Get Asilak
← Back to home

Privacy Policy

Draft — review with legal counsel before launch.

Last updated: June 2026

This website uses no tracking cookies.

Asilak is built privacy-first. Almost nothing about your learning ever reaches us: there is no account, and your decks, cards and study history stay on your device. This policy explains, in plain terms, the little that we do handle, the choices you have, and your rights under the EU General Data Protection Regulation (GDPR) and the UK GDPR.

Who we are (the data controller)

Asilak is provided by [Legal entity name], [registered address] ("Asilak", "we", "us"). For any data-protection question, or to exercise the rights described below, contact us at privacy@asilak.app. [If a Data Protection Officer is appointed, their contact details will be listed here.] If you are in the European Union or the United Kingdom and we are required to appoint a representative under Article 27 GDPR / UK GDPR, that representative's details will appear here before launch.

No accounts, no profiles

Asilak has no sign-up, no login and no user profiles. We do not ask for your name, email address or any identifying information to use the app. Because there is no account, there is no account to delete — the platform account-deletion requirements simply do not apply. Uninstalling the app removes the learning data stored on that device.

Your learning data stays on your device

Your decks, cards and study history are stored locally on your device in an on-device database. They are not transmitted to us, and we operate no server that holds them. We cannot see, access or recover this data. Keeping your own backups (see below) is therefore worthwhile.

Optional backup and sync use your own cloud

Backup and cross-device sync are optional and off until you turn them on. When enabled, your data is stored in your own iCloud (on Apple devices) or your own Google account (on Android) — your private cloud storage, governed by Apple's or Google's terms, not by any server we run. A future end-to-end-encrypted cross-device sync is planned; where offered it will be opt-in and encrypted so that only your devices can read the contents. We do not receive a copy of your decks through backup or sync.

Optional, anonymous diagnostics

You may choose to share anonymous crash and performance diagnostics that help us find and fix problems. This is processed by Sentry (Functional Software, Inc.) acting as our processor. These reports contain technical information only — non-identifying stage names plus context such as the app version, operating-system version and device model. They never include the content of your cards or decks, and never your name, email or other personal information. Diagnostics are governed by a "Diagnostics" toggle in Settings and can be turned off at any time; where required by law they are off by default. Our lawful basis for any diagnostics that constitute personal data is your consent (Article 6(1)(a) GDPR), which you can withdraw at any time by switching the toggle off.

Purchases and payment

Asilak is a one-time purchase. Payment is handled entirely by the store you buy from — the Apple App Store or Google Play in-app purchase, or, on Windows, Linux and the web, by Stripe (Stripe, Inc. / Stripe Payments Europe, Ltd.). We never see or store your full card number. The payment processor handles your payment details under its own privacy terms and as our processor where applicable. We may receive a confirmation that a purchase occurred and a non-identifying transaction reference to validate your entitlement and provide support. The lawful basis for processing purchase data is performance of a contract with you (Article 6(1)(b) GDPR); where we retain records to meet tax or accounting duties, the basis is our legal obligation (Article 6(1)(c) GDPR).

No ads, no trackers, no cookies, no data selling

Asilak contains no advertising, no third-party advertising or tracking SDKs, and no analytics that profile you. We do not sell, rent or share your personal data with anyone. This marketing website sets no tracking cookies and uses no cross-site tracking.

Lawful bases for processing

Under the GDPR and UK GDPR we rely on: consent (Article 6(1)(a)) for optional diagnostics; performance of a contract (Article 6(1)(b)) to process your one-time purchase and provide the app; legal obligation (Article 6(1)(c)) where we must keep purchase or tax records; and, where relevant, our legitimate interests (Article 6(1)(f)) in keeping the app secure and working correctly, balanced against your rights. Because the app collects no personal learning data, most of what you do in Asilak does not involve processing personal data by us at all.

Your rights

If you are in the EU or the UK, you have the rights to access, rectify, erase, restrict and port your personal data, to object to processing, and to withdraw consent at any time (without affecting processing already carried out). To exercise any of these, email privacy@asilak.app. Please note that we hold very little: your learning data lives only on your device (and your own cloud if you enabled backup), so for most data the practical way to access, correct, export or erase it is within the app itself or by uninstalling. We will respond to verified requests within the time limits the law requires.

Data retention

Learning data is retained on your device for as long as you keep the app installed and is removed when you delete it; backup copies persist in your own cloud until you delete them there. Diagnostics are retained by our processor only as long as needed to diagnose issues and are then deleted [retention period to be confirmed]. Purchase and tax records are kept only as long as required by applicable law.

International data transfers

Our diagnostics and payment processors may process limited data outside your country, including in the United States. Where personal data is transferred outside the EU or UK, it is protected by an appropriate safeguard such as the European Commission's Standard Contractual Clauses (and the UK Addendum) or an adequacy decision. The specific transfer mechanism for each processor will be confirmed with counsel before launch.

Children

Asilak is a general-purpose, subject-neutral learning tool. It is not directed primarily at children, though it can be used by them and by parents or teachers building decks for a child. Because the app requires no account and keeps learning data on the device, we knowingly collect no personal information from anyone, including children. Under Article 8 GDPR the age at which a child can consent to online services ranges from 13 to 16 depending on the member state (16 by default); in the UK it is 13. Where consent is needed for a child below the applicable age, it must be given or authorised by a holder of parental responsibility. If you believe a child has provided us personal data, contact privacy@asilak.app and we will delete it.

Changes to this policy

We may update this policy as the app evolves or the law changes. We will revise the "last updated" date above and, for material changes, give notice in the app or on this site.

Complaints and supervisory authorities

You have the right to lodge a complaint with a data-protection supervisory authority. In the EU, you may contact the authority in your country of residence, work or where the issue arose. In the UK, the supervisory authority is the Information Commissioner's Office (ICO), ico.org.uk. We would appreciate the chance to address your concern first — please email privacy@asilak.app.

Contact

Questions about privacy, or to exercise your rights? Email us at privacy@asilak.app.