Legal

Privacy Policy

Last updated: 12 June 2026

This policy explains what we collect when you use the Blacklaw iOS app, why, and your rights. The data controller is Pellar (contact: hello@pellar.co.uk).

What we collect

• Account data — email address, name, and sign-in identifiers (email/password, Sign in with Apple, or Google).
• Study data — questions answered, results, confidence ratings, timing, streaks, readiness scores, mock-exam results, and your onboarding answers (exam date, study hours, focus topics, study windows, attempt number, self-rated confidence, optional referral source).
• Subscription state — whether you hold an active subscription (billing itself is handled by Apple; we never see your payment details).
• Diagnostics — crash reports, performance data and error-session replays via Sentry. Replays aggressively mask all text and images by default; your answers and personal details are not visible in them.
• Usage analytics — via Google Firebase Analytics, only where you have allowed tracking through Apple's App Tracking Transparency prompt.
• Push token — if you enable study reminders, a device token for notifications.

Why we collect it

To operate your account and sync your progress across devices (contract); to compute your readiness analytics, which are the product's core function (contract); to fix crashes and improve reliability (legitimate interest); to send study reminders you switch on (consent); and to understand aggregate usage (consent via ATT).

Where it lives

• Supabase — primary database and authentication, hosted in the EU (London/eu-west-2).
• Google Firebase — authentication/notifications and analytics infrastructure (Google LLC, with appropriate safeguards for any non-UK/EU transfer).
• Sentry — error monitoring, EU ingestion (Germany).
• Apple — subscription billing under Apple's own privacy terms.

Retention and deletion

Your data is kept while your account exists. Deleting your account in the App (Account → Danger Zone → Delete Account) permanently removes your account and study data from our systems. Diagnostics age out automatically under Sentry's retention windows.

Your rights

Under UK GDPR you may request access, correction, deletion, portability, or restriction of your data, and you may withdraw consent (reminders, tracking) at any time in the App or device Settings. To exercise any right, email hello@pellar.co.uk. You may also complain to the ICO (ico.org.uk).

Children

Blacklaw is intended for users aged 16 and over and is not directed at children.

Changes

We will post any changes here and flag material changes in the App.