Privacy Policy
Application Name: Capishify
1. Introduction
This Privacy Policy describes how Ahmet Özcan & Oğuzhan Yusuf Tozlu ("we", "us", "our") collects, processes, stores, and protects the personal data of individuals ("User", "you") who use the Capishify mobile application ("App").
By downloading and using the App, you acknowledge that you have read and agree to this Privacy Policy.
2. Data We Collect
2.1 Account and Identity Data
- Email address: Used for account creation, authentication, and system notifications.
- Display name / username: Used for in-app personalization (information you optionally provide).
- Encrypted authentication credentials: Passwords are stored exclusively in hashed form and are never stored in plain text.
2.2 Voice and Speech Data
- Audio recordings: Voice recordings captured during IELTS speaking practice, pronunciation analysis, and voice chat features.
- Transcripts: Written text automatically generated from your audio recordings.
- Pronunciation analysis results: Phoneme-level accuracy assessments.
These data are processed solely to provide the requested service and are never used for advertising, profiling, or third-party sales.
2.3 Learning and Progress Data
- IELTS evaluation results and band scores.
- Vocabulary card study history and statistics.
- Podcast and story completion data.
2.4 Device and Technical Data
- Operating system type and version (iOS / Android).
- App version.
- Anonymous crash and error logs.
2.5 Subscription and Payment Data
In-app purchases are processed exclusively through the Apple App Store or Google Play Store. Payment card information and all financial data are handled directly by the respective store platform and are never transmitted to or stored in our systems.
3. How We Use Your Data
We use the data we collect solely for the following purposes:
| Purpose | Data Used |
|---|---|
| Account creation and authentication | Email, password |
| IELTS speaking evaluation | Audio recording, transcript |
| Pronunciation analysis and feedback | Audio recording, pronunciation data |
| Voice chat feature | Audio recording, transcript |
| Personalized learning experience | Learning history |
| Technical error detection and improvement | Device info, error logs |
| Subscription management | Purchase history (anonymous ID) |
4. Third-Party Service Providers
We work with the following third-party service providers to deliver our services. These providers process data only within the stated scope of their service and may not use it for any other purpose.
| Provider | Purpose | Data Processed | Location |
|---|---|---|---|
| OpenAI | AI language model (story, chat, feedback) and text-to-speech (TTS) | Text only (prompts and text to synthesize); your audio recordings are not sent | USA |
| ElevenLabs | Text-to-speech (TTS) fallback | Text only | USA |
| Modal | Infrastructure / compute provider — our self-hosted speech recognition (Faster-Whisper), pronunciation analysis (wav2vec2) and evaluation services run here | Audio recording (transient; deleted as soon as processed), transcript | USA |
| MyMemory (Translated) | Translation of words you look up in the dictionary | The word / short text you look up | EU |
| RevenueCat | In-app subscription management | Anonymous subscription ID | USA |
| Supabase | Cloud database, authentication, and file storage | Account and learning data | USA / EU |
| Apple / Google | App distribution, payment infrastructure, and Sign in with Google | Payment data (handled by the store), sign-in info | USA |
Privacy policies: OpenAI · ElevenLabs · Modal · MyMemory · RevenueCat · Supabase
International transfer: Some of the providers above are located abroad (notably the USA), so your data may be transferred internationally to provide the service. All transfers occur over encrypted connections (TLS) and are limited to the data the relevant service requires. Your audio recordings are not shared with third-party AI companies (OpenAI, ElevenLabs); they are processed only transiently on our self-hosted services (on Modal infrastructure).
5. Special Provisions for Audio Data
Your audio recordings are handled according to the following principles:
- Audio files are permanently deleted from our servers immediately upon analysis completion (within the same request, typically within seconds) and are not stored.
- Evaluation results (scores, feedback) remain stored in your account.
- Your audio is sent to our self-hosted AI models (Faster-Whisper / wav2vec2 running on our infrastructure provider, Modal) for transcription and pronunciation analysis; it is not shared with third-party AI companies such as OpenAI or ElevenLabs. All transmissions occur over encrypted connections (TLS).
- Audio data is never processed for advertising, sold, or incorporated into any profiling system.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Audio recordings | Permanently deleted immediately upon analysis completion; not stored on our servers |
| Evaluation results | For the duration your account is active |
| Learning history | For the duration your account is active |
| Account data | Within 30 days of account deletion |
| Anonymous error logs | 90 days |
Upon account deletion, your personal data will be permanently removed from our systems within 30 days, except where legal retention obligations apply.
7. Microphone Permission
The App requests access to your microphone for IELTS speaking practice, pronunciation analysis, and voice chat features. This permission:
- Is only activated when you are actively using the relevant feature.
- Is never active in the background.
- Can be revoked at any time through your device system settings.
Revoking this permission will disable voice-based features, but all other features (vocabulary cards, reading, podcast) remain fully functional.
8. Data Security
We apply the following technical and administrative measures to protect your data:
- All communication between the server and the App is secured using TLS encryption.
- Passwords are never stored in plain text; industry-standard hashing algorithms are used.
- Session management is handled through short-lived access tokens and a secure renewal mechanism.
- Database access is restricted by authentication-required policies.
No system is 100% secure. If you become aware of any threat to the security of your data, please notify us immediately.
9. Your Rights
You have the following rights over your personal data:
- Right of access: The right to learn what data of yours is being processed.
- Right to rectification: The right to request correction of inaccurate or incomplete data.
- Right to erasure: The right to request deletion of your data ("right to be forgotten"). Available immediately through the in-app "Delete Account" feature.
- Right to restriction of processing: The right to request suspension of processing under certain conditions.
- Right to data portability: The right to receive your data in a structured, machine-readable format.
- Right to object: The right to object to the processing of your data.
To exercise these rights, contact us at capishify@gmail.com. Requests are responded to within 30 days.
10. Children's Privacy
Capishify is not directed at children under the age of 13. We do not knowingly collect personal data from individuals under 13. If we become aware that data belonging to a child has been collected, we will delete it immediately.
11. Policy Changes
Material changes to this Policy will be communicated through in-app notifications or email. Continued use of the App following the effective date of a change constitutes acceptance of the updated Policy.
12. Contact
For questions about this Privacy Policy:
Ahmet Özcan & Oğuzhan Yusuf Tozlu
Email: capishify@gmail.com
Address: Istanbul, Türkiye
This document has been prepared specifically for the Capishify application.