Privacy Policy

This is a convenience translation. The legally binding version is the German one: Datenschutzerklärung.

The essentials at a glance: All teaching and student data stays locally on your device. There is no Swipe'N'Teach account and no central server for student data. The licence server processes only the minimum necessary to activate your licence. This website uses no tracking or analytics cookies.

1. Controller

The controller responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is:

2. Scope

This privacy policy applies to the website swipenteach.app as well as to the Swipe'N'Teach apps for iOS and Android. It explains which personal data we process, for what purpose, and on what legal basis.

3. Data in the app (local processing)

Swipe'N'Teach is designed as a local-first application. All teaching data you record — in particular names, assessments, grades, classes, timetables and notes — is stored exclusively in the local app database on your device. Student names are additionally stored with field-level encryption. We, as the provider, have no access to this data.

For the personal data of third parties processed in the app (in particular students), you as a teacher, or your school, are responsible under data protection law (see Section 13).

Optional cloud sync / backup: If you enable iCloud synchronisation on iOS/iPadOS, your data is synchronised via your personal, end-to-end encrypted iCloud container provided by Apple. We have no access to it. On Android, you can create local, encrypted backup files as needed, which you store or share yourself.

Legal basis: performance of a contract (Art. 6 para. 1 lit. b GDPR) or the processing that falls within your responsibility as a teacher.

4. Licence server (activation and verification)

To activate your licence and to protect against misuse, we process the following data on a server (provider: Supabase, hosting in the EU):

• your licence or school key,
• a pseudonymous device token (device identifier),
• for school licences: the first and last name of the teacher (so the school management can assign the licence seat),
• the time and status of activation as well as a regular status check (roughly every 7 days).

Legal basis: performance of a contract (Art. 6 para. 1 lit. b GDPR) as well as our legitimate interest in licence and abuse protection (Art. 6 para. 1 lit. f GDPR). A data processing agreement pursuant to Art. 28 GDPR is in place with Supabase.

5. Website hosting and server log files

This website is hosted by STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany. When the website is accessed, the server automatically collects so-called server log files: IP address, date and time of access, the page accessed, the amount of data transferred, the referrer URL, and browser and operating system information. The purpose is the technical delivery, stability and security of the website. The legal basis is our legitimate interest (Art. 6 para. 1 lit. f GDPR). The log files are stored only for a short period and then deleted. A data processing agreement pursuant to Art. 28 GDPR is in place.

6. Cookies and reach measurement

This website does not set any tracking, analytics or marketing cookies of its own; in particular, Google Analytics is not used. Cookies or comparable technologies may only be set by the services listed below that you actively use (newsletter, spam protection). The "Inter" font is not loaded from Google Fonts — no corresponding transfer to Google takes place.

7. Newsletter

To send our newsletter, we use the service MailerLite (provider: UAB "MailerLite", Paupio g. 28, 11341 Vilnius, Lithuania). When you subscribe, we process the data you provide (email address, and where applicable your name and role, as well as any interest in school licences) for the purpose of sending the newsletter. Subscription takes place via the double opt-in procedure: you first receive a confirmation email and are only added to the distribution list after you confirm.

The legal basis is your consent (Art. 6 para. 1 lit. a GDPR). You can unsubscribe from the newsletter at any time via the unsubscribe link in every email or by message to support@swipenteach.app; the withdrawal takes effect for the future. A data processing agreement pursuant to Art. 28 GDPR is in place with MailerLite. Details: MailerLite privacy policy.

8. Spam protection (Google reCAPTCHA)

The newsletter form is protected against automated sign-ups by Google reCAPTCHA (provider: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland). reCAPTCHA analyses your usage behaviour based on various characteristics (including IP address) and is only loaded when you open the newsletter form. The legal basis is our legitimate interest in defending against spam and misuse (Art. 6 para. 1 lit. f GDPR). This may involve a transfer to Google in the USA; such transfer is based on an adequacy decision or the EU standard contractual clauses. Details: Google privacy policy.

9. Contact and presentation requests

If you contact us by email or use the form to request a school presentation, we process your details (e.g. name, email address, school, and where applicable phone number and the content of your message) solely to handle your request. The form data is stored on our licence server (Supabase, EU); for sending emails we use the service Resend (Resend, Inc., USA), with the transfer being based on the EU standard contractual clauses. The legal basis is Art. 6 para. 1 lit. b or lit. f GDPR. The data is deleted once the request has been conclusively handled and no statutory retention obligations stand in the way.

10. App stores and subscriptions

The app is downloaded and subscriptions are purchased via the Apple App Store or Google Play. These platforms process account and payment data as independent controllers; their respective privacy policies apply. From the stores we receive only aggregated or anonymised sales and subscription-status information, but no payment data.

11. Recipients and transfers to third countries

As processors, we use STRATO (EU/Germany), Supabase (EU), MailerLite (EU/Lithuania) and Resend (USA). Google reCAPTCHA is used for spam protection. In connection with the app stores, Apple (Apple Distribution International Ltd., Ireland) and Google (Google Ireland Ltd., Ireland) process data. Where this involves a transfer to third countries (e.g. the USA), this takes place on the basis of an adequacy decision or the EU standard contractual clauses.

12. Storage period

We store personal data only for as long as is necessary for the respective purposes or as required by statutory retention periods. Server log files are deleted within a short time; licence data is processed for the duration of the licence use and is then deleted or anonymised.

13. Your rights

With regard to your personal data, you have the following rights vis-à-vis the controller: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and the right to object to processing (Art. 21 GDPR). You can withdraw any consent you have given at any time with effect for the future (Art. 7 para. 3 GDPR). To exercise these rights, an informal message to support@swipenteach.app is sufficient.

14. Right to lodge a complaint and supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data. The authority responsible for the controller is:

15. Note for schools and teachers

When student data is processed in the app, the respective school or teacher is responsible under data protection law. Please observe the data protection requirements of your federal state and your school. Swipe'N'Teach is deliberately designed so that this data generally does not leave the device.

This privacy policy was last updated: June 2026.