Privacy Policy

Last updated: March 14, 2026

Plavler ("we," "us," or "our") is a language-learning application developed by Nagaraju Maduru. Your privacy matters to us. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have regarding your data. By using Plavler, you agree to the practices described in this policy.

Plavler is available globally, including in the European Economic Area (EEA), the United Kingdom, North America, and Asia. We are committed to complying with applicable data-protection laws, including the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), the Children's Online Privacy Protection Act (COPPA), and other applicable regional privacy laws.

1. Data Controller

The data controller responsible for your personal data is:

Nagaraju Maduru
Email: support@plavler.com

2. Information We Collect

This section lists the operators and third-party services that collect personal information through Plavler, the types of information collected, how it is collected (directly from the user or passively), and how it is used.

2.1 Information You Provide

  • Account information – When you create an account, we collect your name, email address, and authentication credentials. If you sign in with Google, we receive your Google profile name, email address, and profile picture URL as permitted by your Google account settings.
  • Chat messages – Text messages you send and receive within Plavler's chat feature.
  • Voice data – Audio recordings captured through your device's microphone when you use pronunciation practice or speech-related features. Audio data is processed in real time and is not stored on our servers.
  • Support correspondence – Any information you provide when contacting us for support.

2.2 Information Collected Automatically

  • Device & technical information – Device type, operating system and version, unique device identifiers, app version, language settings, and time zone.
  • Usage & analytics data – Screens viewed, features used, session duration, learning progress, scores, streaks, in-app actions, and crash/error logs.
  • Advertising identifiers – Google Advertising ID (Android) or Identifier for Advertisers (IDFA on iOS), used to serve and measure ads. These identifiers are not collected from users identified as children (see Section 12).
  • IP address – Collected by our third-party service providers (see Section 5) for analytics, ad delivery, and approximate geolocation.

2.3 Information from Third-Party Services

  • Google Sign-In – Profile name, email, and profile picture (as authorised by you).
  • Payment platforms – Google Play and the Apple App Store handle all premium-subscription and in-app-purchase transactions. We receive a transaction confirmation and subscription status but never receive or store your payment card details or billing address.

2.4 Special Disclosure — Data Collected from Children

Because Plavler is a mixed-audience app that may be used by children, we disclose the following categories of information that may be collected from child users through APIs and SDKs integrated in the app:

  • Authentication data – Email address and authentication tokens (Firebase Authentication).
  • Microphone sensor data – Audio captured during pronunciation and speaking exercises (processed in real time; not stored).
  • Device data – Device type, OS version, and app version (collected by Firebase Analytics and Crashlytics).
  • Ad usage data – Ad impressions and interactions (collected by AdMob; limited to contextual, non-personalised ads for child users).

We do not transmit the Android Advertising ID (AAID), SIM serial, Build serial, BSSID, MAC address, SSID, IMEI, or IMSI from child users or users of unknown age. We do not request the device phone number via the Android TelephonyManager API. We do not collect or transmit precise location data from child users.

2.5 Operators Collecting Personal Information from Children

In compliance with COPPA's requirement to identify all operators that collect personal information from children through our service, the following third-party services may collect information from child users:

  • Google (Firebase Authentication) — Collects email address and authentication tokens.
  • Google (Firebase Analytics & Crashlytics) — Collects device data and persistent identifiers for internal operations.
  • Google (AdMob — Families Self-Certified version) — Collects ad interaction data for contextual (non-personalised) advertising.

For enquiries about any of these operators' practices regarding children's data, you may contact Plavler at support@plavler.com.

3. On-Device Storage Model

Plavler is designed with a local-first architecture. Your learning data—including progress, scores, preferences, and lesson history—is stored on your device. We do not maintain a separate backend database of your learning data. However, certain data is processed server-side through the Google and Firebase services described below.

4. How We Use Your Information

  • Provide and operate the app – Authenticate your account, deliver language lessons, track progress, and enable chat features.
  • Personalise your experience – Adapt lesson content, difficulty, and recommendations based on your learning activity.
  • Generate learning content – We send limited contextual prompts to Google's Gemini API to generate exercises, explanations, and example sentences. These prompts do not include your name, email, or other personal identifiers.
  • Text-to-Speech – We use Google Cloud Text-to-Speech to convert lesson text into audio. The text sent for synthesis does not contain personal information.
  • Process voice input – Analyse your spoken audio for pronunciation feedback. Audio is processed in real time and is not persistently stored.
  • Serve advertisements – Display personalised or contextual ads through Google AdMob (see Section 6).
  • Process subscriptions – Verify your premium subscription status through Google Play Billing or Apple In-App Purchases.
  • Send notifications – Deliver push notifications about streaks, reminders, and new content.
  • Analytics and improvement – Understand how the app is used, diagnose crashes, and improve features.
  • Security and fraud prevention – Detect, prevent, and respond to abuse, fraud, and security incidents.
  • Legal compliance – Comply with applicable laws, regulations, and legal processes.

5. Firebase & Google Services

Plavler relies on Google Firebase and related Google Cloud services:

  • Firebase Authentication – Manages user sign-in. Stores authentication tokens, email, and profile information on Google's servers.
  • Cloud Firestore – May be used to store account-level data such as subscription status and user preferences.
  • Firebase Analytics – Collects app usage events, session data, device information, and advertising identifiers.
  • Firebase Crashlytics – Collects crash reports including stack traces, device state, and device identifiers.
  • Firebase Cloud Messaging (FCM) – Delivers push notifications.
  • Firebase Remote Config – Delivers configuration parameters based on device attributes.
  • Firebase Cloud Functions – Executes server-side logic for tasks such as subscription verification.
  • Google Gemini API – We send text-based prompts to generate learning content. We do not send personally identifiable information in these prompts.
  • Google Cloud Text-to-Speech – Converts text into spoken audio. Lesson text (not personal data) is sent to Google's servers for synthesis.

Google's handling of data is governed by the Google Privacy Policy and the Firebase Privacy and Security documentation.

6. Advertising (Google AdMob)

Plavler displays ads through Google AdMob. AdMob and its mediation partners may collect:

  • Advertising identifiers (Google Advertising ID / IDFA)
  • Device information (model, OS, screen size)
  • IP address (for approximate location)
  • Ad interaction data (impressions, clicks)

Your choices:

  • Opt out of personalised ads – Reset or disable your device's advertising identifier in your device settings.
  • Premium subscribers – Ads are removed entirely, and no ad-related data is collected.
  • EEA/UK users – We request your consent before serving personalised ads. You can withdraw consent at any time through the app's settings.

6.1 Advertising to Children

We take the following measures when serving ads to child users:

  • Ads shown to children use Google Play Families Self-Certified Ads SDK versions only.
  • No interest-based or remarketing ads for children.
  • All ads contain age-appropriate content.
  • Advertising identifiers are not collected for children or users of unknown age.
  • Ad formats comply with Google Play Families requirements (no disruptive ads, closeable after 5 seconds, no ads on launch, etc.).

Age screening: Plavler implements a neutral age screen to determine whether a user is a child. Ads SDK behaviour and data collection are adjusted accordingly.

7. Premium Subscriptions & Payments

Premium subscriptions are processed exclusively through Google Play Billing (Android) and Apple In-App Purchases (iOS). We do not collect, process, or store your credit/debit card number, billing address, or any other financial information.

8. Data Sharing & Disclosure

We do not sell your personal information. We share your data only in the following circumstances:

  • Service providers – With Google (Firebase, AdMob, Gemini API, Cloud Text-to-Speech) as a data processor acting on our behalf.
  • Chat participants – Messages you send are visible to other users in that conversation.
  • Legal requirements – If required by law, regulation, legal process, or governmental request.
  • Safety and rights – To protect the rights, property, or safety of Plavler, our users, or others.
  • Business transfers – In connection with a merger, acquisition, or sale of assets.
  • Aggregated/anonymised data – We may share data that can no longer reasonably identify you.

9. International Data Transfers

Your data may be transferred to and processed in the United States or other countries where Google operates data centres. For transfers from the EEA, UK, or Switzerland, we rely on Google's compliance with the EU–U.S. Data Privacy Framework and Standard Contractual Clauses (SCCs).

10. Data Retention

  • On-device data – Persists until you clear app data or uninstall the app.
  • Account data – Retained while your account is active. Deleted or anonymised within 30 days of an account deletion request.
  • Analytics & crash data – Firebase Analytics data retained up to 14 months. Crashlytics data retained for 90 days.
  • Ad data – Retained by Google per their data-retention policies.
  • Chat data – Retained as long as the conversation exists. You may delete your messages at any time.

11. Data Security

We implement industry-standard security measures including:

  • TLS/SSL encryption for all data in transit.
  • Firebase Security Rules to restrict unauthorised data access.
  • Authentication tokens with automatic expiry.
  • Regular review of third-party service security practices.

No method of electronic transmission or storage is 100% secure. We will notify affected users and relevant authorities in the event of a data breach as required by law.

12. Children's Privacy

Plavler is a language-learning app designed for learners of all ages, including children. We comply with COPPA, the GDPR, the UK Age Appropriate Design Code, and the Google Play Families Policy.

Under COPPA, Plavler qualifies as a mixed-audience online service. Under the GDPR, we apply heightened protections when we know or have reason to believe a user is a child.

12.1 Age Screening

Plavler implements a neutral age screen during account creation. Based on declared age:

  • Users under 13 (U.S.) are identified as child users under COPPA.
  • In the EEA, the age threshold varies by member state (between 13 and 16). We apply each user's country threshold.
  • In the UK, the threshold is 13.

12.2 Verifiable Parental Consent

Before collecting personal information from a child under 13, we obtain verifiable parental consent using methods including:

  • "Email plus" method
  • Credit/debit card verification
  • Signed consent form
  • Other FTC-approved methods

Under GDPR Article 8, where consent is the legal basis, we require consent of the holder of parental responsibility.

12.3 Personal Information We Collect from Children

We limit the personal information collected from child users to what is reasonably necessary:

  • Account information — Email address and authentication credentials via Firebase Authentication.
  • Learning data — Stored locally on the device.
  • Microphone sensor data — Processed in real time and not stored.
  • Device data — For internal operations (app stability and improvement).
  • Ad usage data — Limited to non-personalised, contextual ad impressions.

12.4 Direct Notice to Parents (COPPA)

Before collecting personal information from a child, we provide direct notice to the parent or guardian describing the data we collect and how to provide consent.

12.5 Ongoing Parental Rights

Parents and guardians may at any time:

  • Review personal information collected from their child.
  • Revoke consent and refuse further collection.
  • Request deletion of their child's personal information.

Contact us at support@plavler.com.

12.6 Data We Do NOT Collect from Children

For child users or users of unknown age, we do not: transmit AAID, SIM serial, Build serial, BSSID, MAC address, SSID, IMEI, or IMSI; request the device phone number; collect precise location data; serve interest-based or remarketing ads; or build behavioural profiles.

12.7–12.12 Additional Children's Privacy Provisions

Full details on advertising to children (Section 6.1), chat safety (Section 17), SDK usage with children, security of children's data, Google Play Families Policy compliance, and guidance for parents and guardians are covered in the relevant sections of this policy. If you believe your child has provided personal information without your consent, contact us at support@plavler.com.

13. Your Rights

13.1 Rights Under GDPR (EEA & UK Users)

  • Right of access, rectification, erasure, restriction, data portability, objection, and withdrawal of consent.
  • Right to lodge a complaint with your local data-protection supervisory authority.

13.2 Rights Under CCPA/CPRA (California Residents)

  • Right to know, delete, opt out of sale/sharing, and non-discrimination.
  • We do not sell personal information.

13.3 Other Jurisdictions

Users in other jurisdictions may have additional rights under local data-protection laws.

13.4 How to Exercise Your Rights

Email us at support@plavler.com. We will respond within 30 days.

14. Legal Basis for Processing (GDPR)

  • Performance of a contract – Providing the Plavler service.
  • Legitimate interests – Analytics, crash reporting, security, and app improvement.
  • Consent – Personalised advertising and optional notifications.
  • Legal obligation – Compliance with applicable laws.

15. Artificial Intelligence & Automated Processing

Plavler uses Google's Gemini API to generate language-learning content. We send non-personal contextual data only (target language, proficiency level, topic). We do not send your name, email, or other personal identifiers. We also use Google Cloud Text-to-Speech to convert lesson text into spoken audio.

16. Microphone & Voice Data

  • Audio is captured only while actively using a speech feature.
  • Audio is processed in real time for pronunciation feedback.
  • We do not permanently store raw audio recordings.
  • You can revoke microphone access at any time through device settings.

17. Chat Feature

Plavler includes a chat feature. Messages are visible to other participants and may be stored on Firebase servers. Do not share sensitive personal information in chat. We may moderate chat content.

17.1 Chat Safety for Children

  • In-app safety reminder before accessing chat.
  • Adult action required for children to exchange personal information.
  • Parental controls to enable or disable chat.
  • Content moderation for child users.

18. Third-Party Links

Plavler may contain links to third-party websites. We are not responsible for their privacy practices.

19. Changes to This Privacy Policy

We may update this policy from time to time. Material changes will be communicated via in-app notification or email. Your continued use constitutes acceptance of the revised policy.

20. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy:

Nagaraju Maduru
Email: support@plavler.com

We aim to respond to all enquiries within 30 days.