top of page

Privacy Policy

Last Updated: May 31 2025

1. Introduction

Welcome to PekiBook’s Privacy Policy. Your privacy is important to us. This policy explains what information we collect, how we use and share it, and your rights regarding that information. We are committed to handling your personal data transparently, securely, and in compliance with applicable privacy laws, including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the CPRA, Turkey’s Law on Protection of Personal Data No. 6698, and other relevant regulations.

By using the PekiBook mobile app or website (collectively, the “Service”), you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our practices, please do not use the Service. We encourage you to read this document carefully and contact us if you have any questions.

Data Controller: For the purposes of data protection laws, the “data controller” (the party responsible for your personal information) is Erenay Kaya, the developer of PekiBook, located in Turkey. You can find our contact details at the end of this policy.

This policy applies to all users of PekiBook worldwide. However, certain provisions apply specifically based on your location (for example, additional rights for EU/EEA users or California residents). We will highlight those where relevant.

2. Information We Collect

We collect several categories of information from and about users of PekiBook. The types of personal data we collect depend on how you interact with the Service. Generally, the information falls into these categories:

  • Information You Provide Directly:

    • Account Information: When you create an account, we may collect identifiers such as your name, email address, username, profile photo (if you choose to add one), and login credentials. If you sign in via a third-party platform (like “Sign in with Google” or “Sign in with Apple”), we receive basic account information from them (e.g., your name and email) as permitted by that service’s privacy settings.

    • Profile and Learning Data: You may provide additional information within the app, such as your language proficiency level, learning goals, or settings/preferences (e.g., interface language, notification preferences).

    • Content and Submissions: Any content you submit through the Service, including answers to quizzes, messages or text you input into the AI chat feature, feedback, or support inquiries. For example, when using the AI conversation feature “Peki,” the text you enter (questions, sentences, etc.) and the AI’s responses may be stored on our servers and/or sent to our third-party AI provider to generate the reply. Please avoid sharing personal sensitive information in these submissions.

    • Payment Information: If you subscribe to PekiBook Premium or make purchases, we (or our payment processors) collect information needed to process the transaction. Note: All purchases in the iOS or Android apps are processed by Apple or Google respectively; we do not receive your full credit card number or billing information from those transactions. We may receive confirmation of your purchase and subscription status, and limited information like an order ID or an email, which we keep for our records. For website purchases (if any), our third-party payment processor (e.g., Stripe) will handle your payment details; we might store your billing name, partial card info (last 4 digits) and transaction IDs, but not full payment account numbers.

    • Communications: If you contact us directly (via email, support chat, or phone), we will receive your name, email, and the contents of your message or attachments, as well as any other information you choose to provide.

  • Information We Collect Automatically:
    When you use PekiBook, we (and service providers acting on our behalf) automatically collect certain information about your device and usage of the Service through cookies, SDKs, and similar tracking technologies. This may include:

    • Device Identifiers: Such as your device model, operating system version, unique device IDs (for example, IDFA for iOS or Android Advertising ID, if available), device language, and device region.

    • Log and Usage Data: Details of your usage of the app, like the date and time you launched PekiBook, the features or lessons you interacted with, the time spent on various exercises, your scores or progress, and crash or error reports (which may be sent to us if the app encounters a problem). We may also log when you open our emails or click certain links (to measure engagement).

    • IP Address and Network Info: Your device’s IP address and, by extension, general geolocation information (approximate city or region). We also see timestamps of connections and possibly your internet service provider or mobile network.

    • Cookies and Web Tracking: On our website, we use cookies and similar technologies to remember your preferences, understand how our site is used, and personalize content. These might collect information like your browser type, pages viewed, time spent on pages, and referring website. (For more details, see our Cookie Notice, if applicable.)

    • Analytics Data: We use analytics tools (e.g., Google Analytics, Firebase Crashlytics) that gather data about app or website usage. This can include screens viewed, buttons clicked, and other interaction information, which helps us improve the Service. Such tools might use cookies or device identifiers to track user behavior over time.

  • Information from Third Parties:
    We may obtain information about you from third-party sources, if you consent or if otherwise permitted. For example:

    • If you link PekiBook with a social media or another account (like linking to a Facebook profile for login or a content-sharing feature), we might receive profile information from that third party (as authorized by you and that platform).

    • If someone refers you to PekiBook via a referral or gift code, we might receive your email address or username from that referrer.

    • We could receive demographic or interest information about our user base in aggregate from advertising or analytics partners (this information would be de-identified, e.g., “X% of users are in Europe”).

    • If we run ads on third-party platforms, those platforms might inform us which users saw or clicked our ads and provide general info about those users (again, often in aggregate form, not directly identifying you by name).

We do not intentionally collect any “special categories” of sensitive personal data about you (such as race, ethnicity, health, biometric data, or religious beliefs), unless you choose to provide such information (for instance, if you voluntarily mention health or other sensitive info in a support request or within the AI chat—though we advise against sharing sensitive data in the app). We also do not intentionally collect information about criminal convictions or offenses.

Children’s Data: As noted in our Terms, PekiBook is not intended for children under 13. We do not knowingly collect personal data from anyone under 13. If we become aware that we have inadvertently collected personal information from a child under 13 (or under the applicable age of consent in certain jurisdictions, such as 16 in parts of the EU), we will promptly delete such data from our records. If you are a parent or guardian and believe we have collected personal information from your child without consent, please contact us so we can investigate and take appropriate action.

3. How We Use Your Information

We use the collected information for various purposes in order to operate, provide, improve, and protect our Service, as well as to comply with legal obligations. Specifically, we may use your information in the following ways:

  • To Provide and Personalize the Service:
    We process your personal data to deliver PekiBook’s core functionality. For example, we use account information to log you in and present your learning progress. We use your quiz answers, lesson history, and AI chat interactions to provide immediate feedback, correct answers, or tailored content. Personalization is a big part of PekiBook – e.g., we might use your performance data to adjust the difficulty of exercises, or use your stated goals (travel, exam prep, etc.) to suggest relevant lessons. The AI coach uses your input to generate contextual responses (your data is sent to our AI engine to do this). This processing is generally necessary to perform our contract with you (i.e., to provide the service you signed up for).

  • To Process Transactions:
    If you make a purchase or subscribe to Premium, we use your information to complete the transaction and manage your subscription. This includes sending payment details to Apple or Google (or our payment processor) and verifying your subscription status. We might also send you receipts or notifications about your subscription (such as confirmation emails or renewal reminders). We maintain records of your purchases (as required for accounting and legal compliance, such as tax laws).

  • To Communicate with You:
    We use contact information (like your email) to send you service and administrative messages. These include confirmations (e.g., when you register or change your password), technical notices, updates, security alerts, and support responses. We may also send promotional communications or newslettersabout new features, content, or offers, if you have opted-in or if it’s within our legitimate interest and allowed by law (for instance, for existing customers, some jurisdictions allow limited marketing). You can opt out of marketing emails at any time by clicking the unsubscribe link in those emails or adjusting your app settings. We might also use in-app notifications or messages to encourage your learning (for example, a reminder if you haven’t practiced in a while, or a congratulatory message when you hit a milestone).

  • To Provide Customer Support:
    If you reach out to us with a question, feedback, or issue, we will use your provided information (and possibly look at your user data like device info or lesson progress) to respond and resolve your query. For example, if you email about a bug, we might examine your crash logs or account events to troubleshoot. We may also fix issues you report and let you know the outcome.

  • To Monitor, Maintain, and Improve the Service:
    We internally analyze how users interact with PekiBook to improve the user experience and the quality of our content. For instance, we review aggregated data on which lessons are most popular or where users tend to drop off, so we can refine those lessons. We use analytics data and crash reports to debug and optimize our app’s performance and reliability. If AI responses are frequently flagged or corrected by users, we may adjust the AI’s configurations or training data. Overall, your usage information helps us understand what’s working and what isn’t, enabling continuous improvement. We may also test out new features with certain user segments and analyze the results (often this is done with anonymized or aggregated data).

  • To Enforce Our Terms and Protect Our Users and Service:
    We may use your information to prevent fraud, abuse, and other misconduct. For example, we keep an eye out for suspicious login patterns (to prevent unauthorized access to accounts), or usage that indicates violation of our Acceptable Use Policy (such as automated bots scraping content or someone inputting prohibited content into the AI). If necessary, we will use data (like account and usage information) to investigate and address violations of our Terms of Use, illegal activities, or security threats. This could involve, for instance, using IP addresses and account identifiers to block a malicious actor or contacting you to verify account ownership. We also might use automated filters (and human review) on AI chat inputs to detect disallowed content and prevent the AI from responding with inappropriate content. Protecting the privacy and safety of our users is part of this purpose – e.g., if someone is reported for harassing others (in any community aspect of the service), we’d review their communications.

  • For Legal Compliance:
    We process personal data as necessary to comply with our legal obligations. This includes keeping transaction records for financial regulations and taxes, honoring user rights requests under privacy laws (e.g., if you ask to delete your data, we use your info to fulfill that request), and complying with lawful requests by public authorities (such as responding to a court order or valid subpoena). We may also use and preserve data to assert or defend against legal claims. For instance, if there’s a dispute with a user, we might retain certain logs to demonstrate what happened. Additionally, if required by law, we might send mandatory communications (for example, notifications about a data breach, or updates to terms and policies).

  • With Your Consent (where applicable):
    In cases where we rely on consent as the legal basis (for example, if we ever request access to your microphone for a speaking exercise, we will ask permission; or if we want to collect precise location to tailor content, we’d ask first), we will use your data for the specific purposes we explain at that time. If you grant a permission (like push notifications on your device), you can revoke it later in your device settings.

In summary, we use personal data to run and improve PekiBook, communicate with and support users, serve personalized learning experiences, keep the service secure, and meet our legal and contractual obligations. We do not use your personal data for unrelated purposes without notifying you and, if required, obtaining your consent.

4. Legal Bases for Processing (for EU/EEA/UK Users)

If you are located in the European Economic Area, United Kingdom, or another jurisdiction that requires a legal justification for processing personal data, we process your information under the following legal bases (as per Article 6 of the GDPR and equivalent laws):

  • Performance of a Contract: Most of our data processing is to provide you with the Service that you requested under our Terms of Use. For example, we collect and use your account data, learning progress, and inputs because it’s necessary to deliver personalized lessons, track your progress, and fulfill the core functions of PekiBook. Without this data, we wouldn’t be able to provide the Service to you. When you sign up and agree to our Terms, a contract is formed, and processing your data for the Service is based on that contract.

  • Legitimate Interests: We process certain data for our legitimate business interests, in a manner that we believe does not override your privacy rights. For instance:

    • Improving and analyzing our services (e.g., reviewing how users engage with lessons to make them better, debugging issues) is in our interest to remain competitive and offer a good product.

    • Sending you product updates or suggestions within the app (e.g. “try this new feature”) may be a legitimate interest to promote engagement, provided it doesn’t unduly impact your rights.

    • Preventing fraud, misuse, and ensuring security – we have a legitimate interest in keeping our platform safe and trustworthy.

    • Certain marketing to existing customers might be based on legitimate interest, where permitted (for example, in some jurisdictions we can send offers about similar products to our users, subject to opt-out).
      We always consider the potential impact on your rights and will implement safeguards (like providing easy opt-outs for communications or conducting balancing tests under GDPR). You have the right to object to processing based on legitimate interests, as described in Your Rights below.

  • Consent: In specific situations, we rely on your consent. For example, if we want to send you newsletters or promotional emails and local law requires consent, we will only do so if you’ve opted in. Similarly, if we use non-essential cookies or tracking on the web (say, for personalized ads or to integrate with third-party platforms), we will ask for consent via a cookie banner. If we ever process any sensitive personal data (which we typically do not, unless you volunteer it), we would seek explicit consent or rely on another lawful exemption. You have the right to withdraw consent at any time, which will not affect the lawfulness of processing based on consent before its withdrawal.

  • Legal Obligation: When processing is necessary for us to comply with a legal obligation, we will do so. For instance, accounting and tax laws may require us to retain transaction records; data protection laws might obligate us to respond to you exercising your privacy rights or to inform you and authorities in case of certain data breaches. If a court or authority lawfully requires us to provide data, we must comply. In such cases, the law is our basis for processing.

  • Vital Interests and Public Interest: These bases are less likely to apply. Vital interests would be if processing is necessary to protect someone’s life – unlikely in a language learning app context. Public interest could apply if, for example, we were performing a task carried out in the public interest or under official authority, which we are not. If that ever changes (highly unlikely), we will update this policy accordingly.

We always ensure that we have a valid legal ground to collect and use your data. If you have questions about the legal basis of how we process your personal data, you can contact us for more information.

5. How We Share or Disclose Information

We value your privacy and handle your personal information with care. We do not sell your personal data to third parties for money. However, in the normal course of operating our Service, there are instances where we share information with third parties – either at your direction, with your consent, or for legitimate operational purposes. The categories of recipients of personal data include:

  • Service Providers (Processors): We use trusted third-party companies to perform certain functions on our behalf, and we may need to share limited personal data with them to provide the Service. These include:

    • Hosting and Infrastructure: For example, we use cloud computing and storage providers (such as Amazon Web Services or Google Cloud) to host our databases, backups, and app services. Your data (account info, progress, etc.) is stored on their secure servers, but they cannot use it except to provide storage and compute services to us.

    • AI Platform Providers: We integrate with an AI service (such as OpenAI’s API, or another language model provider) to power the “Peki” AI chat companion. This means that when you interact with the AI feature, the textual content of your query and relevant context is sent to that AI provider’s servers, which process it and return a response. We share this data solely to get the AI functionality to work. The AI provider is contractually prohibited from using your data for any purpose other than providing us the service (and we adhere to OpenAI’s terms which include data privacy commitments).

    • Analytics and Crash Reporting: We might use analytics tools (like Google Analytics for Firebase, Fabric/Crashlytics, etc.) to understand usage and stability. These tools may receive device identifiers and usage info. They act as our processors to give aggregated statistics and crash logs.

    • Payment Processors: If we process payments outside of the app stores (e.g., via a web portal), we would use a PCI-compliant payment processor (like Stripe). They handle sensitive financial information. We share with them the purchase amount, your card info (entered through secure forms we don’t see directly), and billing details necessary to complete the payment. They in turn share back a confirmation and partial info (like last4 of card, success/fail). For in-app purchases, Apple and Google are the processors managing payments; we receive confirmation tokens from them.

    • Email/Communication Services: We may use an email service provider (like SendGrid, MailChimp, or similar) to send out our emails (newsletters, verification emails, etc.). They get your email address and the content of emails to deliver on our behalf. Similarly, push notification services (Apple Push Notification service for iOS, Firebase Cloud Messaging for Android) get certain data (like a device token and the message to deliver).

    • Customer Support Tools: If we use helpdesk or support platforms (like Zendesk or Intercom), the information you provide in support requests (and possibly some account data to contextualize the support) will pass through those systems to allow us to manage and reply to inquiries.
      These service providers are bound by contracts that limit how they can use your data, typically restricting use to providing services to us and maintaining confidentiality.

  • Within a Corporate Group: Currently, PekiBook is developed by an individual (Erenay Kaya). If in the future PekiBook is offered through a company or we have affiliated entities, we might share data within our corporate family as needed to run the Service (for example, between a Turkish branch and a EU branch, if applicable). Any such affiliates would follow this same privacy policy.

  • Business Transfers: If we undergo a business transaction such as a merger, acquisition by another company, reorganization, or sale of all or a portion of our assets, your information may be transferred as part of that deal. We would ensure the new owner continues to honor this Privacy Policy or notifies you of any changes. For example, if another company acquires PekiBook, your data would likely be one of the assets transferred, but it would remain subject to the promises made in this policy (unless you’re notified otherwise and given a chance to opt-out if required by law).

  • Legal and Safety Disclosures: We may disclose information about you if we, in good faith, believe such disclosure is necessary to:

    • Comply with the law or legal process: This includes responding to subpoenas, court orders, or other legal demands; and meeting the requirements of mandatory data disclosure. If a government or law enforcement agency lawfully requests data (for example, investigating fraud or misuse), we will comply after verifying the request’s legitimacy.

    • Protect rights and safety: We might share information when we believe it’s necessary to protect our rights, property, and safety, or those of our users or others. For instance, exchanging information with other companies and organizations for fraud protection and credit risk reduction, or disclosing data to prevent imminent harm (e.g., if we become aware of a credible threat of violence or self-harm, we might notify appropriate authorities).

    • Enforce our terms or address violations: If needed to investigate and address breaches of our Terms of Use or user misconduct (for example, sharing a problematic user’s info with legal counsel for handling a dispute, or with platform security teams to mitigate abuse).

  • With Your Consent or At Your Direction: We will share your personal information with third parties in cases where you have explicitly instructed us or agreed that we do so. For example, if you choose to share a snippet of your PekiBook progress or a quiz result on a social network (using a share feature in the app), we will send that content to the platform you choose. Or if you ask us to connect PekiBook with another service (say, linking to a third-party flashcard app), we will exchange data with that service with your permission. Also, if we ever participate in a cross-promotion or partnership where data sharing is involved, we would do so only with your consent.

  • Advertising Partners: PekiBook’s free version may be supported by ads. We may work with third-party advertising networks or partners (like Google AdMob or similar) to deliver ads within the app. These partners may collect certain device and usage information (as described in “Information We Collect Automatically”) through the app for purposes of ad targeting and measurement. For instance, they might collect your device identifier and app usage to show you a relevant ad and avoid showing the same ad too many times. If these ads are personalized (behavioral advertising), we will ask for consent where required by law (e.g., for EU users via a consent prompt) or provide an opt-out mechanism (like honoring the device’s “Limit Ad Tracking” setting or Global Privacy Control signals for California users). We do not share directly identifying information like your name or email with ad networks; but they may use cookies or SDKs in our app which allow them to infer that a device using PekiBook also has certain preferences or demographics (based on broader data they have). We ensure any such partners are vetted and that these activities are disclosed for transparency. If you upgrade to Premium, you will not see ads and thus not have data shared with ad networks in the app context.

  • Aggregated or De-Identified Data: We may share information that has been aggregated (combined with other users’ data) or de-identified (stripped of direct identifiers so you are not readily identifiable). This information cannot be linked back to you personally. For example, we might publish blog posts or reports with stats like “X% of PekiBook users completed at least 5 lessons a week” or “We have users in 50+ countries collectively learning 10,000 words,” or share anonymized learning trend data with an education research partner. Such information would not constitute personal data under privacy laws, and we may share it freely to showcase usage or insights.

We do not sell personal information in the traditional sense (for monetary consideration). In the context of CCPA: while we do not sell data, some of our use of advertising cookies/IDs could be considered “sharing” for targeted advertising purposes. We provide California residents the right to opt-out of such sharing (see Your California Privacy Rights below).

Whenever we share your information, we take steps to protect it. Third parties will only get the minimum data necessary for their specific role, and they must adhere to confidentiality and security obligations.

If in the future we need to share your data in ways not covered by this policy, we will notify you and/or update this policy accordingly, obtaining your consent where required.

6. International Data Transfers

PekiBook is developed and managed in Turkey, and we use servers and service providers that may be located in multiple countries. This means that your personal data may be transferred to, stored, or processed in a country different from your home country. In particular, if you are located outside of Turkey (e.g., in the European Union or elsewhere), your data will likely be transferred to Turkey and/or the United States (where some of our cloud or service providers operate). For example, data sent to our AI provider or cloud host might be processed on servers in the U.S. or EU, and our analytics tools might route data to the U.S. or other regions.

Data Protection Standards: Different countries may have different data protection laws, some of which may not be as protective as those in your jurisdiction. However, we take steps to ensure that your personal information is treated securely and in accordance with this Privacy Policy and applicable law. When we transfer personal data out of the EU/EEA, UK, or other regions with data transfer restrictions, we implement appropriate safeguards. These may include:

  • Standard Contractual Clauses: We may incorporate the European Commission’s approved Standard Contractual Clauses (SCCs) into our contracts with service providers or affiliates to ensure a valid legal transfer mechanism and commitment to GDPR-level protections.

  • Data Processing Agreements: We have agreements with our service providers that include data protection clauses required by law. Many of our major service providers (e.g., cloud and analytics providers) also certify to frameworks or have their own SCCs in place for transfers.

  • Explicit Consent: In certain cases, we might rely on your consent for cross-border data transfer (for instance, if we ever needed to send data to a new provider in a country without an adequacy decision, we might ask for your consent; note that by using our Service and submitting information, you are consenting to the transfer of that information to Turkey and other jurisdictions as explained).

  • Adequacy Decisions: Whenever applicable, we will transfer data to countries that are deemed to have “adequate” data protection by relevant authorities. (For example, if using an EU-based provider in a country with an EU adequacy decision, that’s inherently allowed.)

We also maintain technical and organizational measures to protect data (encryption, access controls, etc.) during transfer and storage, regardless of location.

Turkey Specific: If you are in Turkey, your data collected by us may be transferred abroad (to servers or partners as described). We comply with Turkish data protection law (KVKK) regarding cross-border transfers. This often means we either obtain your explicit consent for transferring your data to another country or ensure that the receiving party commits to an adequate level of protection and that the Turkish Data Protection Authority’s conditions for transfer are met. By using PekiBook and providing information, you consent to the transfer of your personal data outside Turkey when necessary for the purposes described (such as using an AI service located abroad), as allowed under Article 9 of KVKK.

For Users in the EU/EEA and UK: If you have questions about international transfers or want a copy of the relevant safeguard (like SCCs) we use, you can contact us as provided below. We will provide any available details (some contractual documents may be partially redacted for confidentiality) upon request.

Despite the differences in laws, we will treat your information securely. We continuously monitor the legal landscape for international data transfers (such as developments after the Schrems II decision, etc.) and will adjust our practices to remain compliant and keep your data safe when it crosses borders.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. The exact duration will depend on the type of data and the context in which it’s used. Here are some general guidelines we follow:

  • Account Data: We keep your account information (like name, email, profile, progress data) for as long as your account is active. If you choose to delete your account or it has been inactive for a long period, we will initiate deletion of those personal details, unless we need to keep them for a legitimate reason (see below). Account deletion will result in removal or anonymization of personal data tied to that account (and we will ensure your data is no longer visible or accessible through the app).
    – Note: If you simply uninstall the app without deleting your account, your data remains on our servers until you delete or we purge it after a significant inactivity period. We may send reminders or inquire before deleting inactive accounts.

  • Learning Content and Submissions: Data like your lesson answers, scores, and AI chat logs associated with your account are retained to provide you the Service and track your progress over time. These typically persist until account deletion, so that you can resume learning where you left off even after a break. However, for AI chat logs, we might automatically delete or anonymize older chat history beyond a certain recent window to manage storage (unless such data is tied to feature functionality like reviewing past chats). We also might aggregate or anonymize older learning data for analytical purposes.

  • Transactional Data: Purchase and subscription records are kept as long as required by tax and financial regulations. In Turkey, for example, financial transaction records might need to be kept for 10 years. Similarly, we may keep invoicing information for 7-10 years as per local laws. This is a legal requirement and also helps with customer inquiries about purchase history.

  • Communications: If you contacted support or gave feedback, we may retain those communications until we resolve your issue and for a short period after (in case of follow-ups). Support tickets may be archived for a certain time (e.g., 2 years) in case similar issues reoccur or for quality assurance. Email suppression lists (to honor opt-outs) are kept as long as needed to ensure we don’t accidentally email those who unsubscribed.

  • Logs and Analytics: We generally keep application logs and analytics data for a finite period (for example, raw logs might be kept for a few weeks or months) unless we are using them for security monitoring (in which case some logs might be stored longer, but typically no more than a year unless required by law). Aggregated analytics (which are de-identified) may be retained indefinitely for business analysis.

  • Legal Holds and Obligations: If we are under a legal obligation to retain data (for example, due to an ongoing investigation, litigation, or receiving a lawful preservation request), we will retain the data for as long as instructed/necessary. We may also retain information as needed to enforce our Terms or to resolve disputes. For instance, if we banned a user for serious misconduct, we might keep their email or device ID in a suppression list to prevent re-registration, as part of protecting our service and users.

When we no longer have a legitimate need to use your data, we will either delete it or anonymize it (so it can no longer be associated with you). If deletion is not immediately feasible (for example, because the data is stored in backup archives), we will securely store and isolate it from further use until deletion is possible.

Backup and Archive: Our servers perform routine backups to ensure resilience of the Service. Backup data is encrypted and rotated. Thus, even after deletion, some of your data might remain in encrypted backups for a short duration until those backups cycle out or are overwritten – during this time, it’s not readily accessible and will only be used if needed for disaster recovery.

We aim to implement a retention policy that doesn’t keep personal data longer than necessary. If you have specific questions about how long a particular type of data is retained, you can contact us for more detail.

8. Your Rights and Choices

Depending on your jurisdiction, you have various rights regarding your personal information. PekiBook is committed to enabling these rights and has processes to honor them. Below, we outline the rights of users in different regions and how you can exercise them:

For Users in the European Union/EEA, United Kingdom, Turkey, and similar jurisdictions (GDPR/KVKK applicable):

You have the following data subject rights:

  • Right to Access: You can request confirmation of whether we are processing your personal data, and if so, ask for a copy of the data we hold about you. This includes information like the categories of data, the purposes of processing, the recipients (or categories of recipients) to whom data has been disclosed, and (if possible) the retention period. We will provide your data in a commonly used electronic form.

  • Right to Rectification: If any of your personal data is inaccurate or incomplete, you have the right to request that we correct or update it. For example, you can change your profile info in the app settings, but you can also contact us to correct any errors you can’t fix yourself.

  • Right to Erasure (Right to be Forgotten): You may request deletion of your personal data in certain circumstances. This is applicable, for instance, if the data is no longer necessary for the purposes it was collected, or if you withdraw consent and we have no other legal basis, or if you object to processing and we have no overriding legitimate grounds, or if data was unlawfully processed, etc. Please note this right is not absolute – we might retain some data if required by law or if an exemption applies (e.g., we may refuse deletion while an account is under investigation for fraud, or keep transactional data required for legal compliance). The easiest way to exercise a full deletion is often by using an in-app “Delete Account” feature if available, which removes your personal info from our systems.

  • Right to Restrict Processing: In certain situations, you have the right to ask us to limit the processing of your data. For example, while we are evaluating a request of yours (like an objection or a claim that data is inaccurate), or if our processing is unlawful but you prefer restriction over deletion, or if we no longer need the data but you need it for a legal claim. When processing is restricted, we will store your data securely and not use it except to the extent allowed (e.g., to establish legal claims, with your consent, for important public interest, etc.).

  • Right to Data Portability: You have the right to obtain your personal data that you provided to us in a structured, commonly used, machine-readable format, and to have it transmitted to another controller where technically feasible. This right applies when the processing is based on your consent or a contract and is carried out by automated means. In practice, this might mean you can ask for an export of your account data and progress in a CSV or JSON format.

  • Right to Object: You have the right to object to our processing of your personal data when that processing is based on legitimate interests or performance of a task in the public interest (which in our case, it’s primarily legitimate interests). If you object, we must stop processing unless we demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims. You also have an unconditional right to object to your data being used for direct marketing; if you object, we will stop using your data for that purpose immediately. In the app or email footers, you have options to opt out of marketing, which is effectively an objection.

  • Right not to be subject to Automated Decision-Making: PekiBook doesn’t make any legally significant decisions about you purely by algorithms without human involvement. However, if we ever did, you would have rights regarding such decisions (like the right to obtain human intervention, express your point of view, and contest the decision). Our AI recommendations or lesson suggestions don’t have legal or similarly significant effects on you, they’re just personalized content.

  • Right to Withdraw Consent: Where we rely on your consent for processing (for example, for sending marketing emails or for optional features), you have the right to withdraw that consent at any time. You can do so by adjusting settings (like turning off certain data sharing toggles or unsubscribing from emails) or contacting us. Withdrawal of consent will not affect the lawfulness of processing that occurred before the withdrawal.

For Users in Turkey specifically (KVKK): Under Turkish law, you similarly have the right to learn if your data is processed, request information about it, learn the purpose of processing and whether it’s used accordingly, know the third parties (in Turkey or abroad) to whom data is transferred, request correction of inaccurate data, request deletion or destruction of data in certain conditions, request notification to third parties of corrections/deletions, object to adverse results from automated processing, and demand compensation for damages due to unlawful processing. These map closely to the GDPR rights above. We honor these rights for Turkish users in line with Article 11 of KVKK.

For California (and similarly situated U.S. state) Residents: If you are a resident of California, you have rights under the CCPA/CPRA, including:

  • Right to Know: You can request that we disclose to you the following information covering the 12 months prior to your request: (1) the categories of personal information we collected about you; (2) the categories of sources from which the personal information was collected; (3) our business or commercial purpose for collecting (or, if applicable, selling or sharing) personal information; (4) the categories of third parties to whom we disclosed personal information; and (5) the specific pieces of personal information we collected about you. Essentially, you can ask for both a general overview and a copy of your specific data.

  • Right to Delete: You may request that we delete personal information we have collected from you. As with GDPR, some exceptions apply (e.g., if the information is needed to complete a transaction, detect security incidents, comply with a legal obligation, etc.). If deletion is requested and permitted, we will delete (and direct our service providers to delete) your personal information from our records.

  • Right to Correct: You can request that we correct any inaccurate personal information we maintain about you. We will take into account the nature of the personal information and the purposes of processing and work to correct it as needed.

  • Right to Opt-Out of Sale or Sharing: As noted, we do not sell your personal info for money. If we engage in “sharing” (as defined by CPRA) for cross-context behavioral advertising, you have the right to opt out of that. We honor browser signals like the Global Privacy Control (GPC) to opt out of the sale/sharing of personal data. If our app or site detects a GPC signal, we will treat it as a valid opt-out request. You can also contact us or use the “Do Not Sell or Share My Personal Information” link (if provided on our website) to manually opt out. Once you opt out, we will stop sharing your data for targeted advertising.

  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we won’t deny you our services, charge you a different price, or provide a different level of quality just because you exercised your privacy rights. (However, note that if you ask us to delete data that is necessary for the Service, we may not be able to provide the Service – for example, deleting your account data means we’d no longer be able to provide your account. But that’s a consequence of the choice you made, not a discriminatory action on our part. We will not, for instance, suddenly charge paying users more or downgrade service solely because they opted out of data sharing.)

  • Shine the Light (California): Separately, California’s “Shine the Light” law allows users to request certain information about our disclosure of personal information to third parties for their own direct marketing purposes. We do not disclose personal data to third parties for direct marketing independent of our processes already described. If you have specific inquiries on this, contact us.

For Other Regions: If you reside in a jurisdiction with its own privacy laws (e.g., Canada, Australia, Brazil, etc.), we will endeavor to respect your rights under those laws as well. For instance, Canadian users have rights to access and correct their data under PIPEDA, and we provide that. Australian users can request access and correction and complain about handling of their data under the Privacy Act. We generally extend similar rights and process to all users, even if not strictly required in every locale, because we believe in transparency and user control.

How to Exercise Your Rights: To exercise any of the rights above, please contact us using the contact details provided in the “Contact Us” section of this Privacy Policy. For certain rights (like opt-outs or deleting account), we may offer self-service tools: e.g., an in-app setting to download your data, a “Delete Account” button, or a toggle for marketing emails. Otherwise, a written request via email is fine. We may need to verify your identity before fulfilling the request (to protect your privacy, we wouldn’t want to give your data to an imposter). Verification might involve confirming ownership of your account or providing identifying information.

For access, deletion, or correction requests, please be specific about what you seek, to help us process it efficiently. We will respond within the timeframe required by law (for example, GDPR mandates within one month, CCPA within 45 days with possible extension). If we need an extension or cannot comply with a request (due to an exemption), we will inform you and provide an explanation.

If you are an authorized agent making a request on behalf of someone else (applicable in California, for example), we may require additional documentation (like written permission from the user, and verification of your identity).

Appeal Process (for certain regions like Virginia in the US): If we refuse a request or you are unsatisfied with our response, you may have the right to appeal our decision by contacting us and explaining the basis of your appeal. We will review appeals and respond within the timeframe mandated by applicable law.

Right to Complain: In any case, if you believe we have infringed your privacy rights or data protection laws, you have the right to lodge a complaint with a supervisory authority. For EU users, this would be your local Data Protection Authority (DPA) in your country of residence. In the UK, it’s the ICO. In Turkey, it’s the KVKK Board. In California, you can contact the Attorney General’s office if needed. We kindly request that you attempt to resolve any issues with us first, but you have the right to go directly to the authorities.

We are committed to honoring your rights and ensuring you have control over your personal information. Please note that these rights are subject to various conditions and exemptions under applicable laws, but we will do our best to accommodate each valid request to the fullest extent required.

9. Security Measures

We take the security of your personal information seriously and have implemented a variety of technical and organizational measures to protect it from unauthorized access, alteration, disclosure, or destruction. However, please be aware that no method of transmission over the internet or method of electronic storage is 100% secure, so we cannot guarantee absolute security.

Some of the key security practices we employ include:

  • Encryption: We encrypt personal data in transit and at rest in many cases. For instance, our app and website use HTTPS/TLS to securely transmit data from your device to our servers (which means data like your login credentials and API communications are encrypted during transfer). Sensitive data (like passwords) is stored hashed (not in plain text), and other personal data may be encrypted in our databases or on disk to add an extra layer of protection.

  • Access Controls: We limit access to personal information to employees and service providers who need it to operate, develop or improve our Service. Those who have access are subject to strict confidentiality obligations. Our databases and systems require authentication and are protected by firewalls. We regularly review who has access to what data and restrict permissions following the principle of least privilege.

  • Monitoring and Testing: We utilize security software and services to monitor our systems for potential vulnerabilities and attacks. This includes firewalls, intrusion detection systems, and anti-malware protections. We periodically test and evaluate the effectiveness of our security measures (through practices like security audits, vulnerability scanning, and penetration testing by ourselves or external experts). We also keep our software and frameworks up-to-date with the latest security patches to mitigate risks.

  • Secure Development Practices: When developing PekiBook features, we follow secure coding guidelines to prevent common vulnerabilities (such as SQL injection, XSS, CSRF, etc.). We also segregate environments (e.g., testing/staging vs. production data) to avoid unnecessary exposure of real data. Any third-party libraries or tools we integrate are evaluated for security posture.

  • Backup and Recovery: We maintain secure backups in case of data loss, but those backups are encrypted and stored separately. We have a disaster recovery plan which includes restoring data in a secure manner.

  • Physical Security: The servers and facilities we use (e.g., cloud data centers) have robust physical security controls – such as 24/7 monitoring, controlled access, and environmental safeguards. While we rely on reputable providers (like AWS or similar) for infrastructure, those providers carry certifications (like ISO 27001, SOC 2) that demonstrate strong physical and network security.

  • Training and Policies: We ensure that anyone who handles personal data on our team is trained on proper data handling and security practices. We have internal policies for data protection, incident response, and confidentiality, which all team members must follow. If we work with contractors who might have access to data, they are required to adhere to equivalent security standards and sign confidentiality agreements.

  • Payment Security: If applicable, when processing payments via our website, we comply with PCI-DSS standards by leveraging PCI-compliant payment processors. We do not store full payment card details on our systems. In-app purchases are handled by Apple/Google which have their own robust security for transactions.

Despite all measures, it’s important for you as a user to also play a role in keeping your data secure. Please choose a strong and unique password for PekiBook and do not share it. Monitor your account for any suspicious activity and notify us immediately if you suspect any unauthorized access. When using the app on a public or shared device/network, exercise caution (e.g., log out when finished, avoid using credentials on public Wi-Fi without a VPN, etc.).

Incident Response: In the unlikely event of a data breach or security incident, we have procedures in place to address it promptly. We will notify affected users and relevant authorities of any breaches as required by law (for example, GDPR requires reporting certain personal data breaches to authorities within 72 hours, and to users without undue delay when there’s a high risk to their rights). Our notification would include information about the breach and guidance on steps users should take to protect themselves.

By using PekiBook, you acknowledge that you understand the inherent risks of transmitting data over the internet, but rest assured we are continuously working to update and improve our security practices to safeguard your information.

10. Cookies and Tracking Technologies

(If you only use the mobile app, some of this section may not apply in the same way, but we include it for completeness regarding our website and any web-based aspects of the Service.)

PekiBook uses cookies and similar tracking technologies to provide and optimize the Service, as well as to understand and enhance your experience. Here’s how we use these technologies:

  • What Are Cookies? Cookies are small text files that a website stores on your device (computer or mobile) when you visit. They allow the site to remember your actions or preferences over time. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device for a set period or until you delete them).

  • Types of Cookies We Use:

    • Essential Cookies: These are necessary for the website to function. For example, if we have a web login, an authentication cookie keeps you logged in as you navigate between pages. Without these cookies, services you’ve asked for (like maintaining your account session or processing a purchase in a cart) cannot be provided.

    • Preference Cookies: These remember your choices and settings, to provide a more personalized experience. For instance, a cookie might remember your language preference or that you’ve seen a particular tutorial so it doesn’t show again.

    • Analytics Cookies: We use these to collect information about how users interact with our website (pages visited, time spent, any error messages). This helps us improve the site’s performance and understand what content is most useful to visitors. For example, we might use Google Analytics which sets cookies to gather usage statistics (Google Analytics may set cookies like _ga, _gid etc. to differentiate users and throttle request rates). The data we get is aggregated and doesn’t directly identify individuals.

    • Advertising Cookies: If we display advertisements or use third-party advertising partners on our site, these cookies can be used to deliver ads relevant to you and measure the efficiency of ad campaigns. They may track things like which ads you’ve seen or clicked. For example, if we use Google AdSense or similar, a cookie might track your browsing on our site and others to infer your interests (this relates to cross-site tracking for personalized ads). We will obtain consent for these cookies where required, and you can opt out of targeted ads as described in the “Your Rights” section.

    • Third-Party Cookies: We might embed content or features from third parties, which could set cookies. For instance, a “Like” button from Facebook, a Twitter share widget, or an embedded YouTube video may set their own cookies. These third-party cookies are set by domains different from ours and we don’t control them. They might collect data about you subject to those third parties’ policies.

  • Mobile App Tracking: In our mobile app, instead of cookies, we use mobile identifiers and SDKs (Software Development Kits) for similar purposes. For example, we might use the Firebase Analytics SDK in the app to track events, or an ad SDK to show ads. These may collect your device’s advertising ID (IDFA/GAID) which you can reset or limit via your device settings, as well as events within the app. We treat these similarly to how we treat cookies – they’re used for essential functioning (analytics to improve the app, etc.) and sometimes for advertising (if free users see personalized ads, the ad SDK may track interactions).

  • Your Choices:

    • Browser Controls: On our website, when you first visit, we will present a cookie banner (if required by law in your region) to allow you to accept or reject non-essential cookies. You can also adjust your browser settings to refuse cookies or alert you when cookies are being sent. Each browser has different ways to do this (check your browser’s help documentation for managing cookies). Note that blocking or deleting cookies might affect website functionality; essential parts of PekiBook’s web features might not work properly without cookies.

    • Do Not Track: “Do Not Track” (DNT) is a browser setting that requests a website not track you. Our site responds to Global Privacy Control as noted. As for DNT signals, we currently treat GPC signals as opt-out requests for sale/sharing as described above, and we consider overall DNT signals as a general preference. However, because there isn’t a consensus on how to interpret DNT, we might not respond to it in a uniform way aside from the specific legal opt-outs already covered.

    • Mobile Settings: On mobile devices, you can typically control ad tracking by enabling “Limit Ad Tracking” on iOS or “Opt out of Ads Personalization” on Android, which we and our partners will respect (it tells ad networks not to use your ID for targeted ads). You can also reset your device’s advertising identifier.

    • Opt-outs: For analytics, you can often opt out by installing browser opt-out add-ons (for example, Google offers a Google Analytics Opt-out Browser Add-on). For personalized Google ads on the web, you can visit Google’s Ad Settings. For other ad networks, industry sites like the NAI or YourOnlineChoices (EU) allow broader opt-outs. We honor any such choices to the extent applicable to our integration of those services.

  • Other Tracking Technologies: We may use other technologies like web beacons/pixel tags in emails or on the site. These are tiny graphics or code that have unique identifiers to track when an email is opened or when a particular page is viewed. This helps us gauge the effectiveness of communications or features. For example, if we send you a newsletter, we might use a beacon to see if you opened it or clicked links, which helps us tailor our content. You can typically disable images in your email if you don’t want such tracking in emails.

We will not set non-essential cookies or tracking technologies on your browser without your consent where required by law. This Cookie section is meant to give you clear information (addressing the ePrivacy Directive/GDPR requirement to inform users about cookies and get consent). By continuing to use our site or app, you acknowledge our use of cookies and tracking as described (to the extent you haven’t disabled them).

For more detailed information about specific cookies or tracking tools we use, please refer to our separate Cookie Policy (if available on our website), or contact us with any questions.

11. Third-Party Links and Services

Our Service may contain links to third-party websites, products, or services that are not owned or controlled by PekiBook. For example, our website might link to a blog, a language resource site, or display a button that leads to a community forum or social media page. Additionally, the app might offer to connect you with an external dictionary site or allow you to share your achievements on platforms like Twitter or Instagram.

If you choose to visit or use any third-party websites or services, please be aware that this Privacy Policy does not apply to them. Each third-party site or service will have its own privacy policy and practices. We are not responsible for the content, privacy, or security of these external sites. We encourage you to review the privacy policies of any third-party site or service you interact with.

Examples of where this might be relevant:

  • If we have a community forum hosted on another platform (say, Reddit or Discord), any information you share there is subject to that platform’s terms and could be visible to others.

  • If you click a link in the app that takes you to YouTube for a relevant video, your interactions on YouTube are governed by Google/YouTube’s privacy policy.

  • Our social media pages (like an official Facebook, Twitter, or Instagram account for PekiBook) are on third-party platforms. If you visit or interact with us through those platforms, those interactions are governed by the platform’s policies.

  • If we partner with another company for a promotion or integrate a feature (like voice recognition using a third party), that might involve their service where their terms apply (though we’d inform you in such case).

We do not share your personal data with third-party sites just by virtue of linking to them. However, if you leave our Service by clicking a link, the third party may collect data from you (e.g., the third-party site might know you came from PekiBook via a referrer). Also, if you authorize a third-party service to access your PekiBook account (for example, an integration that pulls your progress data), we will share data with that service as directed by you, and their handling of that data will fall under their policies.

In summary, any data you provide to third parties is provided directly to them, and you should exercise caution and review their privacy practices. We provide links or integrations only for your convenience or to enhance your learning experience, but that does not imply endorsement or verification of their data practices. If you have concerns about a third-party site that’s linked from PekiBook, feel free to contact us and we will attempt to clarify the reason for the link or any integration.

12. International Users (Specific Regional Disclosures)

PekiBook is a global service, and by its nature, we may collect and process users’ personal data from all around the world. We strive to comply with the privacy laws applicable in the regions where we operate. Below are some region-specific disclosures and notes:

  • European Economic Area (EEA) and United Kingdom: Users in the EEA and UK have the rights and protections as detailed by the GDPR and UK GDPR. We have detailed these rights in the “Your Rights” section. We also have nominated a contact in the EU (and/or UK) if required – if applicable, we will provide details of our EU representative or UK representative for data protection matters upon request. Cross-border transfers from the EEA/UK are handled via Standard Contractual Clauses or other mechanisms as outlined in International Data Transfers. If you’re in the EEA/UK, you also generally benefit from recourse to your Data Protection Authority if you have an unresolved privacy concern. The lead supervisory authority for PekiBook, given our base in Turkey (a non-EU country), might not directly apply, but you can approach your local DPA for guidance or to lodge complaints.

  • Turkey: As a Turkey-based service provider, we comply with Turkey’s Personal Data Protection Law (KVKK). We’ve listed Turkish users’ rights (which mirror GDPR in many respects) in the “Your Rights” section. Turkish users can apply to us (the data controller) with any requests concerning their personal data (as per Article 13 of KVKK) – we will respond within the legally mandated time (usually 30 days). If you’re unsatisfied, you can then file a complaint with the Turkish Personal Data Protection Authority (KVKK Kurumu) within 30 days of our response (or 60 days of your application if we fail to respond). Also, when obtaining personal data, we are obliged to inform you of certain things (per Article 10 of KVKK) – this Privacy Policy serves as that “illumination text”, detailing the identity of the data controller, purposes of processing, parties to whom data may be transferred, etc.. By using PekiBook, Turkish users acknowledge they have been informed and, where applicable, have given consent for processing and transfer abroad (when such consent is needed).

  • United States (Other States): Besides California (already covered), other states like Virginia, Colorado, Connecticut, and Utah have their own privacy laws coming into effect around 2023. If you are a resident of these states, you also have rights similar to those described (access, delete, opt-out of targeted advertising, etc.). We aim to extend the same core rights to you. For example, Virginia residents can appeal a decision we make on a privacy request; Colorado/Connecticut allow opting out of profiling in furtherance of decisions that produce legal effects; etc. We will honor these as required. We do not collect sensitive data as defined under these laws (like SSN, precise geolocation, etc.) except possibly if you voluntarily provide, but we do not process sensitive data for purposes requiring special consent. Also, these states require data protection assessments for certain processing (like targeted advertising or profiling) – we have reviewed our activities and ensure they are in line with consumer expectations and legal requirements.

  • Canada: If you are in Canada, we comply with PIPEDA. We will obtain your consent for the collection, use, or disclosure of personal information, except where otherwise permitted by law. Your data may be stored or processed outside of Canada (e.g., in the U.S. or Turkey), and while it’s under our control, we will protect it with appropriate safeguards, but note that foreign governments may access it under their laws. You have the right to access your personal information and challenge its accuracy as necessary, as well as to make inquiries about our privacy practices to our designated privacy contact.

  • Australia: Australian users’ data is handled in accordance with the Australian Privacy Principles (APPs). You can access and correct your personal information by contacting us. If you have a complaint, let us know and we will aim to resolve it; you also can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if needed. We will not use your sensitive information for direct marketing without consent. Since data may be transferred outside Australia, by using PekiBook you consent to that transfer; however, we will take reasonable steps to ensure overseas recipients do not breach the APPs in relation to your data.

  • Brazil: For users in Brazil, we adhere to the LGPD (Lei Geral de Proteção de Dados). We process data under legal bases like consent, contract performance, legitimate interest, etc., comparable to those outlined for GDPR. Brazilian users have rights such as confirmation of processing, data access, correction, anonymization/blocking/deletion of unnecessary data, data portability, deletion of data processed with consent, information about shared entities, information about the possibility of denying consent and the consequences, and revocation of consent. You may exercise these rights by contacting us. If needed, we can provide our local representative in Brazil and channels for communication in Portuguese.

  • Other Countries: If you are in any other jurisdiction that grants additional rights or imposes additional rules, we will endeavor to comply. For example, if in Japan, we treat certain identifiers as “personal information” under the APPI and handle appropriately; if in South Korea, we’d abide by data localization if it applied (though likely not needed for our service), etc. This Privacy Policy is designed to be globally comprehensive, but we encourage you to reach out if you have specific questions about how your country’s laws are handled.

In summary, no matter where you are located, we aim to handle your data lawfully and securely. Sometimes that means providing extra notice or rights beyond one jurisdiction’s requirements. This section is meant to reassure users that we’re aware of and following applicable international privacy mandates.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will notify you by updating the “Last Updated” date at the top of this policy. If the changes are significant, we will provide a more prominent notice (such as by posting a notice on our website or within the app, or by emailing you or sending an in-app notification).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

If you continue to use PekiBook after any changes to this Privacy Policy become effective, it constitutes your acceptance of the revised policy. If you do not agree with the changes, you should stop using the Service and may request deletion of your data as outlined above.

Any amendments to this Privacy Policy will be effective immediately for new users and, for existing users, will be effective 30 days after posting (or upon re-consent, if we seek your consent to the changes). If required by applicable law, we will also seek your explicit consent to material changes in how we use your data.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please feel free to contact us:

  • Email: erenay@pekibook.com

  • Mail: Erenay Kaya – PekiBook, İŞÇİ BLOKLARI Mah. 1535 Cad. 217. Blok No: 21, İç Kapı No: 2, Çankaya, Ankara 06530, TURKEY

(For faster response, we recommend email contact. Please include “Privacy Inquiry” in the subject line to ensure it’s directed to the right team.)

Data Protection Officer (if applicable): While we are not legally required to appoint a formal Data Protection Officer under GDPR due to our scale and processing activities, we do have a responsible person for privacy compliance. You can reach out to us and we will direct your query to the appropriate privacy responsible personnel.

We will address your inquiries as promptly as possible, typically within 30 days. If you’re reaching out to exercise a privacy right, please clearly describe what you want to do (e.g., “I want to access my data” or “Please delete my account”). We may need to verify your identity for security reasons before proceeding with certain requests.

Thank you for trusting PekiBook with your language learning journey. We are dedicated to protecting your privacy and personal data.

© 2025 PekiBook

Terms & Conditions    Privacy Policy    Contact Me

bottom of page