GDPR Privacy Policy

Effective Date: November 19, 2025
Last Updated: November 19, 2025

1. Introduction

Sir Types-A-Lot (“we,” “us,” “our,” or “the Company”) is committed to protecting your privacy. This Privacy Policy explains how Tetradex LLC collects, uses, discloses, and safeguards your information when you use our language learning keyboard mobile application (“the App” or “Service”).

We process your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This policy provides transparency about our data practices and your rights.

For the purposes of GDPR, the data controller is:
Tetradex LLC
6605 Grand Montecito Pkwy, Las Vegas, NV 89149-0210 USA
Email: [email protected]

2. Interpretation and Definitions

Interpretation

Words with initial capitalization have meanings defined below. These definitions apply in singular or plural form.

Definitions

  • Account: A unique account created for you to access premium features of the App.
  • Company: Tetradex LLC, the data controller under GDPR.
  • Country: United States.
  • Data Controller: Tetradex LLC, which determines the purposes and means of processing personal data.
  • Device: Any device accessing the App, such as a smartphone or tablet.
  • Personal Data: Any information relating to an identified or identifiable individual, as defined under GDPR.
  • Service: The Sir Types-A-Lot mobile app.
  • Service Provider: Third parties processing data on our behalf (data processors under GDPR).
  • Usage Data: Automatically collected data from App use.
  • You: The individual using the App (referred to as the Data Subject under GDPR).

3. Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

We collect the following personal data to provide and improve the Service:

  • Account Information: User ID (unique identifier from Firebase Authentication), authentication status, subscription status.
  • Usage Information: Translation requests (text you submit), language preferences, API usage metrics (requests and tokens for fair usage), timestamps of translation features. No personal identifying data is ever stored or logged for longer than the duration of the request.
  • Subscription Information: Transaction IDs from Apple App Store, subscription tier/status, purchase/expiration dates, regional pricing (country code only).
  • Diagnostic Data: Crash logs, stack traces, and device information relevant to software failures.

We do not collect sensitive personal data (e.g., racial/ethnic origin, health data) unless inherent in user-submitted text for translation, which is processed only as necessary and not stored.

Usage Data

Collected automatically:

  • Device type, unique device identifiers, IP address (temporarily for security, stored for the duration of the request), operating system.

No location data, email (except if used for authentication), or cross-app tracking is collected.

Settings and Preferences

Stored locally on your Device and not considered personal data unless synced (e.g., language selections, pronunciation preferences, personalization prompts, keyboard layouts).

How We Collect Your Data

  • Directly from you: When you create an account, submit text for translation, or manage subscriptions.
  • Automatically: Via App usage (e.g., metrics for fair usage).
  • From third parties: Apple for subscription details; Google Firebase for authentication/storage.

Tracking Technologies

The App does not use cookies, web beacons, or advertising identifiers. We do not track behavior across apps or use analytics tools like Google Analytics.

4. Use of Your Personal Data

We process personal data for the following purposes, based on these lawful bases under GDPR Article 6:

  • To Provide Core Services (Lawful basis: Performance of a contract - Art. 6(1)(b)): Process translations, generate phonetic guides, create lessons, manage subscriptions/credits.
  • To Ensure Fair Usage (Lawful basis: Legitimate interests - Art. 6(1)(f), balanced against your rights): Track API usage, enforce quotas, prevent abuse.
  • To Improve App Stability: Analyzing diagnostic data and crash reports to fix bugs and improve service reliability.
  • To Maintain Security (Lawful basis: Legitimate interests - Art. 6(1)(f)): Verify usage, prevent unauthorized access, monitor suspicious activity.
  • Compliance and Legal Obligations (Lawful basis: Legal obligation - Art. 6(1)(c)): Retain data for audits or disputes.

We do not use your data for marketing, profiling, or automated decisions with legal effects. No profiling is performed.

5. Sharing of Your Personal Data

We share personal data only as necessary:

  • With Service Providers:
    • Google Vertex AI: For Persona/AI translations (text only; processed securely). Data Processor: Processes text you submit for translations and AI features under our instructions only.
    • Google Firebase: For authentication, storage, and metrics (Google acts as data processor with GDPR-compliant agreements). Data Processor: Provides authentication, secure storage, and service-related backend functions; processes data only on our instructions.
    • Google Firebase Crashlytics: For crash reporting and stability monitoring. Data Processor: Collects diagnostic data to identify and resolve application errors. For GDPR-regulated users, Crashlytics data collection is based on your explicit consent (Art. 6(1)(a)).
    • Apple: For subscription management (they handle payments independently). Independent Controller: Manages subscription payments, billing, and fraud prevention under its own legal and privacy obligations.
  • For Legal Reasons: If required by law, to enforce terms, or protect rights (e.g., fraud prevention).
  • Business Transfers: In mergers/acquisitions, with notice and safeguards.

We do not sell, rent, or share data with advertisers/marketers. All sharing complies with GDPR, using data processing agreements (DPAs) with processors.

6. Transfer of Your Personal Data

Your data may be transferred to and processed in countries outside the EU/EEA, including the US (e.g., Google services). We ensure adequate safeguards:

  • Standard Contractual Clauses (SCCs) approved by the EU Commission.
  • Binding Corporate Rules where applicable.

Contact us for copies of safeguards. Standard on-device translations remain on your Device (no transfer).

7. Retention of Your Personal Data

We retain data only as long as necessary:

  • Usage History: While your account is active (up to 12 months after inactivity, then deleted).
  • Rate Limiting Data: 6 hours.
  • Security Logs: 24 hours.
  • Account Data: Until deletion request; removed immediately upon request.
  • Local Data: Until you delete the App.
  • Subscription Data: As required by Apple (typically until end of billing period).

Data is deleted securely when no longer needed, unless retained for legal obligations (e.g., tax records, up to 7 years).

8. Data Security

We implement measures per GDPR Article 32:

  • HTTPS encryption for transmissions.
  • Firebase Authentication with token management.
  • App Check for API security.
  • Strict access rules (you access only your data).
  • Rate limiting and monitoring.

Despite this, no system is 100% secure; we notify authorities/users of high-risk breaches within 72 hours (GDPR Articles 33-34).

9. Your Data Protection Rights

Under GDPR, you have:

  • Right to Access (Art. 15): Request copies of your data.
  • Right to Rectification (Art. 16): Correct inaccurate/incomplete data.
  • Right to Erasure (“Right to be Forgotten”, Art. 17): Delete data under conditions (e.g., no longer needed).
  • Right to Restrict Processing (Art. 18): Limit processing under conditions.
  • Right to Object (Art. 21): Object to processing based on legitimate interests.
  • Right to Data Portability (Art. 20): Receive/export data in machine-readable format.
  • Rights re: Automated Decisions (Art. 22): Not subject to solely automated decisions with legal effects (none in our App).
  • Right to Withdraw Consent (if applicable): Anytime, without affecting prior processing.

To exercise rights, email [email protected] with “DSAR” in the subject, including your User ID. We verify identity and respond within 1 month (extendable to 3 months for complex requests). No fee for standard requests; excessive requests may incur costs.

For account deletion:

  1. In-App: Settings → Account → Delete Account.
  2. Email: [email protected] with “Data Deletion Request” and User ID. Processed within 30 days.

10. Children’s Privacy

We do not knowingly collect data from children under 13 (or 16 in some EU countries). If discovered, we delete it immediately. No age-specific data is required.

11. Data Protection Impact Assessment (DPIA)

We conducted a DPIA for AI features; risks are low due to minimal data and user controls.

12. Changes to This Policy

We notify material changes via in-App notice. Continued use accepts updates. Check “Last Updated” date.

13. Contact Us

For questions: [email protected] or https://theknightshire.co.uk/sirtypesalot/support.html.

14. How to Complain

If unsatisfied, contact your local data protection authority (e.g., via edpb.europa.eu). We cooperate fully.

By using the App, you acknowledge this Policy. For CCPA/CPRA/COPPA compliance, see relevant sections (aligned with GDPR).