Privacy Policy
Last updated: 5 June 2026 · Effective: 5 June 2026
This Privacy Policy explains what information the Codalingo mobile application (“Codalingo”, “the app”, “we”, “us”) collects, how we use it, who we share it with, and the choices and rights you have. By using Codalingo you agree to the practices described here.
1. Information we collect
We collect only what we need to run the app, keep your progress, show ads to free users, and manage subscriptions.
| Category | Examples | Source |
|---|---|---|
| Account & identity | Name and email (via Google or Apple sign-in), phone number (if you sign in with phone OTP), and your unique user ID | You / Firebase Authentication |
| App activity | Lessons started and completed, quiz answers, streaks, in-app screens viewed, settings | The app / Firebase Analytics |
| Purchases | Subscription status and purchase history (we do not receive your card number) | RevenueCat / Google Play / App Store |
| Device & technical | Device model, OS version, language, app version, advertising ID, IP address, approximate (coarse) location derived from IP | Automatically / SDKs |
| Diagnostics | Crash logs and basic performance data | Google SDKs |
| Notifications | Push token used to send streak/learning reminders | Firebase Cloud Messaging |
We do not collect precise GPS location, contacts, photos, or any special-category (sensitive) data.
2. How we use your information
- Provide the app — create your account, save progress and streaks, sync across devices.
- Subscriptions — unlock premium content and manage renewals via RevenueCat.
- Notifications — send learning and streak reminders (you can turn these off).
- Advertising — show ads to free users through Google AdMob (see §4).
- Analytics & improvement — understand which lessons work and fix problems.
- Security & legal — prevent fraud and abuse and comply with law.
3. Third-party services we use
Codalingo relies on the following service providers, each with its own privacy policy:
| Provider | Purpose | Privacy policy |
|---|---|---|
| Google AdMob | Showing ads to free users | policies.google.com/privacy |
| Google Firebase (Authentication, Analytics, Cloud Messaging) | Sign-in, usage analytics, push notifications | firebase.google.com/support/privacy |
| RevenueCat | Subscription management | revenuecat.com/privacy |
| Google Play / Apple App Store | Processing your payment | Google / Apple policies |
4. Advertising and the advertising ID
Free versions of Codalingo display ads served by Google AdMob. To do this, AdMob and its partners may access your device’s advertising ID and limited device/usage signals to select and measure ads, including (by default) personalized ads.
- Android: you can reset or delete your advertising ID, and opt out of personalization, in
Settings → Privacy → Ads. - iOS: we request tracking permission (App Tracking Transparency); if you decline, you will not be tracked for cross-app advertising. You can also adjust this in
Settings → Privacy & Security → Tracking. - EEA/UK: we show a consent message (Google’s certified CMP); ads behave according to your choice.
- Premium subscribers do not see ads.
Learn more about how Google uses data from apps that use its services: policies.google.com/technologies/partner-sites.
5. Legal bases for processing (EEA/UK – GDPR)
- Contract — to provide the app, your account, and subscriptions.
- Consent — for personalized ads and (on iOS) tracking, and for push notifications; you can withdraw consent at any time.
- Legitimate interests — to keep the app secure, prevent abuse, and improve our service.
- Legal obligation — to comply with applicable laws.
6. How we share information
We do not sell your personal information for money. We share data only:
- with the service providers listed in §3, acting on our behalf or as independent controllers (e.g., Google AdMob for advertising);
- to comply with law, enforce our terms, or protect rights and safety;
- in connection with a merger, acquisition, or sale of assets, with notice.
Note that sharing device identifiers with advertising partners for personalized ads may be considered a “sale” or “sharing” under some U.S. state laws — see §10 for your opt-out.
7. Data retention
We keep account data for as long as your account is active. When you delete your account (see §8), we delete or anonymize associated personal data within 30 days, except where we must retain limited records for security, fraud prevention, tax, or legal compliance. Analytics and advertising data are retained according to Google’s and RevenueCat’s standard retention periods.
8. Account and data deletion
You can delete your Codalingo account and associated personal data at any time:
- In the app: open
Profile → Account → Delete accountand confirm. - On the web: submit a request at codalingo.app/delete-account or email contact@codalingo.app from your registered address.
Deleting your account removes your profile, learning progress, streaks, and identifiers tied to your account. Some records may be retained briefly as described in §7. Subscriptions are billed by Google Play or Apple — cancel them in your store account to stop future charges.
9. Your privacy rights
Depending on where you live, you may have the right to access, correct, delete, port, or restrict your personal data, and to object to or withdraw consent for certain processing. To exercise any right, email contact@codalingo.app. We will respond within the time required by law. EEA/UK users may also lodge a complaint with their local data protection authority.
10. California privacy rights (CCPA/CPRA)
California residents have the right to know what personal information we collect, to delete it, to correct it, and to opt out of its “sale” or “sharing” for cross-context behavioral advertising. We do not sell personal information for money, but our use of advertising identifiers with AdMob may qualify as “sharing.”
To opt out, disable personalized ads via your device settings (§4) or email contact@codalingo.app with “Do Not Sell or Share My Personal Information.” We do not discriminate against you for exercising these rights.
11. Children’s privacy
Codalingo is intended for users aged 13 and over and is not directed to children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us data, contact contact@codalingo.app and we will delete it.
12. Security
Data is encrypted in transit (HTTPS/TLS). We rely on Google’s and RevenueCat’s secure infrastructure and apply reasonable safeguards. No method of transmission or storage is 100% secure, but we work to protect your information.
13. International data transfers
Our providers (Google, RevenueCat) may process data on servers outside your country, including the United States. Where required, such transfers rely on appropriate safeguards such as the EU Standard Contractual Clauses.
14. Changes to this policy
We may update this policy from time to time. We will post the new version here and update the “Last updated” date. Material changes will be notified in-app or by other reasonable means.
15. Contact us
Questions or requests about privacy:
Ammar Khatib, develooper
Email: contact@codalingo.app
Website: codalingo.app