Privacy Policy
This Privacy Policy describes how Philosopher's Stone Quiz ("we", "our", "the app") collects, uses, and protects information about you when you use our iOS application.
1. Information we collect
Account information
When you sign up, we collect:
- Email address
- Password (stored securely as a hash — we never see your plain password)
- Display name
If you sign in with Apple, we receive an Apple-provided identifier and (optionally) your email and name.
Quiz activity
- Your answers to quiz questions
- Quiz scores and progress per chapter
- Timestamps of when you play
Voice input (microphone & speech recognition)
If you choose to speak your answers instead of typing, we record your microphone audio while you hold the mic button and convert it to text. How that conversion happens depends on your selected language:
- English: transcription runs entirely on your device using Apple's on-device speech recognition. Your audio is not sent over the internet to us, Apple, or anyone else.
- Russian: Apple does not currently ship an on-device Russian speech model, so audio is sent to Apple's online speech recognition service for transcription and processed under Apple's privacy policy.
In both cases, the resulting text is what gets sent to our backend as your "answer" — we never receive, store, or transmit your raw microphone audio ourselves. iOS will ask you for microphone and speech-recognition permission the first time you tap the mic; you can revoke either permission at any time in Settings → Privacy & Security.
Subscription information
- Subscription status (active/inactive)
- Apple-generated transaction identifier
- Purchase and renewal dates
We do not see or store your credit card, Apple ID password, or payment details. All payments are processed by Apple.
2. How we use your information
- To create and manage your account
- To save your quiz progress and show it on your device
- To generate quiz questions and evaluate your answers (via OpenAI)
- To verify your subscription status (via RevenueCat)
- To display the leaderboard (your display name and total score, visible to other users)
- To respond to support requests
3. Third-party services
We use the following third-party services to operate the app. Each has its own privacy policy.
- Supabase — stores your account and quiz progress. Privacy Policy
- OpenAI — processes your quiz answers to generate conversational feedback. Your messages are sent to OpenAI's GPT-4o-mini for analysis. Privacy Policy
- RevenueCat — manages subscription status. Privacy Policy
- Apple — handles payments, Sign in with Apple, app distribution, and speech recognition (on-device for English; via Apple's online speech recognition service for Russian). Privacy Policy
- Railway — hosts our backend servers. Privacy Policy
4. Data retention
We keep your account data as long as your account is active. If you delete your account (email us at magic.potter.go@gmail.com), we permanently delete all associated data within 30 days, except where we're required to keep it for legal or tax reasons (e.g. transaction records).
5. Your rights
You have the right to:
- Access your data — email us and we'll send you a copy
- Correct your data — most fields can be updated from within the app
- Delete your account and data — email us at magic.potter.go@gmail.com
- Export your data — email us for a machine-readable copy
- Opt out of leaderboard — email us and we'll hide your name from the public leaderboard
6. Children's privacy
The app is rated 4+ and suitable for all ages, but we do not knowingly collect information from children under 13 without parental consent. If you're a parent and believe your child under 13 has created an account, email us and we'll remove the account promptly.
7. Security
We take security seriously:
- Passwords are stored as hashes, never in plain text
- All data is transmitted over HTTPS
- Database access is restricted by row-level security
- Payment details never touch our servers (handled by Apple)
8. International data transfer
Our servers are hosted in the EU (Supabase, Ireland) and other regions via Railway. Your data may be transferred to and processed in countries outside your own, including the United States. We use providers who comply with industry-standard data protection practices.
9. Changes to this policy
We may update this Privacy Policy from time to time. We'll post any changes here with an updated "Last updated" date. For material changes, we'll notify you via the app or email.
10. Contact
Questions about privacy? Email us: