Privacy Policy – Makker
Last Updated: January 2026 | Effective Date: January 1, 2026
Platform: Makker Language Learning App (18+)
Data Controller: RettSync (CVR: 46142306), Denmark
1. Introduction and Data Protection Commitment
RettSync (“we,” “us,” “our,” or “Company”) operates the
Makker language learning platform (the “Platform,” “App,” or
“Service”). We are deeply committed to protecting your privacy and ensuring
complete transparency regarding how we collect, utilize, and safeguard your personal data.
This Privacy Policy provides detailed information on the following:
- The types of data we collect
- The purpose and method of how we use your data
- Your rights under the General Data Protection Regulation (GDPR)
- The measures we take to protect your information
- How to contact us with any questions or concerns
User Acknowledgment: By using the Makker App, you acknowledge and agree to the terms of
this Privacy Policy. If you do not agree, please discontinue use of the Service.
2. Legal Basis for Data Processing (GDPR)
We process your personal data based on the following legal grounds, in compliance with the General Data
Protection Regulation (GDPR):
- Your Consent: For account creation, service improvements, and optional
communications.
- Contract Performance: To deliver the Makker language learning services as promised.
- Legal Obligations: To comply with mandatory requirements such as GDPR, tax law, and
data retention regulations.
- Legitimate Interests: To improve platform security, enhance user experience, and
prevent fraud or misuse.
3. What Data We Collect
Account Information
- Full name (optional)
- Email address
- Password (hashed, never stored in plain text)
- Display name and avatar
- Account creation date
Usage and Learning Data
- Scenarios completed
- Speaking practice recordings (processed temporarily for AI feedback)
- Vocabulary entries and progress
- Chat history with Makker personas
- Learning progress and performance metrics
- Roast room interactions
Technical Data
- Device type and OS version
- App version
- Session duration and frequency
- Error logs and crash reports
- User agent information
Data We Do NOT Collect
- Precise location data (IP-based location is processed instantly and is not retained)
- Biometric data (fingerprints, facial recognition)
- Health information or sensitive personal data
- Payment information (handled securely by the App Stores and never stored on our servers)
- Marketing tracking cookies
4. How We Use Your Data
Your data is essential for the following purposes:
- To provide personalized language learning experiences tailored to your learning style
- To track your progress and dynamically adjust the difficulty levels of the content
- To continuously improve Makker's features, content, and user interface
- To send service updates, security notifications, and important announcements
- To prevent fraud, abuse, unauthorized access, and platform misuse
- To comply with all applicable legal and regulatory obligations
- To respond effectively to your support inquiries and technical issues
- To analyze aggregated usage patterns to enhance the platform's performance
- To generate insights regarding the effectiveness of language learning methodologies
What We DO NOT Do:
- Selling to third-party advertisers or marketers
- Targeted advertising or behavioral tracking
- Creating shadow profiles
- Discriminatory profiling
5. Data Retention Policy
| Data Type |
Retention Period |
| Account Information |
Retained for the duration of an active account. |
| Chat History |
Stored indefinitely within your account, subject to user deletion at any time. |
| Vocabulary & Learning Logs |
Retained for tracking user progress; deleted upon account termination. |
| Speaking Practice Audio |
Processed temporarily for AI feedback; not subject to permanent storage. |
| IP-based Location Data |
Processed instantaneously; not retained. |
| Error Logs |
Retained for a maximum of 30 days for security and operational purposes. |
After Account Deletion:
- All personal data is permanently purged within 30 days.
- Backup copies are deleted within 90 days.
- Aggregated, anonymized analytics may be retained for research purposes.
6. Your Rights Under GDPR
As a resident of the EU/EEA or subject to GDPR protection, you maintain the following rights:
| Right |
Description |
| Right to Access (Art. 15) |
Request a complete copy of your personal data in a machine-readable format. |
| Right to Rectification (Art. 16) |
Correct inaccurate or incomplete information in your profile. |
| Right to Erasure (Art. 17) |
Delete your account and all associated personal data (Right to Be Forgotten). |
| Right to Restrict Processing (Art. 18) |
Limit how we use your data while we verify your request. |
| Right to Data Portability (Art. 20) |
Export data in a portable, machine-readable format (CSV/JSON). |
| Right to Object (Art. 21) |
Opt-out of non-essential data processing, such as marketing communications, usage analytics,
and A/B testing. |
| Right to Withdraw Consent |
Withdraw your consent at any time without penalty. Withdrawal does not affect the lawfulness
of processing before withdrawal. |
Right to Lodge a Complaint
If you believe we have violated your rights, you can lodge a complaint with your national data protection
authority:
- Denmark: Datatilsynet (www.datatilsynet.dk)
- Sweden: Datainspektionen (www.datainspektionen.se)
- Norway: Datatilsynet (www.datatilsynet.no)
How to Exercise Your Rights
To exercise any of these rights, please contact us via:
We commit to responding within 30 days. You may be required to verify your identity to protect your
privacy.
7. Data Sharing and Third Parties
We DO NOT:
- Sell, rent, lease, or share your personal data with advertisers or marketers
- Create shadow profiles or sell data to data brokers
- Share data for commercial purposes without your explicit consent
We MAY Share Data With:
We may share data with the following third parties only when necessary:
- Firebase (Google Cloud): Used for backend infrastructure, database storage, and
real-time synchronization.
- RevenueCat: Used for managing in-app subscriptions and purchase history.
- Apple App Store / Google Play Store: Handles all in-app transactions and billing
payment processing.
- AI Model Providers: We use third-party AI models (e.g., OpenAI, Google Gemini) to
power conversational features. Anonymous data may be shared to generate responses.
- Legal Requirements & Law Enforcement: We may disclose data if required by a
court order, subpoena, or applicable law.
All third-party partners are contractually bound by GDPR requirements and are mandated to maintain the
same privacy standards we uphold.
8. Children's Privacy
Makker is not directed to children under 18 years old. We do not knowingly collect personal data from anyone
under the age of 18.
Parental Rights
Parents or guardians can contact us to:
- Review data we have collected about their child
- Request deletion of their child's account
- Withdraw consent for data processing
- Request restrictions on how we use their child's data
Contact: makker@rettsync.com with proof of the
parental relationship.
9. International Data Transfers
Makker operates with servers in multiple regions, primarily EU-based (via Google Cloud and Firebase). If
you access the Platform from outside the EU/EEA, your data may be transferred to and processed in
different jurisdictions.
Legal Framework
We ensure all international transfers comply with:
- GDPR Chapter 5 (Transfers)
- Standard Contractual Clauses (SCCs) with all processors
- Adequacy decisions by the European Commission
By using Makker, you consent to such transfers.
10. Third-Party Integrations and External Links
Always review their privacy policies before providing personal information.
Third-Party Services:
11. Data Security Measures
We implement industry-standard security measures to protect your personal data, including:
- End-to-end encryption for sensitive data in transit
- Secure password hashing using industry-standard algorithms (never plain text)
- Regular security audits and penetration testing
- Access controls and role-based permissions
- Secure backup and disaster recovery procedures
- Compliance with data protection standards and certifications
While we strive to protect your data with robust security measures, no system is completely immune to
security breaches. We encourage you to use strong, unique passwords and enable two-factor authentication
where available.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect:
- Changes in our data practices
- New legal requirements
- Improvements to user privacy
Material changes (those that fundamentally affect your rights or data processing) will be communicated
via:
- In-app notification
- Email to your registered address
- An updated “Last Modified” date on this policy
Your continued use of Makker after updates constitutes your acceptance of the revised Privacy Policy.
13. Contact Us
For any questions regarding this Privacy Policy or to exercise your rights, please contact:
We are committed to maintaining transparent communication and will respond to your inquiries promptly.