Flaevo
Terms of Service →
GDPR, CCPA & Act 843 Compliant

Privacy Policy

Last updated: July 2026 · Version 1.1.0 · Ref: Ghana DPA Registration

🤝
Our Core Privacy PledgeWe build Flaevo to accelerate your learning. We process academic indicators strictly to fuel your custom plans. We do not sell, rent, or trade your personal records to third parties for advertisement. This document is structured to provide full details and a plain-English explanation of our operations.

Table of Contents

1. Scope & Introduction

Plain English SummaryWe operate Flaevo to help you learn faster. This policy explains what data we collect when you use our web and mobile apps, how we safeguard it, and how we respect your privacy rights. We do not sell your personal data.

This Privacy Policy (“Policy”) forms a binding agreement and governs the data processing practices of Flaevo (“Flaevo”, “we”, “our”, or “us”). It applies to the Flaevo web application, native mobile application (Android), API endpoints, developers tools, and all associated services (collectively, the “Service”).

Flaevo is operated and managed out of Accra, Ghana. We are committed to processing your personal data in accordance with the highest international benchmarks, including the Ghanaian Data Protection Act, 2012 (Act 843), the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and other applicable regional data protection legislations.

By registering for an account, installing the Android client, or interacting with the Service, you consent to the collection, storage, transfer, and processing of your personal information as set forth herein. If you do not agree with these terms, please immediately cease all usage of the Service.

2. Information We Collect

Plain English SummaryWe collect account details (email, name), academic preferences (your grade, subjects), study activities (XP, card progress), and document uploads (for AI summaries). Transactional details are handled by a third-party payment processor, so we never see your card/MoMo PIN.

To provide our learning platform and custom AI features, we collect several categories of information, directly from you or automatically during your sessions:

2.1 Account Credentials & Identity Info

When you register, we collect your display name, email address, profile picture (either customized upload or fetched from your single sign-on provider's metadata), and cryptographically salted and hashed passwords. We use this to authenticate your identity and prevent unauthorized access.

2.2 Academic Profile Metadata

We collect your school level (e.g. Junior High, Senior High, University, Professional / Self-study), courses of interest, self-assessed strength per course, learning style (e.g. visual, mixed), target exams (e.g. BECE, WASSCE, SAT, custom exams), and dates of exams. This details your academic profile to customize AI Tutor explanation levels.

2.3 Study Progress & Gamification Metrics

To calculate spaced repetition intervals (SRS), we store the flashcards you build, card success/failure rates, focus timer lengths (including focus sessions today and continuous daily streaks), quiz results, badges unlocked, experience points (XP) accumulated, and virtual coins balances.

2.4 User Generated Content & Uploads

We process and store files you upload (PDFs, DOCX, txt, images) for summarization, notes generation, or translation. We also store the study notes you compose or AI-enhance inside your Notebooks. AI chat transcripts with the AI Tutor are retained to keep conversation context.

My Courses: when you add a course, you upload study material (e.g. lecture slides, notes, past papers). We extract and store the text of that material (we do not retain the original file) on our servers, linked to your account, solely to power your own grounded study — generating overviews, quizzes, flashcards, and AI Tutor answers drawn only from your material. This content is private to you, never used to train third-party models, and permanently deleted when you delete the course or your account.

2.5 Diagnostic & Technical Footprints

We automatically log device details (brand, model, screen dimensions), operating system version (e.g. Android API level), browser user-agent, country-level location inferred from your IP address, app crash stack traces, and click interaction maps. We use these for analytics and infrastructure security.

2.6 Billing & Payment Indicators

All subscription payments are handled directly by a third-party, PCI-DSS compliant payment processor. Flaevo only stores payment metadata: subscription plan (Pro, Max), payment status, reference IDs, and transaction dates. We do not collect, view, or store credit card numbers, CVVs, or mobile money PINs.

2.7 Voice & Microphone Input (Speak-to-Type)

Flae, our AI tutor, offers an optional speak-to-type feature so you can dictate a message instead of typing it. We only access your microphone while you actively use the dictation control — never in the background, and never to record without your action. The captured audio is converted to text and is not stored on Flaevo's servers; only the resulting text is sent to the AI tutor like any other message.

To perform the speech-to-text conversion, your recorded clip is either processed by your browser's built-in speech-recognition service (e.g. Chrome on the web, under the browser vendor's own privacy policy), or — in the Flaevo app and on browsers without built-in dictation — sent through our secure server to our AI speech provider, which converts it to text and does not use it to train third-party models. In both cases the audio is used solely to produce your text and is not retained by Flaevo. If you prefer not to use this, simply type your message — the feature is entirely optional and you can deny or revoke microphone permission at any time in your device or browser settings.

2.8 Photos You Share with the Tutor

Flae lets you upload a photo or take a picture of a question, diagram, or your notes so the tutor can read and explain it. When you do, that image is sent to our AI vision provider to transcribe its contents into text, which the tutor then uses to teach you. We access your camera or photo gallery only when you actively choose to add an image — never in the background. The image is used solely to answer your request, is not shown to other users, and is not used to train third-party models.

2.9 Course Podcasts & Audio Generation

When you generate a Course Podcast from a course session, the session text is processed by our AI script writer to draft an episode script. This script is then converted to audio using our secure text-to-speech rendering processor. The generated audio (MP3) is cached locally on your device for offline playback. We do not store transcripts or audio permanently on external servers, and your session details are kept private to your account.

2.10 Screen Sharing & Background Overlay Capture

The Flaevo mobile application offers an optional Screen Share Overlay (floating assistant bubble) feature to help you study external documents or apps (e.g. PDFs, study slides, or educational websites) while remaining connected to the AI Tutor. To enable this, the app requires the **System Overlay ("Draw over other apps")** and **Media Projection (Screen Recording)** permissions.

When you actively tap the floating Flae character overlay bubble to ask for help, the app captures a single screenshot of your active screen, converts it to a secure base64 data payload, and sends it to our AI vision provider to analyze and answer your questions. This screen capture is never run in the background without your action, and the captured image is processed in-memory solely to generate the AI Tutor response and is not stored permanently on our servers or used to train third-party models.

3. How We Use Your Data

Plain English SummaryYour data is used to customize your AI study planner, deliver notifications, secure your profile, and renew your subscriptions. We never sell your data to advertisers.

We process your data strictly to fulfill the following business and functional purposes:

  • AI Customization: Adjusting the vocabulary, difficulty level, and curriculum guidelines of our AI components (Tutor, Planner) to align with your academic profile.
  • Spaced Repetition: Powering the scheduling algorithms that calculate exactly when you should review a flashcard for optimal memorization.
  • Gamification: Powering study streaks, level milestones, and achievements.
  • Communication: Dispatching notifications (via email or push notifications) regarding streaks, achievements, system maintenance, and account billing. You can modify notification preferences inside Settings.
  • Security and Stability: Resolving application crashes using diagnostic telemetry, blocking DDoS attacks, and identifying malicious users violating our system query limits.

4. Legal Grounds for Processing

Plain English SummaryWe process your data under legal criteria: Contractual Necessity (to run your account), Legitimate Interests (to improve our services), Legal Obligations (to track payments), and Consent (for push notifications).

Under global regulatory frameworks (GDPR Article 6 and Section 22 of the Ghana Data Protection Act), we process personal data only when there is a valid legal basis:

Contractual NecessityTo establish your account, log your study progress, host your flashcard decks, and process payment subscriptions.
Legitimate InterestsTo refine UI layouts, optimize server responses, and secure API endpoints.
Legal ObligationTo maintain audit records, comply with tax reporting in Ghana, and respond to lawful security requests.
ConsentFor optional activities, such as activating push notifications or using third-party single sign-on (OAuth). You may revoke consent at any time.

5. Third-Party Data Processors

Plain English SummaryWe share specific details with trusted service providers, described by category: a cloud database & storage provider, AI processing providers, an audio-generation provider, a payment processor, a push-notification & sign-in provider, and an email provider. They cannot sell or reuse your details. A current list of our sub-processors is available on request.

We work with vetted service providers to run Flaevo. They have access to data categories only to perform their assigned functions, and are barred from sharing or repurposing your personal details:

ProviderScope of WorkData Categories Disclosed
Cloud Database & Storage ProviderDatabase, file storage, and authentication.Account profiles, files, flashcard metrics, chat rooms.
Generative AI ProcessorsGenerative AI tutoring and notes models; AI vision reads photos you send to the tutor.AI prompts, uploaded document text, and photos/images you share with the tutor.
Payment Processor (PCI-DSS)Securing mobile money and credit card transactions.Email, payment sum (payment info directly bypasses Flaevo).
Web Hosting & Edge Compute ProviderWeb app hosting and edge function deployment.IP, user-agent, crash details.
Error Monitoring & Diagnostics ProviderReal-time error tracking and telemetry.Operating system, app version, error traces.
Push Notification & Sign-In ProviderPush-notification delivery and optional single sign-on.Device push token; and, if you use single sign-on, your name, email and profile photo.
Email Delivery ProviderSending transactional and product-update emails.Email address, name.
Audio Generation ProcessorsText-to-speech audio rendering via sandboxed text-to-speech voice servers.Spoken scripts generated from your course sessions.

Some of these providers operate outside Ghana — including in the United States, Europe, and other regions — so your data may be processed internationally under appropriate contractual safeguards. We identify our providers by category above to protect commercially sensitive information; a current list of the specific sub-processors we use is available on request at support@flaevoapp.com.

6. Compliance with Regional Laws

Plain English SummaryWe fully comply with GDPR (Europe), CCPA (California), and Ghana's Data Protection Act 843. You have the right to access, export, correct, or permanently delete your data at any time.

6.1 Ghana Data Protection Act, 2012 (Act 843)

We adhere to the eight foundational principles of Act 843:

  • Accountability: We review every data integration channel before it goes live.
  • Lawfulness of Processing: We collect only relevant inputs under consent or contract.
  • Specification of Purpose: Data is utilized solely to power your study assets.
  • Quality of Information: Users have inline edit buttons to correct stats.
  • Security Safeguards: We apply strict per-account database access controls.

6.2 GDPR / UK Data Protection Act Rights

If you reside in the EEA or UK, you enjoy key protections:

  • Right to be Forgotten: You can request total deletion of your database rows.
  • Data Portability: You can request an export of your study logs in JSON.
  • Restriction of Processing: You can restrict automated processing of files.
  • Right to Lodge Complaint: You can notify your regional Data Protection Authority.

6.3 CCPA/CPRA Rights (California)

California residents have the right to request access to categories of data collected, request deletion, and opt-out of data sales. Flaevo does not sell or share your data, so there is no opt-out link necessary. We do not discriminate for exercising rights.

7. Data Security & Encryption

Plain English SummaryWe secure your information using SSL/TLS encryption for transfer, secure row-level separation in our databases, and cryptographic password hashing. We cannot read your raw password.

We deploy industrial-grade defenses to keep your data safe:

  • Encryption in Transit: All web and mobile calls are routed through HTTPS protocol using Transport Layer Security (TLS 1.3).
  • Database Isolation: Our database enforces strict per-account access controls, blocking any client queries trying to fetch, modify, or delete records belonging to other accounts.
  • Password Security: Passwords are cryptographically salted and hashed using an industry-standard algorithm before database storage. We have no access to plain-text passwords.
  • Breach Protocols: In the event of a security compromise, we will notify affected users and the relevant Ghanaian/EU Data Protection Commissioner within 72 hours of verification.

8. Data Retention & Deletion

Plain English SummaryWe keep your data as long as your account is active. You can delete your account instantly in-app (Settings → Danger zone → Delete account), which purges your details from our databases.

We retain your personal details only as long as necessary to run your account. We have established two deletion paths to meet Google Play Store Developer policies:

Option A: Instant In-App Deletion

Log in to Flaevo → open Settings → scroll to the Danger zone → tap Delete account and confirm. This will instantly delete your email credentials, study decks, profile values, and chat rooms references from our active database nodes.

Option B: Verification Email

Send an email to support@flaevoapp.com with the subject “Account Deletion Request”. Following validation of identity, we will wipe your profile details from our production environments within 30 days.

*Note: Subscription ledger records and payment logs held by our payment processor will be archived for up to 7 years to satisfy Ghanaian tax audit and financial tracking statutes.*

9. Children's Privacy (COPPA)

Plain English SummaryFlaevo is designed for learners aged 13 and above. We do not intentionally collect data from children under 13. If we find an account created by a child under 13, it will be deleted immediately.

Flaevo is designed for students, educators, and lifelong learners. Our Services are intended for individuals who are at least 13 years of age. We do not knowingly compile personal data from children under 13.

If we become aware that a child under 13 has registered without verified parental consent, we will take immediate measures to terminate the login credentials and scrub all related study progress metadata. If you are a parent or legal guardian and suspect that your child has created an account, please contact us immediately at support@flaevoapp.com.

10. Cookie & Tracking Policy

Plain English SummaryWe use basic cookies to keep you logged in and save your local preferences (like dark mode). We do not track you across other websites or use cookies for retargeted ads.

We use essential cookies and browser local storage elements to operate the Service:

  • Session Authentication: Keeping your auth session active across page switches so you don't need to sign in every time.
  • Preference Settings: Remembering your selected theme choice (Light, Dark, or System) and study preferences.
  • Telemetry Logs: Storing temporary diagnostics on page loads to measure performance and errors.

You can adjust your web browser settings to block or delete cookies. However, blocking essential session cookies will prevent you from signing in or saving your customized learning profiles.

11. Contact & DPO Details

Plain English SummaryIf you have questions about your privacy, email us at support@flaevoapp.com with the subject 'Privacy Request'.

For inquiries, complaints, data exports, or to exercise any of your data rights, please contact the Flaevo privacy team:

Flaevo — Privacy & Data Requests
Accra, Ghana
Email: support@flaevoapp.com
Subject Line: “Privacy Request”

Interactive Data Rights Helper

Exercise your access and deletion rights automatically.

Under GDPR and the Ghana Data Protection Act, you can request to download a copy of your study data, or request permanent deletion. Use this widget to prepare a legal request to our team:

Copy this draft and send it from your registered email address to support@flaevoapp.com.
← Back to Flaevo Dashboard© 2026 Flaevo. All rights reserved.