PlusChinese - Privacy Policy

1. About PlusChinese

Application Overview

PlusChinese is a comprehensive mobile application designed for learning Mandarin Chinese through an interactive, progress-based learning system. The app is available on Android devices and helps users master Chinese characters (hanzi), vocabulary, phrases, and pronunciation.

🎓 Core Features of PlusChinese:

Hanzi Cards: Learn individual Chinese characters with components, strokes, and meanings
Structured Lessons: HSK-aligned lessons from beginner to advanced levels
Vocabulary Cards: Word cards with definitions, usage examples, and audio pronunciation
Phrase Learning: Common phrases and their contextual usage
Story Mode: Learn through narrative content
Progress Tracking: Monitor your learning journey with attendance and completion metrics
Text-to-Speech: Native pronunciation guidance in Mandarin Chinese
Multi-Language Interface: Support for English, French, Spanish, German and other languages
Dark Mode: Eye-friendly interface option

Target Language

The app is configured to teach Mandarin Chinese as the target learning language. While the interface language can be customized (English, French, Spanish, German, etc.), users learn Chinese characters, vocabulary, and phrases exclusively.

2. Introduction & Privacy Commitment

PlusChinese ("App," "we," "us," "our," "Company") is committed to protecting your privacy and ensuring you have a positive experience on our application. This Privacy Policy explains our practices concerning the collection, use, disclosure, and safeguarding of your information.

Privacy is fundamental to our mission. We recognize that trust is essential for education, and we have designed PlusChinese to collect minimal data while providing exceptional learning experiences.

Policy Scope

This Privacy Policy applies to:

The PlusChinese mobile application (Android)
All features, services, and content within the app
Your interactions with our application
Data collected through optional authentication services

                ⚠️ Important: By downloading and using PlusChinese, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our privacy practices, please do not use the application.
            

3. Information We Collect

3.1 Information You Provide Voluntarily

Google Sign-In Authentication (Optional)

When you choose to sign in using your Google account:

Email address associated with your Google account
Basic profile information (name, profile picture)
Google account ID

Important: Sign-in is completely optional. You can use all features of PlusChinese without authentication. We never store your Google password or authentication tokens beyond what is necessary for the current session.

In-App Purchase Information

When you make optional in-app purchases:

Premium code redemptions
Purchase transaction IDs (from Google Play)
Purchase timestamps

Note: Payment card information is processed exclusively by Google Play Billing. We do not handle, store, or have access to your credit card or payment details.

3.2 Information Collected Automatically

Learning Progress Data

To provide personalized learning, the app tracks:

Individual cards marked as "known" or "learned"
Lesson completion status and progress
List of learned hanzi characters and vocabulary words
Exercise performance and attempt history
Vocabulary mastery levels

User Preferences & Settings

Chosen interface language (UI language)
Target language for learning (currently Chinese)
Theme preference (light mode / dark mode)
Text-to-speech preferences
Font size and display preferences

Behavioral Data

Daily attendance/login information (last 7 days tracked)
Session duration and frequency
Feature usage patterns
Interaction timestamps

Device Information

Device model and manufacturer
Android OS version
Device language settings
Screen resolution and display density
Advertising ID (Google Play standard)
Device identifier (for restoring purchases)

3.3 Information We Explicitly Do NOT Collect

In our commitment to privacy, PlusChinese does not collect:

Category	Details
📍 Location Data	We do not request or collect GPS location, precise location, or approximate location information
❤️ Health Data	No health, fitness, or wellness information is collected
📞 Contact Information	Contact lists, phone numbers, or message data are not accessed
📅 Calendar & Communications	No calendar, email, or messaging data is collected
💳 Payment Details	Credit card numbers, bank account info, or sensitive financial data beyond transaction IDs
👁️ Biometric Data	Fingerprints, facial recognition, or biometric information
🎤 Audio/Photo	Microphone recordings, photo library access, or camera access
📊 Third-Party Analytics	No Google Analytics, Mixpanel, Amplitude, or similar tracking services
🍪 Cookies & Trackers	No cookies, web beacons, pixel tags, or cross-site tracking
📱 Cross-App Tracking	No tracking of your activity across other applications

4. How We Use Your Information

Legitimate Purposes for Data Processing

We process your information only for the following legitimate purposes:

4.1 Core Application Functionality

Learning Progress Tracking: Storing which cards you've marked as known to persist your progress across sessions and devices
Lesson Completion: Recording completed lessons to unlock subsequent content
Personalized Experience: Adapting the app interface and content based on your learning level and preferences
Progress Analytics: Calculating completion percentages, mastery levels, and learning statistics

4.2 User Authentication & Account Management

Optional Sign-In: Verifying your identity when you choose to use Google Sign-In
Session Management: Maintaining your authenticated session
Account Recovery: Enabling purchase restoration if you reinstall the app

4.3 In-App Purchases & Monetization

Purchase Verification: Validating in-app purchases through Google Play Billing
Premium Features: Managing access to premium content and features
Premium Code Redemption: Tracking redeemed promotional codes to prevent duplicate usage
Subscription Management: Processing and tracking active premium subscriptions

4.4 App Performance & Improvement (via Firebase Analytics)

Crash Analytics: Identifying and fixing technical issues and crashes
Performance Monitoring: Improving app responsiveness and user experience
Feature Usage Analytics: Understanding which features are most valuable to users
System Monitoring: Ensuring app stability and reliability
Data Source: This data is collected by Firebase Analytics and processed by Google

4.5 Legal & Security

Terms Compliance: Ensuring users comply with our Terms of Service
Fraud Prevention: Detecting and preventing fraudulent premium code redemptions
Legal Obligations: Complying with applicable laws and regulations

What We Do NOT Do With Your Data

❌ We do not sell your personal data directly to third parties for cash/compensation
❌ We do not share your personal data with advertisers or marketing companies
❌ We do not use your personal data for behavioral targeting or profiling (beyond Firebase analytics)
❌ We do not share your learning data with educational institutions without your consent
❌ We do not use your data for political or social profiling
✅ Important: We do share analytics data with Google Firebase (see section 6 for details)

5. Data Storage & Locations

5.1 Local Device Storage (Primary)

The vast majority of your data is stored locally on your device and never leaves it:

Data Type	Storage Method	Security
Learning Progress	Hive encrypted local database	AES-256 encryption
User Settings	Hive encrypted local database	Device-level encryption
Card Progress	Hive local storage	Device-protected
Attendance Records	Hive local database	Device-encrypted
Premium Information	Hive + Shared Preferences	Device-protected

5.2 Cloud Storage (Google Firebase)

PlusChinese sends data to Google Firebase for authentication and analytics:

Firebase (Google) - Always Active

Authentication Data (when you sign in):
- Temporary authentication tokens (expires after 30 days)
- Session information while logged in
- Google Sign-In credentials are processed securely by Google
Analytics Data (always active):
- App crash reports and error diagnostics
- App performance metrics
- Feature usage statistics
- User session information (duration, feature access)
- Device identifiers and OS information

Location: Firebase servers are located in the United States, but may replicate data globally. For EU users, Google has mechanisms in place to ensure GDPR compliance.

Google Play Billing

Purchase transaction history
Transaction IDs and timestamps
Premium entitlements

Location: Google Play servers, which comply with regional data protection laws.

5.3 No Automatic Cloud Sync

Important: Your learning progress is NOT automatically synced to any cloud server. Your data remains on your device unless you explicitly:

Sign in with Google (authentication data only)
Make an in-app purchase (billing data)

5.4 Data Deletion & Control

You maintain full control of your data:

Delete Individual Records: Remove specific learned cards from the app settings
Reset All Progress: Use the "Reset Progress" option to delete all learning data
Uninstall the App: All local data is automatically deleted when you uninstall PlusChinese
Sign Out: Remove your Google authentication without affecting local data

6. Third-Party Services & Partnerships

6.1 Google Play Services

Google Sign-In

Purpose: Optional user authentication
Data Shared: Email address and basic profile information
Why Optional: You can use PlusChinese without signing in
Privacy: Governed by Google's Privacy Policy

Google Play Billing

Purpose: Processing in-app purchases and premium features
Data Shared: Transaction IDs, purchase history, device identifiers
Payment Information: Your payment details are never shared with us; Google handles all payment processing
Privacy: Governed by Google's Privacy Policy

Google Play Advertising ID

Purpose: Standard Google Play requirement
Data Shared: Advertising identifier (non-personally identifiable)
User Control: You can opt out through Android Settings > Google > Manage your Google Account > Data & Privacy > Manage your advertising settings

6.2 Firebase (Google) - Authentication & Analytics

Purpose: Authentication service AND app analytics/performance tracking
When Used:
- Authentication: When you sign in with Google
- Analytics: Continuously to track app performance, crashes, and user behavior
Data Shared with Firebase:
- App crash reports and error logs
- App performance metrics
- User session information
- Feature usage analytics
- Device and OS information
Data NOT Shared: Your actual learning progress, learned words, or personal preferences are NOT sent to Firebase
Privacy: Subject to Firebase Terms and Google's Privacy Policy
Data Processing: Located in the US with EU Data Processing Agreements in place for GDPR compliance
Opt-Out: Firebase analytics is essential for app stability. You cannot opt-out without disabling core app functionality.

6.3 Text-to-Speech Engine

Purpose: Providing Mandarin Chinese pronunciation
Processing: Device-based TTS engine (no data sent externally)
Data Shared: None - processing occurs locally on your device

6.4 Services NOT Used

To further protect your privacy, PlusChinese explicitly does NOT use:

❌ Google Analytics: We use Firebase Analytics (not Google Analytics standalone)
❌ Facebook Pixel or Meta Conversion API: No Meta/Facebook tracking
❌ Mixpanel, Amplitude, Flurry: No third-party mobile analytics platforms
❌ Crashlytics (for user identification): Crash reporting only, no personal identification
❌ Ad Networks: No mobile ad networks or programmatic advertising
❌ Marketing Attribution Tools: No AppsFlyer, Branch, or similar services

7. Android Permissions Explained

Why We Request Permissions

PlusChinese requests only the minimum permissions necessary to function. Below is a transparent explanation of each permission:

Permission	Official Name	Purpose	Data Accessed
BILLING	`com.android.vending.BILLING`	Process in-app purchases through Google Play Store	Purchase history, entitlements, transaction history
AD_ID	`com.google.android.gms.permission.AD_ID`	Required by Google Play Store	Non-personal advertising identifier
INTERNET	`android.permission.INTERNET`	Communicate with Google services (authentication, purchases)	Network data only

Permissions We Do NOT Request

PlusChinese does NOT request access to:

❌ FINE_LOCATION / COARSE_LOCATION (no location tracking)
❌ CAMERA (no photo or video access)
❌ MICROPHONE (no audio recording)
❌ CONTACTS (no contact list access)
❌ CALENDAR (no calendar access)
❌ PHONE_STATE (no call monitoring)
❌ READ_SMS (no message access)

Permission Controls

You have full control over app permissions on Android:

Open Settings on your Android device
Navigate to Apps > PlusChinese > Permissions
Toggle individual permissions on/off
PlusChinese will function normally even with permissions disabled (except core INTERNET permission)

8. Data Security Measures

Security Architecture

We implement multiple layers of security to protect your data:

8.1 Local Device Security

Hive Encryption: Local database encrypted with AES-256 encryption standard
Android Keystore: Encryption keys stored in Android's secure hardware-backed keystore
Filesystem Encryption: Protected by Android's native full-disk encryption (if enabled by user)
Secure Deletion: Data deleted securely when you choose reset or uninstall

8.2 Network Security

HTTPS/TLS: All communications with external services use TLS 1.2 or higher
Certificate Pinning: Implemented for Google Play Billing API calls
Secure Protocols: No unencrypted data transmission

8.3 Authentication Security

OAuth 2.0: Google Sign-In uses secure OAuth 2.0 protocol
No Password Storage: We never store or handle your passwords
No Credential Caching: Google handles credential management securely
Session Tokens: Temporary tokens expire after 30 days

8.4 Purchase Security

Signature Verification: All in-app purchases are cryptographically verified
Google Play Verification: Each purchase is validated against Google Play servers
Fraud Prevention: Premium codes tracked to prevent duplicate redemptions
Entitlement Caching: Local copy of entitlements with periodic server verification

Security Best Practices

To keep your data secure, we follow industry best practices:

✅ No hardcoded secrets in the app code
✅ Regular security code reviews
✅ Minimal data retention (delete unused data promptly)
✅ Limited third-party integrations
✅ Secure error handling (no sensitive data in logs)

Your Responsibility

To maintain security, please:

Keep your Android OS and PlusChinese updated
Use a strong device PIN or password
Enable biometric unlock if available
Don't share your device with untrusted individuals
Review your Google account's connected apps periodically

9. Children's Privacy Protection

COPPA Compliance (US)

PlusChinese complies with the Children's Online Privacy Protection Act (COPPA) for users under 13 years old.

Age Recommendations

Recommended Age: 10+ for independent learning
Suitable Age: 8+ with parental guidance
Minimum Age: For children under 13, parental involvement is strongly recommended

For Parents & Guardians

We recommend the following to protect children's privacy:

Before Installation

Review this Privacy Policy with your child
Discuss the app's educational purpose
Explain that progress is stored on the device

During Use

Advise your child not to sign in with Google without permission
Monitor in-app purchase settings on your Google Play account
Periodically review the app's permissions (Settings > Apps > PlusChinese > Permissions)
Use Android parental controls for additional restrictions

Android Parental Controls

You can limit app access using:

Google Family Link: Monitor and manage your child's device usage
Google Play Family Library: Share apps and content safely
Google Play Parental Controls: Set content restrictions and spending limits

Children's Data Practices

✅ No targeted advertising to children
✅ No behavioral tracking or profiling
✅ No third-party analytics that identify children
✅ Optional authentication (no mandatory account creation)
✅ Parental consent not required (app designed for independent use)

Parent/Guardian Contact Rights

If you are a parent or guardian and have concerns about a child's data collected through this app, you may contact us at the email address in the Contact section below.

10. Your Privacy Rights & Choices

10.1 General Privacy Rights (All Users)

Right to Access Your Data

You can access all personal data the App collects by:

Viewing your learning progress in the app home screen
Reviewing your settings and preferences (Settings > Preferences)
Checking your attendance records (Settings > Progress)
Reviewing your purchase history through Google Play (Google Play Store > Account > Manage purchases)

Right to Correct/Edit Your Data

Edit interface language preferences
Modify theme and display settings
Update sign-in preferences

Right to Delete Your Data

Individual Records: Delete specific learned cards through the app
All Progress: Use Settings > Reset Progress to delete all learning data
Complete Removal: Uninstall the app (automatically removes all local data)
Account: Sign out of Google (retains app data locally)

Right to Opt-Out

Google Sign-In: Use the app without signing in (authentication is optional)
In-App Purchases: All premium features are optional
Analytics: We do not use third-party analytics (nothing to opt out of)
Advertising ID: Disable in Android Settings > Google > Manage your Google Account > Data & Privacy > Manage your advertising settings

10.2 Data Portability

While our app doesn't provide automatic data export, all your learning data is stored in standard formats and can be extracted:

Export your attendance data manually from the app
Your learned words list is viewable in the app interface
Backup your device to export all local data

10.3 Do Not Track (DNT)

This app respects Do Not Track (DNT) signals. Since we do not perform third-party tracking, DNT preferences do not affect our data practices. You can enable DNT through your mobile browser for web-based content.

11. European Union - GDPR Rights & Compliance

🇪🇺 Attention EU Residents

If you are located in any EU member state, the United Kingdom, or EEA countries, your data is protected under the General Data Protection Regulation (GDPR). This section outlines your specific rights.

Legal Basis for Data Processing (GDPR Articles 6 & 9)

Data Type	Legal Basis	Justification
Learning Progress	Contract (GDPR 6.1.b)	Necessary to provide core app functionality
Device Identifiers	Legitimate Interest (GDPR 6.1.f)	Purchase verification and app operation
Google Sign-In Data	Consent (GDPR 6.1.a)	User explicitly chooses to authenticate
Purchase Data	Contract (GDPR 6.1.b)	Necessary for payment processing

Your GDPR Rights

1. Right of Access (Article 15)

You have the right to access your personal data.

Request a copy of all personal data we hold about you
Understand how your data is used and processed
Response deadline: 30 days from request submission

2. Right to Rectification (Article 16)

You have the right to correct inaccurate data.

Request correction of incomplete or inaccurate information
Update your profile and preference information
We will correct data within 30 days

3. Right to Erasure / "Right to Be Forgotten" (Article 17)

You have the right to have your data deleted under certain conditions.

We will delete your personal data upon request if:

The data is no longer necessary for the purpose it was collected
You withdraw consent and there's no other legal basis
You object to processing for legitimate interests
The data has been unlawfully processed
Deletion is required by law

Exceptions: We may retain data if required by law, to defend legal claims, or if there's an overriding legitimate interest.

4. Right to Restrict Processing (Article 18)

You have the right to limit how your data is processed.

Request temporary restriction of data processing
Useful when contesting data accuracy
We will restrict processing while investigating your request

5. Right to Data Portability (Article 20)

You have the right to receive your data in a portable format.

Request your personal data in a machine-readable format (e.g., JSON, CSV)
Transfer your data to another service provider
Delivery deadline: 30 days

6. Right to Object (Article 21)

You have the right to object to processing.

Object to processing based on legitimate interests
Object to direct marketing (we do not perform marketing)
Object to automated decision-making and profiling

7. Rights Related to Automated Decision-Making (Article 22)

You have rights regarding fully automated decisions.

We do not use automated decision-making or profiling that produces legal or similarly significant effects. Our learning algorithms provide suggestions but do not make binding decisions.

Data Protection Officer & Supervisory Authority

If you are in the EU and have concerns about GDPR compliance:

First, contact us using the information in the Contact section
If unsatisfied, lodge a complaint with your national Data Protection Authority (DPA)
Find your Data Protection Authority

Data Transfer & International Transfers

For EU Users: When you sign in with Google or make purchases:

Data may be transferred to the United States (Firebase servers)
Google has Standard Contractual Clauses (SCCs) in place for GDPR compliance
Google is Privacy Shield certified (alternative compliance mechanism)
Your rights remain protected under GDPR principles

Data Processing Agreement

Google, as a data processor, maintains Data Processing Agreements (DPAs) compliant with GDPR. These are available through your Google Business account or upon request.

12. California - CCPA Rights (Supplement to GDPR)

California Consumer Privacy Act (CCPA) Compliance

If you are a California resident, you have additional privacy rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

Your CCPA Rights

1. Right to Know (CCPA § 1798.100)

You have the right to know:

What categories of personal information we collect
The purposes for collection
The categories of sources from which data is collected
The specific pieces of personal information we hold about you

2. Right to Delete (CCPA § 1798.105)

You have the right to request deletion of personal information we have collected, with exceptions for:

Information necessary to complete transactions
Information required for legal compliance
Information needed to prevent fraud or security issues

3. Right to Opt-Out (CCPA § 1798.120)

Sale or Sharing of Personal Information:

You have the right to opt-out of the sale or sharing of your personal information.

OUR PRACTICE: We do not sell or share your personal information with third parties for marketing purposes. Therefore, there is nothing to opt out of. However, if you prefer not to provide certain information, you can:

Use the app without signing in
Decline in-app purchases
Disable the advertising ID in Android settings

4. Right to Correct (CPRA § 1798.100(e))

You have the right to request correction of inaccurate personal information.

5. Right to Limit Use & Disclosure (CPRA § 1798.120)

You have the right to limit how businesses use or disclose your personal information to only what's necessary to provide the services you requested.

CCPA Data Categories We Collect

CCPA Category	Data We Collect	Commercial Purpose
Identifiers	Email (if signed in), device ID, advertising ID	Authentication, purchase verification
Commercial Information	Purchase history, transaction data	Payment processing
Internet/App Activity	App usage patterns, feature interactions	App improvement and optimization
Inferred Information	Learning preferences, language preferences	Personalization of learning experience

Consumer Rights Request Procedures

To exercise any CCPA rights, submit a verifiable consumer request to:

Email: [pluschinese@gmail.com]

Include in your request:

Your name and current email
Type of request (Know, Delete, Correct, etc.)
Description of information requested
Verification method (if requesting personal information)

Response Timeline

We will respond to your request within 45 days
We may extend the deadline by 45 days if necessary (will notify you)

Prohibition on Retaliation

We will not discriminate against you for exercising your privacy rights by:

Denying you goods or services
Charging different prices or rates
Providing different quality of service
Threatening adverse action

13. Data Retention & Deletion Policy

How Long We Retain Your Data

Data Category	Retention Period	Reason for Retention
Learning Progress (Cards, Lessons)	Until user deletes or app uninstalled	Preserve user's learning journey
User Settings & Preferences	Until user deletes or app uninstalled	Maintain app configuration
Attendance Records	Last 7 days displayed; indefinitely stored	Motivation tracking; can be manually deleted
Premium Trial Info	Until trial expires or reset	Trial expiration validation
Google Sign-In Tokens	30 days (Firebase default)	Session management
Purchase History	Indefinitely (for restoration)	Enable purchase restoration on reinstall
Used Premium Codes	Indefinitely	Prevent duplicate redemptions

Automatic Data Deletion

On Uninstall: All local data is automatically deleted
On Reset: Selecting "Reset Progress" deletes all learning data
On Sign Out: Authentication tokens are cleared

Manual Data Deletion

To delete individual records:

Open PlusChinese
Go to Settings (gear icon)
Select "Learning Progress"
Mark cards/lessons as "forget" or unmark as "known"
Data is deleted immediately

To delete all data (Reset):

Open PlusChinese
Go to Settings > Data Management
Select "Reset All Progress"
Confirm deletion
All learning data is permanently deleted

Data Retention After Account Deletion

If you delete your Google account or sign out:

Your local learning data remains on your device
Firebase authentication data is cleared after 30 days
Purchase history remains with Google Play for restoration
You can continue using the app without signing in

Legal Hold Exceptions

We may retain data longer than usual retention periods if:

Required by law or legal process
Defending legal claims
Investigating fraud or security issues
Enforcing terms of service

14. Cookies, Tracking Technologies & Cross-Site Tracking

Do We Use Cookies?

No. PlusChinese does not use cookies, web beacons, pixel tags, or similar tracking technologies.

Why Not?

Cookies are primarily used for web-based tracking and user identification across websites
Mobile apps use local storage instead of cookies
We have no need for cross-site tracking
We do not engage in behavioral profiling

Local Storage (Not Cookies)

PlusChinese uses local device storage (Hive encrypted database) instead of cookies:

Purpose: Store user preferences and learning progress on the device
Scope: Local to the app only (not shared with other apps)
User Control: Automatically deleted when you uninstall the app

Cross-Site Tracking

We do not engage in cross-site tracking:

❌ No tracking pixels from external services
❌ No third-party analytics (Google Analytics, Mixpanel, etc.)
❌ No behavioral tracking across apps
❌ No user fingerprinting
❌ No retargeting or remarketing

Third-Party Analytics & Advertising

PlusChinese does NOT include:

❌ Google Analytics (standalone service)
❌ Facebook Pixel or Meta Conversion API
❌ Ad network SDKs (Google Ads, Facebook Ads, etc.)
❌ Mobile measurement partners (AppsFlyer, Branch, etc.)

However, PlusChinese DOES use:

✅ Firebase Analytics: For app performance, crash reporting, and usage analytics (see section 6.2)

About Firebase Analytics

Firebase Analytics is ENABLED by default and collects:

App crash reports and error logs
App performance metrics
Feature usage frequency
User session duration
Device model and OS version
Installation and uninstall events

Firebase Analytics does NOT collect:

Your personal identity (unless you sign in)
Your learning progress or learned words
Your settings or preferences
Payment information

This data helps us improve app stability and fix bugs. It is processed according to Google's Privacy Policy.

Advertising ID Management

Your Android Advertising ID is accessible to Google and potentially other apps, but we do not use it for tracking. You can opt out:

Android Settings > Google > Manage your Google Account
Go to "Data & Privacy" tab
Select "Manage your advertising settings"
Enable "Opt out of Personalized Ads"

15. Contact Information & Support

Privacy Inquiries & Requests

Email: [pluschinese@gmail.com]

Company Name: François Bonnardet Devs

Types of Requests We Accept

🔒 Privacy Policy questions or clarifications
📋 Data access requests (GDPR Article 15, CCPA § 1798.100)
🗑️ Data deletion requests (GDPR Article 17, CCPA § 1798.105)
✏️ Data correction requests (GDPR Article 16, CPRA § 1798.100(e))
📊 Data portability requests (GDPR Article 20)
⚖️ Rights objection or restriction requests
🛡️ Security or privacy concerns
👶 Children's privacy concerns

Our Response Process

Submission: Send your request to the email above
Verification: We will verify your identity (for GDPR/CCPA compliance)
Processing: We will process your request promptly
Response: We aim to respond within 30 days
Extension: Complex requests may require an additional 30-day extension (we'll notify you)

Data Subject Rights Exercise

To exercise your GDPR or CCPA rights, include:

Your full name and email address
Type of request (Access, Delete, Correct, Port, Restrict, Object)
Detailed description of your request
Any supporting documentation
Preferred method of response
Your signature (digital is acceptable)

Multiple Requests

If you submit multiple requests within a 12-month period, we may charge a reasonable fee for processing. We will inform you of any fees before processing.

Appeal Process

If you disagree with our response to your privacy request:

You can appeal within 30 days by submitting a written request
Provide the reason for your appeal and any new information
We will conduct a thorough review and provide a detailed response
For EU Users: You have the right to lodge a complaint with your Data Protection Authority

16. Updates & Changes to This Privacy Policy

Why We Update This Policy

We may update this Privacy Policy periodically to:

Reflect new features or services in PlusChinese
Comply with new privacy laws or regulations
Respond to technological changes
Improve clarity and transparency
Address user privacy concerns

How We Notify You of Changes

We will notify you of material changes through:

📱 In-App Notification: Pop-up notification when you open the app
📧 Email: If you provided an email (via Google Sign-In)
🔔 Google Play Update: Policy changes highlighted in store listing
🌐 Website: Posted on our company website

What Counts as "Material Changes"

Material changes include:

New types of data collection
Changes to data usage purposes
New third-party data sharing
Changes to user rights or choices
Changes to security practices
Reduced privacy protections

Non-material updates (such as fixing typos, clarifying existing practices, or strengthening privacy protections) may not trigger formal notification.

Your Acceptance of Updates

Your continued use of PlusChinese after policy updates constitutes your acceptance of the updated terms. If you do not agree with changes, you have the right to:

Stop using the application
Delete your data and uninstall the app
Contact us with concerns before accepting

Version History

Version	Effective Date	Changes
1.0	May 10, 2026	Initial Privacy Policy for PlusChinese v1.0.1

Archive of Previous Versions

Previous versions of this Privacy Policy are available upon request. Contact us at [pluschinese@gmail.com].

Compliance Certifications & Standards

Privacy Standards We Follow

✅ GDPR Compliant

✅ CCPA Compliant

✅ COPPA Compliant

✅ LGPD Aware

✅ PIPEDA Compatible

✅ ISO 27001 Principles

✅ Privacy by Design

Industry Best Practices

Minimal Data Collection - We collect only what's necessary
Purpose Limitation - Data used only for stated purposes
Data Security - Encrypted storage and transmission
Transparency - Clear disclosure of practices
User Control - Easy access, editing, and deletion options
No Third-Party Sales - Your data is yours alone

🇪🇺 EU USERS NOTICE - GDPR COMPLIANCE

📋 Table of Contents

1. About PlusChinese

Application Overview

🎓 Core Features of PlusChinese:

Target Language

2. Introduction & Privacy Commitment

Policy Scope

3. Information We Collect

3.1 Information You Provide Voluntarily

Google Sign-In Authentication (Optional)

In-App Purchase Information

3.2 Information Collected Automatically

Learning Progress Data

User Preferences & Settings

Behavioral Data

Device Information

3.3 Information We Explicitly Do NOT Collect

4. How We Use Your Information

Legitimate Purposes for Data Processing

4.1 Core Application Functionality

4.2 User Authentication & Account Management

4.3 In-App Purchases & Monetization

4.4 App Performance & Improvement (via Firebase Analytics)

4.5 Legal & Security

What We Do NOT Do With Your Data

5. Data Storage & Locations

5.1 Local Device Storage (Primary)

5.2 Cloud Storage (Google Firebase)

Firebase (Google) - Always Active

Google Play Billing

5.3 No Automatic Cloud Sync

5.4 Data Deletion & Control

6. Third-Party Services & Partnerships

6.1 Google Play Services

Google Sign-In

Google Play Billing

Google Play Advertising ID

6.2 Firebase (Google) - Authentication & Analytics

6.3 Text-to-Speech Engine

6.4 Services NOT Used

7. Android Permissions Explained

Why We Request Permissions

Permissions We Do NOT Request

Permission Controls

8. Data Security Measures

Security Architecture

8.1 Local Device Security

8.2 Network Security

8.3 Authentication Security

8.4 Purchase Security

Security Best Practices

Your Responsibility

9. Children's Privacy Protection

COPPA Compliance (US)

Age Recommendations

For Parents & Guardians

Before Installation

During Use

Android Parental Controls

Children's Data Practices

Parent/Guardian Contact Rights

10. Your Privacy Rights & Choices

10.1 General Privacy Rights (All Users)

Right to Access Your Data

Right to Correct/Edit Your Data

Right to Delete Your Data

Right to Opt-Out

10.2 Data Portability

10.3 Do Not Track (DNT)

11. European Union - GDPR Rights & Compliance

🇪🇺 Attention EU Residents

Legal Basis for Data Processing (GDPR Articles 6 & 9)

Your GDPR Rights

1. Right of Access (Article 15)

2. Right to Rectification (Article 16)

3. Right to Erasure / "Right to Be Forgotten" (Article 17)

4. Right to Restrict Processing (Article 18)

5. Right to Data Portability (Article 20)

6. Right to Object (Article 21)