Effective date: 08.06.2026
Version: 1.0
Controller and contact
The controller of personal data processed in connection with the use of RevoMemo is the operator of the RevoMemo service. For privacy matters, contact us by e-mail at contact@revomemo.com.
RevoMemo is available at revomemo.com and app.revomemo.com and is currently provided as a product beta.
Scope of this policy
This Privacy Policy explains:
- what data we process,
- for what purposes and on what legal bases,
- who we share data with,
- how long we store it,
- what rights users have.
What data we process
Depending on how RevoMemo is used, we may process the following categories of data:
Account and identification data
- e-mail address,
- user identifier,
- data necessary for login and session maintenance,
- information about the login method.
Authentication data
If you use Google login, we may receive basic profile data from the identity provider, such as:
- e-mail address,
- profile name or display name,
- provider account identifier,
- profile photo, if it is shared with us and available within the requested permissions.
Service usage data
- information about the Free / Pro plan,
- information about the subscription and its period,
- Stardust balance and Stardust usage history,
- activity history in the Application,
- preference configuration,
- learning progress data,
- interaction data relating to learning, analytics, and generator features.
User materials
- flashcards,
- content entered into the AI generator,
- content edited by the user,
- complaint reports about flashcards and audio,
- other data and content saved in the Application.
Payment and billing data
For payments, we do not process full payment card details in our own systems. Payments are handled by Stripe. We may process:
- payment identifier,
- payment status,
- scope of the ordered service,
- transaction value,
- billing data provided during the purchase process to the extent necessary to handle the transaction, accounting, complaints, and settlements.
Contact data and correspondence
If you contact us through a form or by e-mail, we may process:
- e-mail address,
- name or signature, if you provide it,
- message content,
- attachments,
- correspondence history.
Technical and diagnostic data
- IP address,
- session identifiers,
- server logs,
- device, system, and browser data,
- information about errors, failures, and performance,
- data from technical monitoring and security systems.
Analytics data
If you consent to analytics where consent is required, we may process events relating to the use of RevoMemo, such as:
- page views,
- clicks,
- transitions between screens,
- product events related to learning and feature usage,
- statistical and aggregated data.
Purposes and legal bases of processing
We process personal data primarily on the basis of Article 6(1)(b), (c), and (f) GDPR, and in appropriate cases also Article 6(1)(a) GDPR.
Performance of a contract or steps before entering into a contract
Legal basis: Article 6(1)(b) GDPR
Purposes:
- creating and maintaining an account,
- login and authentication,
- providing RevoMemo features,
- enabling flashcard learning,
- performing the Pro subscription,
- handling and settling Stardust,
- generating flashcards, sentences, and audio,
- recognizing and handling complaints about generated results,
- making saved user materials available.
Compliance with legal obligations
Legal basis: Article 6(1)(c) GDPR
Purposes:
- accounting and tax settlements,
- handling statutory consumer rights,
- storing documentation required by law,
- responding to legally justified requests from authorities.
Legitimate interests of the controller
Legal basis: Article 6(1)(f) GDPR
Purposes:
- ensuring service security,
- preventing abuse,
- detecting errors and diagnosing failures,
- maintaining system stability,
- handling complaints and defending against claims,
- developing and improving RevoMemo based on anonymous or appropriately limited data about application usage,
- internal quality analysis of AI and audio features,
- organizational and service communication with the user.
Consent
Legal basis: Article 6(1)(a) GDPR
Purposes:
- use of analytics cookies and similar technologies on the website or in the application, if a given technology requires consent,
- other activities for which we ask for consent directly.
If we launch a newsletter or other marketing communications in the future, they will be sent on a separate legal basis and after providing appropriate information.
E-mail communication
In connection with the use of RevoMemo, we may send transactional and service messages, in particular:
- registration confirmation,
- magic link or login code,
- password reset,
- security notices related to the account,
- messages about payments, subscriptions, or Stardust,
- notices about material changes to the Terms of Service or Privacy Policy,
- onboarding messages directly related to the start of using the Service.
Such messages are part of providing the Service and are not a marketing newsletter.
Automated content generation and AI
RevoMemo uses artificial intelligence tools to generate educational content, including flashcards, sentences, examples, and audio.
As part of this process, we may provide technology providers with:
- text entered by the user,
- selected technical parameters of the request,
- content necessary to generate the result.
We do not use this function to make decisions about the user that produce legal effects or similarly significantly affect the user within the meaning of Article 22 GDPR.
AI results may be inaccurate, so the user may assess them, edit them, and in certain cases report them for correction or complaint handling.
Data recipients and providers
We use processors and other providers that support the operation of RevoMemo. Depending on the function, these may include in particular:
Supabase
We use Supabase for authentication, sessions, and selected backend functions.
If you log in through Google, Google acts as the identity provider and we receive from Google the data needed to complete login.
Stripe
Stripe handles payments for the Pro Subscription and Stardust.
OpenAI
OpenAI supports generation of selected AI content in RevoMemo.
ElevenLabs
ElevenLabs supports audio generation or processing.
Sentry
Sentry is used to monitor technical errors, failures, and performance.
PostHog
PostHog is used for product analytics and RevoMemo development based on feature usage data.
Hosting, infrastructure, and e-mail providers
We may also share data with entities supporting hosting, maintenance, security, e-mail, contact forms, report handling, or technical support.
Each data transfer takes place only to the extent necessary for the relevant purpose.
Transfers outside the EEA
In connection with the use of global technology providers, data may be transferred outside the European Economic Area.
In such cases, we apply appropriate safeguards required by the GDPR, in particular:
- adequacy decisions,
- standard contractual clauses,
- other appropriate mechanisms provided by law.
If you want more information about the safeguards used, contact us.
How long we store data
The storage period depends on the processing purpose.
Account and user materials
We generally store them for the period during which the account remains active and for the period necessary to perform the contract, settle services, handle complaints, ensure continuity of operation, and defend against claims.
Payment and billing data
We store it for the period required by accounting, tax, and claims-related regulations.
Contact data and correspondence
We store it for the time needed to handle the matter and then for the period necessary to demonstrate its course and defend against claims.
Technical logs and diagnostic data
We store them for the period needed to ensure security, detect abuse, analyze failures, and maintain operational stability.
Analytics data
We store it for the time needed to analyze trends, develop the product, and pursue statistical purposes, taking into account retention settings in analytics tools and the data minimization obligation.
More specific retention periods may be provided in response to an individual question or in additional product information.
Your rights
You have the right to:
- access your data,
- correct your data,
- delete your data,
- restrict processing,
- data portability,
- object to processing based on Article 6(1)(f) GDPR,
- withdraw consent at any time if processing is based on consent,
- lodge a complaint with the competent supervisory authority.
In Poland, the competent supervisory authority is the President of the Personal Data Protection Office.
Cookies and similar technologies
Detailed information about cookies and similar technologies is available in the Cookie Policy.
In short:
- essential technologies are used when necessary for the website or application to work,
- analytics and similar technologies are launched in accordance with applicable law and, where required, after obtaining user consent.
Security
We apply appropriate technical and organizational measures proportionate to the risk, including measures designed to protect accounts, limit access, monitor errors and security, and secure communications and infrastructure.
However, no method of transmission or storage guarantees 100% security.
Children
RevoMemo is not designed as a service intended for independent use by young children. The service is intended for people who are at least 16 years old, and younger users may use it only with the consent and under the supervision of a parent or guardian, if permitted by applicable law.
Changes to this Privacy Policy
We may update this Privacy Policy, in particular in the event of:
- changes in law,
- functional changes in RevoMemo,
- changes in providers,
- changes in the payment, analytics, or security model.
In the event of material changes, we will inform users in a reasonable way, for example by e-mail or a notice in the application.
Contact
For privacy matters, you can contact us at: contact@revomemo.com