Last Updated: January 20, 2026
This Privacy Policy explains how PDA Question (the “App”) collects, uses, stores, and shares information when you use the App. We provide the App.
App provider: PDA Question App Contact: PDAQuestionApp@gmail.com Location: San Diego, CA, USA
The App does not require an account to use core features. Most user data (history, favorites, notes, ratings, settings) is stored locally on your device. When you submit a question for AI generation, your text is sent to our backend and then forwarded to an AI service provider to generate the response. We collect limited security telemetry (such as device model and IP address if available) to protect the App from abuse and to keep systems reliable.
We take children’s privacy seriously. To provide age-appropriate responses: • We collect the child’s age to tailor AI responses appropriately • Age is stored ONLY as a number, NOT linked to any names or identities • Age is NOT connected to email addresses or device identifiers • Age is NOT shared with third parties • Age is used solely for generating appropriate content
What we DO NOT collect from children: • Names • Email addresses (except voluntary parent feedback) • Location data beyond country-level • Photos or personal information • Any personally identifiable information
All preferences are stored locally on your device. We maintain strict data minimization practices to protect children’s privacy.
The Professional Letters feature allows you to generate customized letters to schools and professionals: • This feature optionally collects your child’s name to personalize the letter content • Your child’s name is ONLY used locally on your device to fill in letter templates • Names entered for letters are NEVER transmitted to our servers • Names are NOT stored permanently or linked to any analytics • You can review and edit all letter content before saving or sharing • This feature is completely optional - you can use the app without generating letters
When you use the App, you may enter or generate content such as: • Questions you submit • Generated responses (explanations and conversations) • Notes you write • Items you save (history, favorites) • Optional ratings or feedback you record inside the App
Where it lives: This content is stored locally on your device, unless you choose to share it using the system share sheet.
To help protect the App and backend from abuse, fraud, and attacks, the App and/or backend may automatically process and log: • Device information: device model and OS version • Network information: IP address (if available to our backend), request timestamps • Security events: authentication failures, rate-limiting events, suspicious input patterns, and similar security signals • Headers used for security controls: app token and device identifier
Purpose: security monitoring, abuse prevention, rate limiting, and system integrity.
The App generates a random device identifier (UUID) on your device and stores it securely in the Keychain. The App sends it to our backend (as X-Device-ID) for: • Rate limiting • Abuse prevention • Blocking malicious traffic
If you use the iOS system share sheet to export content (for example PDF, text, email, Messages), the exported content leaves the App through Apple’s sharing mechanisms and whichever app or service you select.
The App may store generated image prompts and returned image URLs locally. Images and related cache data may be stored locally for up to 7 days, then overwritten or cleared, unless you manually clear them sooner.
The App may record local-only usage stats (for example: counts, last used, theme preference usage, helpfulness ratings) on your device to improve your experience in the App.
We use information for the following purposes: • App functionality: provide history, favorites, notes, and sharing features • AI generation: send your submitted content to our backend and AI provider to generate responses you request • Security and abuse prevention: detect fraud, prevent abusive traffic, enforce rate limits, and maintain service reliability • Product improvement (local): improve the app experience using on-device insights
We share information only as described below.
We may share limited information with vendors who help us operate the App, such as: • Backend hosting / infrastructure provider: Vercel • AI service provider: OpenAI
These providers process data only to deliver services to us. We do not authorize them to use your data for their own advertising.
When you share content via the system share sheet, the data is shared with the destination you choose. We do not control how those destinations handle your data.
We may disclose information if we believe it is reasonably necessary to: • comply with law or valid legal process, • enforce our terms, • investigate or prevent abuse, fraud, or security incidents, • protect the rights, property, or safety of users or others.
We keep data only as long as necessary for the purposes described above.
Retained until you delete it using in-app controls, clear app data, or uninstall the App.
Cached locally for up to 7 days, then removed/overwritten, unless you clear cache sooner.
Security telemetry (including IP address if available, device info, device ID header, timestamps, and security event types) may be retained for up to 30 days for security, abuse prevention, and operational troubleshooting. We may retain certain records longer if required to comply with law, to resolve disputes, or to enforce agreements.
The App provides controls to help you manage your data, such as: • Delete local history • Clear cached data (including image cache) • Clear share history • Regenerate device identifier (if supported in Settings)
If you want us to delete data that may be stored server-side (for example, security logs tied to your device ID), contact us at PDAQuestionApp@gmail.com with your request and the device identifier shown in Settings (if the App displays it), or the approximate timestamps of your requests.
Depending on where you live, you may have rights to access, delete, or correct personal information.
If you are a California resident, you may have rights including the right to know, delete, opt out of sale or sharing, correct inaccurate information, and limit certain uses of sensitive personal information. We do not sell personal information and do not share personal information for cross-context behavioral advertising.
If GDPR applies, you may have rights including: right to be informed, access, rectification, erasure, restriction, portability, and objection (among others). To exercise these rights, contact PDAQuestionApp@gmail.com.
We do not use the information we collect to track you across other companies’ apps or websites for advertising.
We use reasonable administrative, technical, and organizational safeguards designed to protect information, including: • Encrypted connections (HTTPS/TLS) • Device-bound authentication • File protection for cached data • Input validation and sanitization • Rate limiting and abuse prevention
No system can be guaranteed 100% secure.
The App is intended for a general audience and is not directed to children under 13. We do not knowingly collect personal information from children under 13.
We may update this policy from time to time. If we make material changes, we will update the “Last Updated” date and may provide an in-app notice.
TODO: This file must be hosted at: https://pdaquestion.com/privacy OR: Use GitHub Pages, Vercel, or similar free hosting Update App Store Connect with privacy policy URL Must be accessible BEFORE app submission