Privacy Policy

Knitlex is a TOEFL preparation app. To use it you sign in with your Apple ID or Google account. Your study progress (vocabulary cards, review history, fluency self-ratings, settings) is kept on your device. Your domain keywords and the personalised example sentences and speaking content generated for you are stored in our database in the European Union, linked to your Firebase user identifier.

To generate the personalised content you ask for, your keywords are sent to our content-generation provider (OpenAI) in the United States. Your name, email address, payment details, and review history are never sent to OpenAI. The app contains no analytics, no advertising, no crash-reporting service, and no tracking. Notifications are scheduled on your device only; we do not push anything to your device from our servers.

Knitlex is published by Sylvanity B.V., a private limited company based in the Netherlands ("Sylvanity", "we", "us"). Sylvanity is the data controller for the processing described in this policy, for the purposes of the EU General Data Protection Regulation (GDPR) and equivalent laws. You can reach us at info@sylvanity.eu.

Knitlex is currently distributed through the Apple App Store for iPhone and iPad. The app requires iOS 18 or later. If we publish Knitlex on other platforms in future (for example, Google Play for Android), we will update this policy to describe any platform-specific differences. The processing described below is the same regardless of platform.

An account is required to use Knitlex because your personalised content is generated server-side and stored under your account so that it survives a device change. You sign in with one of two providers, both operated through Firebase Authentication:

• Sign in with Apple. Apple sends us your name (only on first sign-in, as Apple's policy requires you to grant or hide your name once) and either your real email address or an Apple-generated relay address (when you choose Hide My Email). The relay address works equally well for support correspondence.
• Sign in with Google. Google sends us your name, email address, and profile picture URL.

From either provider we receive a stable identifier issued by the provider, an authentication token, and a refresh token. Firebase Authentication assigns you a Firebase user identifier (UID) that we use as the key for any data we store about you on our servers. We do not collect your password; the providers handle authentication entirely on their side.

Knitlex saves the following on your iPhone or iPad using Apple's standard local-storage mechanisms (UserDefaults for small flags and SwiftData for structured data, backed by SQLite inside the app's sandboxed container):

• Your Firebase user identifier and the timestamp of your last sign-in.
• Your study profile (exam date, daily target mode, daily target value, onboarding progress).
• Your active and previous keyword sets (the 3–5 free-text keywords you provide to flavour content, with the date you set them).
• The vocabulary catalogue and the speaking-content catalogue (generic teaching content shared by all users, downloaded once on first launch).
• Your spaced-repetition state for each word (card type, ease factor, interval, due date, repetition count, lapse count).
• Your review log (every rating you give to a card, with latency, before-and-after interval, and timestamp).
• Your read-aloud fluency log (a "did I say it" boolean and a 1–3 confidence rating; see the read-aloud section below).
• Your speaking-practice log (preparation seconds, response seconds, confidence rating, timestamp).
• The personalised vocabulary sentences, speaking prompts, and academic phrases generated for your active keyword set, cached locally so review never blocks on the network.
• Your local notification preferences and your subscription state cached from the App Store.

This information stays on the device. With one exception (the keywords you set, which are also stored on our servers under your account so the personalised content can be regenerated for a new device), nothing in the list above is transmitted to Sylvanity or to any third party. Uninstalling the app removes the on-device copy. Signing out clears the on-device copy of your study profile, keyword sets, cards, reviews, personalised content, and fluency log; it does not clear the read-only catalogue and does not delete data held on our servers (see the account-deletion section below).

We use Firebase as the back-end platform for Knitlex. The Firebase project is hosted in Google Cloud regions inside the European Union: Firestore in multi-region eur3 (Belgium and the Netherlands) and Cloud Functions in europe-west1 (Belgium). The following information about you is held there, keyed by your Firebase UID:

• Firebase Authentication record. Your UID, the providers you have linked (Apple, Google, or both), the email address received from the provider, the display name received from the provider, the creation and last sign-in timestamps, and a refresh token.
• Personalised vocabulary sentences at users/{uid}/personalizedExamples/{wordId}: the generated sentence text, the keywords used in it, the keyword-set identifier, the evaluator score, and a generation timestamp.
• Personalised speaking prompts at users/{uid}/personalizedSpeakingPrompts/{id}: the prompt text, sample answers, the task type, and the keyword-set identifier.
• Personalised academic phrases at users/{uid}/personalizedAcademicPhrases/{id}: the phrase, a usage note, and the keyword-set identifier.
• Subscription entitlement at users/{uid}/private/entitlement: which product you own (monthly subscription or lifetime), the original purchase date, the latest renewal date, the expiry date for subscriptions, and a flag indicating whether the entitlement was server-verified.

Access to server-side data is restricted by Firestore security rules: the read-only catalogues are readable by any signed-in user; per-user subcollections are readable only by the owner of the account; all writes are performed by Sylvanity-operated Cloud Functions using the Firebase Admin SDK and are denied to clients.

Knitlex personalises your example sentences, speaking prompts, and academic phrases by sending the keywords you provide to a large-language-model provider, OpenAI, in the United States. This is the only part of Knitlex that involves a transfer of any user-supplied data outside the European Union.

For each generation request, our Cloud Function in europe-west1 sends the following to OpenAI's gpt-4o-mini model API:

• The target word or speaking task being generated for (text, part of speech, definition, task type).
• Your keywords as plain text (for example, "data science", "logistics", "last-mile delivery").
• Generation parameters (length, count, response format).

OpenAI processes the request, returns a generated sentence or prompt, and our Cloud Function evaluates the result against quality criteria (target word used correctly, register, keyword integration, length). Failed outputs are regenerated up to twice. Successful outputs are written to your per-user Firestore subcollection and synchronised to your device.

OpenAI processes data on our behalf as a sub-processor under a Data Processing Addendum that incorporates the European Commission's Standard Contractual Clauses (Decision (EU) 2021/914) as the transfer mechanism. Under our agreement with OpenAI, content sent through the API is not used to train OpenAI's models. OpenAI's privacy practices and processing terms are described at openai.com/policies/privacy-policy and openai.com/policies/business-terms.

If we change the underlying model or provider, we will update this policy. The provider is wrapped behind an internal abstraction so that the categories of data sent (target word and keywords) stay the same regardless of which model is in use.

Knitlex offers two purchase options, both processed by Apple through StoreKit:

• Knitlex Monthly – an auto-renewing subscription with a 7-day free introductory offer for first-time subscribers.
• Knitlex Lifetime – a one-time, non-consumable in-app purchase that grants permanent access.

Apple is the merchant of record. Your payment details, billing address, and tax information are handled by Apple under its own privacy policy. Sylvanity never sees your payment card or your full billing address.

When a purchase or renewal occurs, the StoreKit framework on your device delivers a signed transaction to the app. The app sends the transaction details (product identifier, original transaction identifier, latest transaction identifier, purchase date, expiration date, transaction signature) to our linkSubscription Cloud Function in europe-west1. The function records the entitlement at users/{uid}/private/entitlement so your subscription survives a device change. Sylvanity does not currently use a third-party subscription-management service such as RevenueCat; the entitlement record is held only in our own Firestore database.

Apple shares with us only what is needed to fulfil the purchase: the product identifier, the transaction identifier, the original purchase date, the renewal date, and (when we enable Apple's App Store Server Notifications) refund and cancellation events. Apple does not share your name, email address, or payment information with us.

Knitlex schedules local notifications on your device using Apple's UNUserNotificationCenter. The app does not register for Apple Push Notification service and does not use Firebase Cloud Messaging for remote pushes; nothing is sent to your device from our servers.

• A daily review reminder that fires at a time you choose. The body adapts to the state of your review queue at the moment the app last refreshed it.
• A one-shot milestone reminder that fires seven days before your exam date.

The notification authorisation prompt is shown only when you turn the daily reminder on for the first time, never at app launch.

The optional Lock-Screen Live Activity displays your exam-date countdown and the number of cards due today. It is rendered by a small widget extension that reads only data already held on the device. No additional information is collected and nothing is sent off the device. You can turn the Live Activity on or off in Settings.

After you reveal a definition during vocabulary review, Knitlex shows the example sentence and asks you to say it out loud. You then tap two controls: a "did I say it" checkbox and a 1-to-3 confidence rating.

Knitlex requests no sensitive runtime permission. The app does not access the camera, microphone, location, contacts, photos, calendar, reminders, motion data, Bluetooth, speech recognition, or HealthKit. The only authorisation prompt the app ever shows is the standard iOS notification prompt, and that is only shown when you choose to turn on the daily review reminder. The app's Info.plist contains no NS*UsageDescription entries because none are required.

Required-reason API use

Apple requires apps to declare specific reasons for using certain "required-reason" APIs in a PrivacyInfo.xcprivacy manifest. Knitlex's manifest declares one such use: access to UserDefaults for reason code CA92.1 (saving the user's settings on the device). No other required-reason APIs are used. The manifest also declares NSPrivacyTracking as false and an empty NSPrivacyTrackingDomains list, reflecting that no tracking takes place.

What we do not do

• No analytics. Knitlex does not use Firebase Analytics or any third-party analytics SDK. The Firebase project is configured with IS_ANALYTICS_ENABLED set to false.
• No crash reporting. Knitlex does not use Firebase Crashlytics or any third-party crash-reporting SDK.
• No advertising and no advertising identifiers. The IDFA is not accessed. The App Tracking Transparency prompt is not shown because no tracking takes place.
• No social or chat features. Knitlex has no friend lists, no leaderboards, no messaging, and no user-generated content visible to other users.
• No location processing of any kind. The app does not request location permission and does not derive your location from your IP address.

If we add any of the above in a future version (for example, optional crash reporting), we will update this policy and disclose the change in the App Store release notes for that version.

Libraries embedded in the app

• Firebase iOS SDK (FirebaseAuth, FirebaseFirestore, FirebaseFunctions) for authentication, server-side storage of your personalised content, and calling our Cloud Functions. Firebase is a service of Google LLC.
• Google Sign-In iOS SDK (GoogleSignIn, GoogleSignInSwift) for the Google sign-in flow.
• Transitive Google libraries required by the SDKs above (GoogleUtilities, GoogleDataTransport, GoogleAppMeasurement, gRPC, Protocol Buffers, AppCheck, AppAuth, GTMSessionFetcher, nanopb, leveldb, abseil, promises). These are runtime dependencies of Firebase and Google Sign-In and are not separately initialised by Knitlex.

The app uses Apple's standard frameworks (SwiftUI, SwiftData, StoreKit, WidgetKit, ActivityKit, Charts, AuthenticationServices, UserNotifications), which process data under Apple's own privacy terms.

Sub-processors

Retention

• On-device data is retained for as long as the app is installed. Signing out clears the on-device copy of your user-scoped data; uninstalling clears everything else.
• Your Firebase Authentication record is retained until you ask us to delete your account.
• Your personalised vocabulary sentences, speaking prompts, and academic phrases are retained for as long as your account exists. When you change keywords, the old keyword set is marked replaced and its content is no longer surfaced in the app, but the records are kept for audit.
• Your subscription entitlement record is retained for as long as your account exists, plus a reasonable period after cancellation for support and accounting.
• Operational logs of Cloud Function executions (HTTP status codes, error messages, timing) are retained by Google Cloud Logging under Google's default retention windows. These logs do not contain your keywords or generated content.
• OpenAI retains API request data under its own retention policy. We do not retain a copy of the requests we send to OpenAI; we retain only the generated outputs that pass evaluation.

International transfers

The bulk of your data stays inside the European Union (Firestore in eur3, Cloud Functions in europe-west1). Two transfers leave the EU:

• Firebase Authentication and Google Sign-In involve Google's global identity infrastructure, which spans the United States and other regions. Covered by the European Commission's Standard Contractual Clauses (Decision (EU) 2021/914), incorporated into Google's terms with Sylvanity.
• Generation requests sent to OpenAI are processed in the United States. Covered by the Standard Contractual Clauses, incorporated into our agreement with OpenAI.

Your rights under GDPR and equivalent laws

Under the EU GDPR (and equivalent laws in the United Kingdom, California, Brazil, and other jurisdictions), you have rights of access, rectification, erasure, restriction, portability, and objection regarding personal data held about you.

• Access and portability. Email info@sylvanity.eu from the email address on your account, and we will export your Firebase Authentication record, your keyword sets, your personalised content, and your entitlement record in a machine-readable format.
• Rectification. The display name on your account comes from your sign-in provider; updating it there will flow through to us at next sign-in. Your keywords can be edited inside the app, subject to a 7-day rate limit.
• Restriction and objection. Signing out stops all generation requests and stops any further data being written to your account. Cancelling your subscription stops all subscription-related processing.

You also have the right to lodge a complaint with your national data protection authority. In the Netherlands this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).

Account deletion

You can delete your Knitlex account in either of two ways:

• From inside the app. Settings → Account → Delete account. This signs you out, clears the on-device copy of your data, and instructs our servers to delete your Firebase Authentication record, your keyword sets, your personalised content, and your entitlement record.
• By email. Email info@sylvanity.eu from the email address on your account, asking us to delete your account. We will confirm and complete the deletion within 30 days.

Deleting your Knitlex account does not cancel any active App Store subscription. To cancel an active subscription, use Settings → [your name] → Subscriptions on your iPhone or iPad. Apple retains transaction records under its own retention policy for tax and audit purposes; these are outside Sylvanity's control.

Children

Knitlex is intended for adults preparing for the TOEFL examination, typically university applicants and professionals. It is not directed at children, is not listed in the App Store Kids Category, and we do not knowingly collect personal information from anyone under 16 years of age. If you believe a child under 16 has created a Knitlex account, please contact us and we will delete the account.

Security

On-device data is protected by your device's standard sandboxing and disk encryption. All communication with Firebase and our Cloud Functions takes place over TLS. Firebase Authentication tokens are short-lived and refreshed by the SDK. Server-side data is held in Google Cloud regions inside the European Union with Google's default encryption at rest. Sylvanity operates no infrastructure of its own beyond the Firebase project.

Changes to this policy

If this policy ever changes (for example, if we add crash reporting, change the content-generation provider, ship on Android, or add iCloud synchronisation), we will update this page and the "Last updated" date at the top. Material changes will also be noted in the App Store release notes for the relevant version.

Questions about this policy or about the app's privacy practices? Contact us:

Sylvanity B.V.
Treubstraat 21 U314
2288 EH Rijswijk
The Netherlands

KvK: 96488646
BTW: NL867632860B01

Email: info@sylvanity.eu