 09867881
Špitálská 775/5, 190 00 Prague, Czech Republic
Email: [email protected] (also Data Protection contact)

We use:
Hosting: Vercel
Authentication: Google Firebase / OAuth
Analytics: PostHog, Google Analytics

These providers act as processors or independent controllers for specific purposes. Data may be transferred outside the EU using appropriate safeguards (e.g., SCCs).

You can:
Access, correct, or delete your data
Object to or restrict processing in some cases Data portability (export) Request by emailing [email protected]. We respond within 14 days.
You can also lodge a complaint with your local supervisory authority.