PASCUA

Privacy Policy

Pascua — Catholic Faith Formation App for Children

Effective Date: June 8, 2026 Last Updated: June 8, 2026 Version: 1.0 Applies To: iOS · Android · All Platforms

> We take the privacy of children extremely seriously. This policy explains what data we collect, why we collect it, how we protect it, and your rights as a parent or guardian.

Frameworks: COPPA (16 CFR Part 312) · GDPR-K (Art. 8) · UU PDP No. 27/2022 · App Store 4+ Guidelines · Google Play Families Policy

---

Table of Contents

1. [Our Privacy Commitment](#1-our-privacy-commitment) 2. [Data We Collect](#2-data-we-collect) 3. [How We Use Data](#3-how-we-use-data) 4. [Third-Party Services](#4-third-party-services) 5. [Analytics & Tracking](#5-analytics--tracking) 6. [Data Storage & Security](#6-data-storage--security) 7. [Data Sharing & Disclosure](#7-data-sharing--disclosure) 8. [Parental Rights & Controls](#8-parental-rights--controls) 9. [Data Retention & Deletion](#9-data-retention--deletion) 10. [App Store 4+ Compliance](#10-app-store-4-compliance) 11. [International Data Transfers](#11-international-data-transfers) 12. [Changes to This Policy](#12-changes-to-this-policy) 13. [Contact & Data Requests](#13-contact--data-requests)

---

1. Our Privacy Commitment

> ⚡ Children's Privacy — Our Core Commitment > > Pascua is designed for children aged 4–9. We apply the highest standard of privacy protection available — the intersection of COPPA (US), GDPR-K (EU), and UU PDP (Indonesia) — to every child who uses our App, regardless of where they are located. > > - We do not sell children's personal data. Ever. > - We do not use children's data for behavioral advertising or profiling. > - We collect only the minimum data necessary for the App to function. > - Parental consent is required before any data collection begins. > - Parents can review, modify, or delete all data at any time.

---

2. Data We Collect

We collect data in two categories: data you provide to us, and data generated automatically by the App.

A. Data You Provide (Parent/Guardian)

| Data Type | Purpose | Required? | |-----------|---------|-----------| | Parent email address | Account management, consent verification, critical communications, parental notifications | Yes | | Child's display name | In-app personalization (e.g., "Welcome, Lumi!"). Does not need to be the child's real name. | Yes | | Child's birth month & year | Age-appropriate content calibration. We store only month and year — not the full birth date. | Yes |

B. Data Generated Automatically

| Data Type | Purpose | Identifiable? | |-----------|---------|---------------| | Device ID (anonymous) | Progress continuity across sessions and devices. Not linked to a real identity. | No (anonymous) | | Gameplay progress data | XP, level, streak, lesson completion, quiz scores, worlds unlocked | Linked to account | | App usage patterns | Which features are used, session duration, crash reports for debugging | Aggregate only | | Device type & OS version | Technical compatibility and bug fixing | No (technical only) | | Push notification token | Sending optional educational reminders (parent-controlled) | Device-level only |

> ✅ What We Do NOT Collect > We do not collect: the child's full name, home address, phone number, photos or images of the child, voice recordings, precise geolocation, contacts list, or any biometric data. We do not enable the child to publicly post content.

---

3. How We Use Data

We use data only for the purposes listed below. We do not use data for purposes incompatible with these stated uses without your explicit consent.

| Purpose | Data Used | Legal Basis | |---------|-----------|-------------| | Provide and operate the App | Device ID, gameplay progress, account data | Contract performance | | Personalize learning experience | Birth year/month, progress data, display name | Legitimate interest / Consent | | Account management & support | Parent email, account data | Contract performance | | Send optional parent summaries | Parent WhatsApp number (opt-in) | Consent (opt-in) | | App improvement & bug fixing | Aggregated usage data, crash logs | Legitimate interest | | Legal compliance | As required by applicable law | Legal obligation |

> ❌ Prohibited Uses > We will never use children's personal data for: behavioral advertising, sale to third parties, building individual behavioral profiles, training AI models on personal data, or any purpose beyond those listed above.

---

4. Third-Party Services

Pascua uses the following third-party services to operate the App. Each service receives only the minimum data necessary for its specific function.

| Service | Provider | Purpose | Data Shared | Children's Data? | |---------|----------|---------|-------------|-----------------| | Supabase | Supabase Inc. (US) | Database, authentication, backend infrastructure | Account data, gameplay progress, device ID | Yes — stored securely with encryption | | Vercel | Vercel Inc. (US) | App hosting, CDN, edge delivery | Anonymized request metadata (IP not stored) | Minimal — technical metadata only | | ElevenLabs | ElevenLabs Inc. (US) | AI voice narration generation | Story/prayer text only (no child data) | No — no child personal data | | Google Gemini & Magisterium AI | Google LLC / Magisterium (US) | AI image and Catholic-content generation | Content prompts only (no child data) | No — no child personal data | | RevenueCat | RevenueCat, Inc. (US) | Subscription management & in-app purchase validation | Anonymized app user ID, purchase receipts (no child data) | No — billing handled by Apple | | Fonnte (WhatsApp) | Fonnte (Indonesia) | Optional parent activity summaries via WhatsApp | Parent WhatsApp number (parent data only) | No — parent contact only, opt-in |

All third-party service providers are required to process data only on our instructions and to comply with applicable privacy laws. We review third-party data processing agreements on an annual basis.

---

5. Analytics & Tracking

> 📱 Critical: App Store 4+ & Google Play Families Policy > > To maintain an App Store age rating of 4+ and compliance with Google Play Families policy, the following rules apply to all analytics and tracking in Pascua: > > - No cross-app tracking: We do not track users across other companies' apps or websites. > - No targeted advertising: We do not serve behavioral or targeted ads within the App. > - No advertising SDKs that collect child data: Any advertising SDK included is configured in child-directed mode. > - No third-party analytics for children: Analytics events from child sessions are aggregated and anonymized before leaving the device. > - iOS ATT: We request App Tracking Transparency (ATT) permission on iOS. If declined, no tracking occurs. > - Google Play: We declare the App as child-directed in the Google Play Console, activating child-safe ad filtering.

No Third-Party Analytics SDKs

Pascua does not embed any third-party analytics or advertising SDKs (no Google Analytics / Firebase, no Meta / Facebook SDK, no ad networks). We do not collect IDFA or GAID from any user. Limited, anonymized feature-usage and crash diagnostics are processed only through our own backend (Supabase) and hosting provider (Vercel) for App improvement.

Parent Notifications (WhatsApp)

Pascua does not send push notifications to children. Optional activity summaries are sent only to a parent or guardian WhatsApp number that the parent provides and verifies, delivered via our messaging provider (Fonnte). Parents can turn these off any time in the Grown-Up Zone settings.

---

6. Data Storage & Security

All data is stored on Supabase infrastructure, which operates on AWS (Amazon Web Services) with data centers primarily in the United States. Data in transit is encrypted using TLS 1.2+. Data at rest is encrypted using AES-256.

Anonymous Usage Analytics

To understand which features families enjoy most and to improve the app, Pascua records anonymous, aggregate usage events — for example, which screen was opened — tied only to a random, non-identifying device id. We do not collect names, contact details, precise location, or any information that identifies your child or you through analytics. These events contain no personal data and are used solely to improve Pascua.

Offline Downloads (stored on your device only)

When you use the optional Download feature, the selected stories, audio, and pictures are saved locally on your device so your child can enjoy them without an internet connection. These files are app content — not personal data — they never leave your device, count toward your device storage, and are removed when you delete them (Grown-Up Zone → Downloads & Offline) or uninstall the app.

Security Measures

  • Row-Level Security (RLS) policies on all database tables — users can only access their own data;
  • API keys and secrets are stored as environment variables, never in client code;
  • Authentication is managed via Supabase Auth with secure session tokens;
  • Vercel and Supabase provide DDoS protection and access controls;
  • Access to production data is restricted to authorized personnel only;
  • Security reviews are conducted before each major release.

Data Breach Response

In the event of a data breach affecting personal data, we will:

  • Notify affected parents/guardians within 72 hours of becoming aware of the breach (as required by GDPR);
  • Report to relevant regulatory authorities as required by applicable law;
  • Take immediate corrective action to secure affected systems.

---

7. Data Sharing & Disclosure

We do not sell, rent, or trade personal data. We share data only in the following limited circumstances:

  • Service providers: As described in Section 4, only with providers who process data under our instructions;
  • Legal requirements: If required by applicable law, court order, or government authority;
  • Safety: If disclosure is necessary to protect the safety of a child or prevent illegal activity;
  • Business transfer: If Pascua is acquired or merges with another entity, we will notify you and your data rights will be preserved. You will be given the opportunity to delete your account before any transfer takes effect.

> ❌ We Never Sell Children's Data > Pascua does not and will never sell, license, or monetize personal data belonging to children or their parents for advertising, marketing, or any commercial purpose.

---

8. Parental Rights & Controls

As the parent or legal guardian, you have comprehensive rights over your child's data under COPPA, GDPR-K, and UU PDP. These rights are exercisable at any time, at no cost.

| Right | Description | How to Exercise | |-------|-------------|----------------| | Right to Access | Review all personal data we hold about you and your child | In-App: Settings → Privacy → View My Data, or email info@pascua.app | | Right to Correction | Correct inaccurate information (e.g., display name, birth year) | In-App: Settings → Profile, or email info@pascua.app | | Right to Deletion | Delete your account and all associated data (child + parent) | In-App: Settings → Privacy → Delete Account, or email info@pascua.app | | Right to Withdraw Consent | Withdraw parental consent at any time, halting all data processing | Email info@pascua.app — account deactivated within 48 hours | | Right to Portability | Receive a copy of your data in machine-readable format (JSON/CSV) | Email info@pascua.app with subject "Data Export Request" | | Right to Object | Object to specific processing activities (e.g., analytics) | In-App: Settings → Privacy → Data Preferences | | Notification Control | Opt out of push notifications at any time | In-App: Settings → Notifications, or device notification settings |

We will respond to all parental data requests within 30 days of receipt. We may ask you to verify your identity before processing the request to protect account security.

---

9. Data Retention & Deletion

| Data Type | Retention Period | Deletion Trigger | |-----------|-----------------|-----------------| | Active account data | Duration of active subscription + 90 days | Account deletion request | | Gameplay progress (XP, level, streak) | Duration of account + 90 days | Account deletion request | | Parent email address | Duration of account + 90 days | Account deletion request | | Device ID | Anonymized after 12 months of inactivity | Inactivity or account deletion | | Aggregated analytics | Up to 36 months (anonymized, no personal identifiers) | Rolling deletion | | Financial transaction records | 7 years (legal obligation under Indonesian tax law) | Cannot be deleted early due to legal obligations | | Backup copies | Purged within 90 days of account deletion | Automated backup rotation |

Inactive Account Policy

If an account shows no activity for 24 consecutive months, we will send an email notification to the registered parent email. If no response is received within 30 days, the account will be deleted and all associated data permanently removed.

---

10. App Store 4+ Compliance

To maintain the App Store 4+ age rating and Google Play Families eligibility, Pascua confirms the following:

Apple App Store — Age Rating 4+

  • The App contains no user-generated content accessible to children;
  • The App contains no social networking features for children;
  • The App contains no in-app purchases accessible without parental authentication;
  • App Tracking Transparency (ATT) prompt is displayed on iOS 14.5+ before any tracking;
  • The App does not link out to external websites without parental gateway;
  • All content is reviewed for age-appropriateness before release;
  • We comply with Apple's data nutrition label requirements — our Data Nutrition Label is filed accurately in App Store Connect.

Google Play — Families Policy

  • The App is declared as primarily child-directed in Google Play Console;
  • Only Google-certified ad SDKs are used, configured in child-directed mode;
  • The App does not collect persistent identifiers for advertising purposes;
  • All APIs are compliant with Google Play Families Policy requirements;
  • Teacher/parent approval is required before purchase (Play Store parental controls supported).

> Apple App Store Data Nutrition Label > > - Data Used to Track You: None > - Data Linked to You: Contact Info (parent email), Identifiers (device ID) > - Data Not Linked to You: Usage Data (aggregated analytics) > - No data is collected for tracking or advertising purposes.

---

11. International Data Transfers

Pascua is operated from Indonesia, but our infrastructure providers (Supabase on AWS, Vercel) may process data in data centers located in the United States and other jurisdictions.

Safeguards for International Transfers

  • All data transfers to Supabase are governed by Supabase's Data Processing Agreement (DPA), which incorporates Standard Contractual Clauses (SCCs) for EU/EEA data;
  • Vercel acts as a data processor under its DPA compliant with GDPR requirements;
  • We comply with UU PDP Article 56 requirements for cross-border data transfer — recipient countries or entities must provide equivalent protection;
  • COPPA compliance is maintained regardless of where data is processed — US children's data is subject to COPPA protections at all times.

---

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or App functionality. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this document;
  • Send a notification to the registered parent/guardian email address at least 14 days before changes take effect;
  • Display a prominent in-app notification requiring you to review and re-accept the updated Policy;
  • For material changes that expand data collection or use, we will obtain fresh parental consent.

Your continued use of the App after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree, you may delete your account as described in Section 8.

---

13. Contact & Data Requests

For all privacy-related inquiries, parental data requests, or concerns about children's data, contact us:

| | | |---|---| | Privacy Officer | info@pascua.app | | General Support | info@pascua.app | | Website | www.pascua.app | | Response SLA | Within 30 days for data requests · Within 72 hours for breach notifications | | Regulator (Indonesia) | Badan Siber dan Sandi Negara (BSSN) |

> For EU/EEA Users > If you are located in the European Union or European Economic Area and are not satisfied with our response to a data request, you have the right to lodge a complaint with your local Data Protection Authority (DPA).

> For US Users (COPPA) > If you are a US-based parent and believe we have collected your child's personal information in violation of COPPA, you may contact the Federal Trade Commission at ftc.gov/tips-complaints or 1-877-FTC-HELP.

---

*Pascua · Catholic Faith Formation App for Children aged 4–9* *Privacy Policy v1.0 · Effective June 8, 2026* *"I can do all things through Christ who strengthens me." — Philippians 4:13*

Version 1.0·Effective 2026-06-08