RevizioDownload
← Back to home

Privacy Policy

Last updated: 12/05/2026

This Privacy Policy explains how Revizio collects, uses, shares and protects your personal data when you use the Revizio mobile application and the revizioapp.com website. It complements the Terms of Use and is provided in alignment with the EU General Data Protection Regulation (GDPR).

1. Data controller

The Revizio application and the revizioapp.com website are operated by Revizio App, contact address 31700 Blagnac, France. For any request regarding your personal data: support@revizioapp.com. Detailed legal information (corporate form, registration number, publication director) is available upon request at the same address.

2. Scope

This policy covers data processing performed through the Revizio mobile app (iOS, Android coming soon), the official revizioapp.com website and the associated backend services (database, authentication, media storage, server functions, AI generation, push notifications). It does not cover policies specific to the App Store, Google Play Store, or identity providers (Apple, Google), which remain governed by their own terms.

3. Data we collect

  • Identification A unique internal identifier (UUID) generated at install. Your email address only if you sign in via a one-time code sent by email, or if it is shared by Apple or Google during authentication. Authentication method (anonymous, Apple, Google, email). Optional display name. Preferred language. Display mode (system, light, dark).
  • Learning preferences Selected objective (student or curious), study days per week, preferred session duration, weekend inclusion, time zone.
  • Progress and activity Cumulative level and experience, current lives, daily streak, progress in the Adventure and in custom worlds, daily challenge attempts, AI quiz attempts and scores.
  • Brain economy Wallet balance, append-only transaction history (earns, spends, automatic refunds), validated rewards through the Reward Ledger.
  • Content you create Courses and chapters you enter, planned and completed study sessions, post-session feedback (mood, productivity, confidence), voice notes you record yourself, course photos sent to the Decoder tool, and custom Adventure worlds you generate.
  • Purchases and subscription Subscription status (Free or Plus), billing cycle, expiry date, payment events transmitted by RevenueCat. Revizio stores no banking data: payments are handled exclusively by Apple or Google.
  • Notifications and device Expo push notification token, platform (iOS / Android), notification permission status, stable per-install device identifier, time zone, and detailed per-channel notification preferences.
  • Referral Referral code in the REV-XXXXX format, links between referrers and invitees, brain rewards granted.
  • Audit logs Append-only logs related to payments, AI generations and notification deliveries, for security, fraud prevention, audit and user support.

4. Data we do not collect

  • No precise geolocation — we only use your device time zone to schedule notifications.
  • No access to your address book or contacts.
  • No background microphone capture — voice notes are recorded only at your explicit request.
  • No advertising identifier (IDFA on iOS, GAID on Android).
  • No cross-app tracking, no data sharing for advertising purposes.
  • No web cookies — Revizio is a native app, and the official website does not drop audience measurement cookies.
  • No third-party analytics service and no crash reporting service is active at this time.

5. Purposes of processing and legal bases

  • Providing the service Creating and syncing your account, saving progress, delivering content. Legal basis: performance of the contract (Terms of Use).
  • Personalization Adapting the experience to your learning objective, language and study preferences. Legal basis: performance of the contract.
  • AI generation Sending your prompts and, where applicable, your course photos to our AI provider in order to generate games, study sheets, exams and tools. Legal basis: performance of the contract.
  • Push notifications Sending you functional reminders (daily challenge, AI generation completion, etc.). Legal basis: your consent, withdrawable at any time from Settings.
  • Purchases and subscriptions Managing access to paid features and the monthly brain credit. Legal bases: performance of the contract and legal obligation (accounting).
  • Security and abuse prevention Monthly caps, anti-fraud, transaction idempotency, audit logs. Legal basis: legitimate interest in protecting the service and its users.
  • User support Responding to your requests via email using only the information strictly required. Legal basis: performance of the contract.

6. Processors and technical partners

  • Supabase, Inc. Database hosting, authentication, media storage (private bucket) and server-side functions (Edge Functions). All sensitive tables are protected by Row Level Security.
  • OpenAI, L.L.C. AI content generation for the games, premium tools (Decoder, Structured memo, Mock exam, Course Quiz, Smart Notifications) and the custom Adventure. Your prompts and, for the Decoder, your course photos are sent at generation time. Per OpenAI's API policy, data sent through its API is not used by default to train its models.
  • RevenueCat, Inc. Proxy between the stores and our backend for subscription and in-app purchase management. RevenueCat receives your internal identifier and the transaction information forwarded by Apple or Google.
  • Expo (Expo Application Services) Routing push notifications from our server to your device via the Expo Push service.
  • Apple Inc. Sign-In with Apple (authentication), iOS distribution via the App Store, and in-app payment handling on iOS.
  • Google LLC Sign-In with Google (authentication), Android distribution via the Google Play Store (coming), and in-app payment handling on Android.

7. Photos, voice notes and media storage

Course photos you send to the Decoder tool are compressed before upload and then stored in a private Supabase bucket (10 MB max per file; JPEG, PNG, WebP, HEIC formats allowed). They are accessible only to you, are sent to OpenAI for the duration of the generation, and are deleted upon account deletion. Voice notes associated with your session feedback are stored in the same private bucket, with access restricted to your account; they are not transmitted to OpenAI or any other third party at this time.

8. International data transfers

Some of our processors — notably OpenAI, RevenueCat and Expo — are established in the United States. Related international data transfers are governed by the Standard Contractual Clauses adopted by the European Commission, which are the transfer mechanism currently applied by these providers. Apple and Google rely on their own international transfer terms, available in their respective policies. The Supabase hosting region is documented and may be communicated upon request to support@revizioapp.com.

9. Retention

Your account data, progress and content are retained as long as your account is active. Upon account deletion, all data tied to your identifier is removed atomically: profile, progress, courses, sessions, AI contents, photos, voice notes, wallet, transactions and preferences. Technical logs related to payments or AI generations may be retained in a limited form for the period required to comply with our accounting and security obligations, then deleted or anonymized.

10. Your rights

  • Access Obtain a copy of your data via Settings → My account → Export my data. If that is not possible, write to support@revizioapp.com.
  • Rectification Edit your profile and preferences from Settings → My account.
  • Erasure Delete your account from Settings → My account → Delete my account. Deletion is atomic and immediate. If you cannot do it, write to support@revizioapp.com.
  • Portability The export provided from the app is readable and reusable in a structured format.
  • Restriction Disable notifications per channel from Settings, or request restriction of a specific processing by emailing support.
  • Objection You may object to processing based on legitimate interest by contacting us.
  • Withdrawal of consent You may withdraw your consent to notifications at any time from Settings, without affecting the lawfulness of prior processing.
  • Complaint You may file a complaint with the French Data Protection Authority (CNIL, www.cnil.fr) or your local authority if you believe your rights are not being respected.

11. Minors

Revizio offers no features specifically designed for children under 13: no public profile, no user-to-user messaging, no social mechanics. If the user is a minor, we strongly recommend use under the supervision of a parent or legal guardian, using Apple or Google family accounts and their native parental controls (purchase authorization, content restrictions, screen time).

12. Security

All sensitive tables are protected by Row Level Security on Supabase: each user can only read their own data. The brain wallet and transactions can only be modified through signed server functions (SECURITY DEFINER). The reward ledger is append-only and uses idempotency keys to prevent duplicates. Network communications are encrypted with HTTPS. No API key or secret is stored client-side. Authentication does not rely on any password.

13. Changes to this policy

This policy may evolve to reflect product, legal or technical changes. Any material change will be notified to you in the app or by email to the address associated with your account. The last update date appears at the top of this page.

14. Contact

For any question regarding this policy or the protection of your data, write to support@revizioapp.com. We reply on average within 3 business days.