Byter Privacy Policy
Last updated: February 18, 2026. This policy explains what Byter collects, how data is processed, and how users can exercise privacy rights.
1) Data We Collect
| Category | Examples | How We Use It |
|---|---|---|
| Account and Profile Data | Email, auth identifiers, profile settings, persona preferences. | Sign-in, account safety, personalization, and support verification. |
| Practice and Usage Data | Problems served, answers, duel activity, streaks, counters, progress signals. | Core app functionality, scoring, quality control, and personalized learning flows. |
| Subscription Metadata | Plan tier, entitlement state, Apple transaction and receipt metadata. | Subscription validation, restore flows, anti-fraud checks, and billing support. |
| Device and Diagnostics | Device model, OS version, app version, crash logs, performance diagnostics. | Reliability improvements, bug triage, and abuse prevention. |
| Support Communications | Emails, screenshots, troubleshooting notes, escalation records. | Issue resolution, legal compliance, and service operations. |
2) How Data Is Collected
- Directly from users during account creation, profile updates, support contacts, and in-app activity.
- Automatically from app telemetry and system diagnostics needed for reliability and security.
- From Apple billing records for subscription verification and restore processing.
3) AI Processing
Byter uses AI models to generate challenges, evaluate answers, and provide feedback. To deliver these features, relevant user inputs such as prompt context, submitted code, and answer text may be sent to model providers.
Byter does not sell personal information. AI processing is used to provide core product functionality and improve quality and safety controls.
4) Third-Party Processors
- Supabase: authentication, database, and storage services.
- Apple: in-app subscription billing, receipt metadata, and payment processing.
- Google Gemini API: AI generation and grading workflows.
- Cloud infrastructure vendors: backend and website hosting operations.
Processors are used only as needed to operate the service and are bound by contractual controls.
5) Cookies and Website Tracking
The Byter marketing website does not currently run ad tracking or cross-site behavioral targeting scripts. Server and platform logs may still collect standard request metadata for security and reliability.
6) Retention and Deletion
- Active account data is retained while an account remains active.
- Verified deletion requests are queued within 7 days and removed from active systems within 30 days.
- Security, anti-fraud, or transaction records may be retained as legally required.
- Backups may persist until normal encrypted rotation cycles expire.
Deletion request flow: Delete Account.
7) User Rights
Depending on jurisdiction, users may request access, correction, deletion, restriction, objection, or data portability rights. Requests are reviewed case-by-case under applicable law.
Submit privacy requests to mani.byter@gmail.com.
8) Children’s Privacy
Byter is not directed to children under 13 and does not knowingly collect personal information from children under 13. If discovered, associated data is deleted promptly.
9) International Data Transfers
Byter services may process data in jurisdictions outside your residence depending on hosting and processor locations. Appropriate safeguards are applied where required by law.
10) Policy Updates and Contact
Policy updates are posted on this page with a new "Last updated" date. Material changes may also be communicated through app or support channels.
Operator: Byter (operated by Mani Bondari)
Privacy contact: mani.byter@gmail.com