Privacy Policy

This Privacy Policy applies to:

• the THE POWER APP mobile application available on the Google Play Store and Apple App Store,
• all services, features, and content provided through the Application.

This Privacy Policy is effective as of January 11, 2026.

The Application is intended exclusively for users who are 18 years of age or older.

The controller does not knowingly collect or process personal data of individuals under the age of 18. If it is determined that personal data of a minor has been collected, such data will be deleted without undue delay.

Users are advised not to share sensitive personal data (e.g., health, legal, financial information) through AI interactions within the Application.

The Application requires users to create an account in order to access its features. Depending on how the Application is used, the following categories of personal data may be collected:

Personal data is processed for the following purposes:

• to enable the creation and management of user accounts and provide access to the Application's core features,
• to deliver personalized content, including AI-generated responses, lessons, and challenges,
• to analyze user activity and improve the quality, functionality, and performance of the Application,
• to communicate with users regarding important information related to the Application,
• to ensure the security of the Application and prevent fraud, abuse, or unauthorized access,
• to manage subscriptions and process payments via Google Play Billing or Apple App Store.

Paid features or subscriptions are processed through Google Play Billing for Android users and Apple App Store for iOS users. Prices, billing periods, and auto-renewal terms are clearly displayed in the Application. Users can cancel subscriptions at any time via their respective store subscription settings (Google Play or Apple ID).

AI Disclaimer: THE POWER APP is not a medical, psychological, or legal service. The Application does not provide professional advice. All content provided by the AI is for educational and motivational purposes only. Furthermore, data submitted through user prompts to the AI provider (OpenAI) is processed exclusively for the purpose of generating immediate responses in the Application and is not utilized to train or fine-tune the provider's general AI models, as per our configurations and agreements.

Personal data is processed in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR), based on one or more of the following legal grounds:

• Consent (Art. 6(1)(a) GDPR): the user's consent, expressed by accepting the Privacy Policy and Terms of Service during account registration.
• Contractual Necessity (Art. 6(1)(b) GDPR): the performance of a contract, as the processing of data is necessary to provide access to the Application and its services.
• Legal Obligation (Art. 6(1)(c) GDPR): compliance with legal obligations, particularly those related to accounting or payment processing, if applicable.
• Legitimate Interest (Art. 6(1)(f) GDPR): the controller's legitimate interests, such as ensuring the security of the Application, preventing misuse, and analyzing aggregate usage to improve services.

The Application uses the following third-party services to provide its features and functionality:

• Firebase (Authentication, Firestore, Cloud Functions, Analytics, and Crashlytics) for user management, data storage, backend logic, analytics, and performance monitoring.
• OpenAI API for generative AI features such as chat and content generation.
• Pinecone for vector database storage necessary to provide context-aware AI interactions, memory, and search capabilities.
• Google Play Services and Apple Ecosystem for integration with native device functionalities.
• Google Play Billing and Apple App Store Payments for processing subscriptions and in-app purchases.

The controller has entered into appropriate Data Processing Agreements (DPAs) or relies on standard contractual clauses defined by all integrated third-party providers.

The Application does not sell or share user data with any third-party entities for commercial purposes.

The Application may transfer personal data to third-party services located outside the European Union, including Google (Firebase), OpenAI (USA), and Pinecone (USA).

These transfers are carried out in accordance with applicable EU data protection laws, using Standard Contractual Clauses (SCC) and other appropriate supplemental safeguards to ensure the security and protection of personal data.

Personal data is retained only as long as necessary to provide the Application's services or as required by law:

• Account Data (Profile, AI Interactions, Activity): Retained until the user requests account deletion. Upon such request, data is securely erased from operational databases.
• Accounting and Financial Data (if applicable): Retained for the statutory period defined by local tax or financial laws (e.g., typically 5 - 7 years).
• Analytics and Telemetry Data: Aggregated usage and crash logs are retained typically up to 14-26 months to analyze and improve application stability, after which they are automatically deleted or anonymized.

The Application implements the following security measures to protect personal data:

• Encryption at rest: All stored user data is encrypted on servers.
• Encryption in transit: All data transmitted between the Application and backend services is encrypted using HTTPS/TLS.
• Access control: Access to personal data is restricted to authorized personnel only.
• Abuse prevention and unauthorized access protection: Measures are in place to prevent misuse, unauthorized access, and security breaches.

The Application and associated website do not use cookies or similar tracking technologies for advertising or marketing objectives.

In-app analytics (e.g., Firebase Analytics) are utilized strictly on the basis of Legitimate Interest (GDPR Art. 6(1)(f)) to monitor app stability, analyze core functionality performance, and perform essential bug-tracking.

Because tracking is strictly operational and non-commercial, standard opt-out interfaces are not provided; however, users may object to processing by utilizing account deletion or direct inquiry. Data is never sold to third parties.

Under the GDPR and other applicable data protection laws, users have extensive rights regarding their data. Specifically, you have the right to:

• Right to Access: Obtain a copy of the personal data we hold about you.
• Right to Rectification: Request corrections to inaccurate or incomplete data.
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data entirely.
• Right to Object / Withdraw Consent: Object to the processing of your data on grounds of legitimate interest, or withdraw previously granted consent at any time (withdrawal does not affect the lawfulness of processing based on consent before withdrawal).
• Right to Data Portability: Receive your data in a structured, commonly used format.
• Right to Complain: Lodge a complaint with a relevant national data protection supervisory authority.

To exercise these rights, please contact the administrator at kf.tulecki@gmail.com

Users may exercise their right to erasure at any time. You can delete your account and associated personal data directly within the Application using the "Delete account" functionality.

Alternatively, users may request account and data deletion from outside the Application by sending an email to kf.tulecki@gmail.com. We will verify and process such requests without undue delay, ensuring all personal data is permanently removed from all storage systems (Firebase, Pinecone, frontend state).

If you experience any issues with deleting your account, contact the administrator at kf.tulecki@gmail.com for immediate assistance.

The Privacy Policy may be updated or modified from time to time. Users will be informed of any material changes through updates in the Application or via email notification, if applicable.

For any questions or concerns regarding this Privacy Policy or the processing of personal data, please contact the administrator at: kf.tulecki@gmail.com