Privacy Policy

Crammify ("we," "us") is operated by Clawmark Studio. We collect the minimum information needed to run a flashcard service: your account email, the notes you submit for flashcard generation, and basic usage analytics. We never sell your data. We never train AI models on your data.

• Account info: email and (if you signed in with Google/Apple) display name. If you signed up with email + password, only your email and a salted password hash are stored — we never see your plaintext password.
• Content you submit: notes or topics you paste into the flashcard generator. Stored in our database so you can revisit decks.
• Generated flashcards: the cards Crammify creates for you. Stored on your account.
• Subscription info: tier, billing cycle, and payment status. All billing is handled by Apple In-App Purchase — we never see your card details.
• Usage analytics: page views, feature usage, error logs. Aggregated, no personal identifiers in analytics.
• Device info: browser type, OS version, screen size — for compatibility and bug fixes.

• We do not collect your phone number, address, or financial info beyond what Apple (for in-app purchases) requires for billing.
• We do not access your microphone or contacts.
• We do not track you across other websites.
• We do not sell, rent, or share your data with marketing companies.

Camera + Photo Library access: the iOS app may request access only when you choose to upload a photo of your notes to generate flashcards. The image is sent to Anthropic for OCR + flashcard generation, then discarded. We do not store or share photos. iOS will ask permission before each first use; you can revoke access anytime in iPhone Settings → Crammify.

• To generate flashcards via Anthropic's Claude API.
• To save your decks so you can come back to them.
• To enforce subscription limits (free tier vs paid).
• To send transactional email (receipts, password resets, important account alerts). No marketing email unless you opt in.
• To improve Crammify by analyzing aggregate usage patterns.

When you generate flashcards, your input is sent to Anthropic's Claude API. Anthropic does not train its models on your data. Your content is processed to generate flashcards, then discarded by Anthropic per their API data policy.

We store your generated flashcards in our database so you can revisit them. You can delete any deck (and all its cards) from your account at any time.

The Free tier shows non-personalized, kid-safe ads in two places:

• Web: contextual ads via Google AdSense with kid-directed treatment flagged.
• iOS app: banner ads via Google AdMob with non-personalized ads (NPA) enabled and content rating capped at G (kid-safe).

We do not track behavior for advertising. No behavioral profiling, no cross-site tracking, no advertising ID. You can opt out of personalized ads at adssettings.google.com. All paid tiers (Plus, Pro, Lifetime) are 100% ad-free on every device.

Crammify is intended for users 13 and older. We do not knowingly collect information from children under 13. If you believe a child under 13 has given us information, contact us at privacy@crammify.com and we will delete it.

Crammify's founder is 13 years old. The legal entity (Clawmark Studio) is operated by an adult guardian who handles all legal, financial, and data-protection compliance.

• Access: see all data we have on you, anytime, from your account page.
• Correction: update your account info from the account page.
• Deletion: delete your account at any time. We delete all your data within 30 days.
• Portability: export all your data anytime from your account page (/account → Export my data). Free for all users.
• Opt-out: turn off marketing email (if you opted in) from your account page.

We use industry-standard encryption (HTTPS) for all traffic. Email + password sign-ins store only a salted password hash (we never see your plaintext password). Subscription billing on iOS is handled entirely by Apple via In-App Purchase (we never see your card details).

No system is perfectly secure. If we discover a breach affecting your data, we will notify you within 72 hours.

We rely on these third parties to run Crammify:

• Vercel — hosting
• Supabase — database and authentication
• Apple — In-App Purchase billing for Plus + Pro subscriptions (iOS), Sign in with Apple
• RevenueCat — subscription state reconciliation between Apple and our database
• Anthropic — AI flashcard generation (Claude)
• Resend — transactional email (welcome, account notifications)
• Google — sign-in (OAuth) + contextual ads (Free tier on web, no tracking)

Each has its own privacy policy. We chose them for their strong data practices.

If we change this policy materially, we will notify you by email and post an updated version. Continuing to use Crammify after changes means you agree to the new policy.

Questions, concerns, data requests: privacy@crammify.com