Spokit

Spokit Privacy Policy

Effective date: July 3, 2026

Summary

Spokit collects data needed to provide language-learning functionality, subscriptions, account access, security, support, and product reliability. Spokit does not sell personal data, uses no third-party advertising, and has no tracking across apps or websites for advertising. Service-provider processing is still data sharing for app functionality and must be disclosed accurately.

This draft is not public HTTPS policy text, is not public HTTPS URLs, and is not legal counsel approval. The owner must review, publish, and configure https://spokit.app/privacy before App Store submission.

Data We Collect

Account and authentication data:

Onboarding and profile data:

Learning and user content:

Purchase and subscription data:

Device and technical data:

How We Use Data

Spokit uses data to:

Processors And Service Providers

Spokit may process data with service providers needed to operate v1:

When users type phrases, speak into the microphone, or request generated language content, relevant text and audio may be sent to AI or speech processors for app functionality. The local observability contract currently forbids sending phrase text, transcript text, audio payloads, tokens, emails, or raw provider payloads to external monitoring. If Sentry or any other external observability provider is configured before launch, update this policy and App Privacy answers for the actual provider and payload shape before publish.

Microphone And Audio

Spokit requests microphone permission so users can speak practice prompts. Audio may be uploaded to Spokit storage and sent to a speech processor when the user uses speech features. Generated audio may be stored for playback. Users can type instead of speaking where the app provides text input.

Purchases And RevenueCat

Spokit uses RevenueCat to process subscription entitlement state. Apple handles payment details, refunds, cancellation, and subscription management through the App Store. Spokit receives purchase history and subscription status events needed to unlock Pro, enforce credits, and support billing questions.

App Privacy Label Mapping

Current iOS privacy manifest data types include:

Before submission, reconcile App Privacy labels and the privacy manifest with learning goal, selected languages, level, reminder/profile preferences, and any external observability provider configured under docs/observability/v1-production-observability-contract.md. V1 does not collect age range or location-like profile text through local app/backend paths; if any production environment already contains legacy non-empty values, decide on owner-approved cleanup, export, and retention treatment before submission. Do not add avatar or profile photo collection without updating the manifest, App Privacy answers, and this policy.

Tracking, Ads, And Sale

Spokit does not use tracking for advertising, does not show third-party ads, and does not sell personal data. Data may still be disclosed to service providers listed above for app functionality, security, billing, and support.

Account Deletion And Export

Users can initiate Account deletion from the app's Profile settings. Deletion removes or scrubs Spokit-owned account and learning data such as phrases, tokens, reviews, language decks, analytics events, journal entries, seed progress, and auth sessions, except records Spokit must retain for legal, security, billing, fraud-prevention, or App Store requirements.

Users may request data export through support. Support contact is support@spokit.app through https://spokit.app/support.

Retention

Spokit retains account and learning data while the account is active and as needed to provide the service. Deleted-account data is removed or scrubbed according to the deletion flow and legal/security/billing retention needs. Backup, log, and provider retention windows require owner and counsel confirmation before publication.

Security

Spokit uses managed backend, auth, and storage providers to protect data. No system can guarantee absolute security. Users should avoid submitting sensitive, regulated, or confidential information as language practice content.

Children And Minors

V1 no longer asks for age range, under_18 status, or location-like profile text. Before release, owner and counsel should still confirm the COPPA, minors, and Kids Category posture for the final public app. Do not reintroduce age or under_18 collection without updating this policy, App Privacy answers, and the privacy manifest if required.

International Transfers

Spokit and its service providers may process data in countries other than the user's country. The owner and counsel should confirm required transfer language before publication.

Changes

Spokit may update the published Privacy Policy as features, processors, laws, or App Store requirements change. If Sentry, additional analytics, new AI providers, or new social features are added, update this policy and App Privacy answers before release.

Contact

Privacy questions should go to support@spokit.app . This page is published at https://spokit.app/privacy and https://spokit.app/support with final public HTTPS URLs.