Jogg is developed and operated by MokingBird Oy, a company registered in Finland. In this Privacy Policy, "Mokingbird", "Jogg", "we", "our", and "us" refer to MokingBird Oy.
This policy is written for website publication and in-app legal display, app store review and user support, and GDPR-facing transparency.
Please read this policy carefully. By using Jogg, you agree to the practices described herein.
This policy applies to:
It does not apply to third-party services you may link to from within the app. Those services have their own privacy policies.
Jogg is a professional AI/ML learning application that combines:
MokingBird Oy
Operating Jogg as its product and brand.
Privacy contact: [email protected]
For general support: [email protected] (when active)
MokingBird Oy is the data controller for all personal data processed through the Jogg application.
We follow a strict data minimisation principle. We only process data that is necessary for the operation and improvement of the app.
If you create an account, we process:
Authentication is handled through Supabase-backed account infrastructure. Supported sign-in methods include email and password, magic link (passwordless email), email OTP (6-digit one-time code), and OAuth providers: Google, Apple, Facebook, and X/Twitter where configured.
Depending on what you choose to provide or enable in your profile, we may process:
We do not require your date of birth, phone number, or postal address.
To operate the core app functions, we process:
This data is stored in your user account and is only accessible by you, unless you explicitly opt into leaderboard features.
We may process app settings such as theme selection, language preferences, sound and haptic settings, PIN and biometric security preferences, auto-lock timer settings, notification preferences, leaderboard sharing preferences, and privacy-related toggles where available.
Leaderboard participation is entirely opt-in and requires your explicit consent. If you choose to join leaderboard features, we may display limited information publicly, such as username, ranking position, and selected performance indicators (XP, level, tier, streak) according to your sharing settings.
We do not display your email address or any authentication details on the leaderboard. You may withdraw from leaderboard participation at any time in your profile settings.
If you enable reminders or notifications, we may process device notification permissions, push-notification preferences, local reminder schedules, and notification records associated with your account.
To improve question quality, we may collect anonymous, aggregated data about how questions are answered. We collect: question ID, whether the answer was correct or incorrect, time taken to answer (seconds), and approximate user level at the time.
Anonymisation method: Your user ID is transformed using a one-way cryptographic hash (SHA-256 with a salt) before any analytics data is stored. This result cannot be reversed to identify you.
We do not collect your name, email, IP address, or device identifiers in analytics. This data is used exclusively to improve question quality and is not used for advertising or profiling.
We may process support correspondence (emails, in-app feedback), app error context submitted via crash reports (opt-in), account deletion requests, data export actions, and abuse-prevention and security-related signals.
We do not collect:
We process data in order to create and manage user accounts, authenticate users and manage sessions, save and synchronise learning progress, deliver quizzes and learning content, personalise question selection, support the 9-lane learning path, support daily review and streak mechanics, operate leaderboard features when you opt in, send reminders and notifications you have enabled, support account data export and deletion, protect the service and its users, and improve question quality through anonymous performance data.
For users in the European Union or European Economic Area, we rely on one or more of the following lawful bases under GDPR.
We process data necessary to provide the app and its core functions, including account access, quiz delivery, progress saving, and settings persistence.
We may process data where necessary for our legitimate interests, including service security and abuse prevention, product reliability and internal troubleshooting, and anonymous quality improvement. We have assessed that these interests are not overridden by your rights.
For certain optional features, we rely on your consent: leaderboard participation, optional crash reporting and analytics, push notifications, and optional future integrations. You may withdraw consent at any time without affecting the lawfulness of prior processing.
We may process data when required to comply with applicable law, regulation, lawful requests, or enforcement obligations.
Jogg supports guest mode for users who wish to try the app without creating an account. In guest mode, some activity may be stored locally on-device only, account-bound features are not available, and no personal data is linked to a server-side account.
Jogg uses Supabase for account authentication and application data storage, local on-device storage for cached app data and offline use, and encrypted local storage for sensitive local state and cryptographic keys.
Supabase operates on cloud infrastructure. Your data may be processed on servers within or outside your country of residence. Where required by GDPR for cross-border transfers, we rely on appropriate safeguards such as Standard Contractual Clauses as available through Supabase's data processing agreements.
Jogg uses multiple layers of technical and organisational security measures, including:
We do not sell, rent, or trade your personal data to any third party for their own commercial use.
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database, authentication, storage | Account and progress data |
| Crash/error reporting (when enabled) | App diagnostics | Diagnostic error data as configured in current rollout |
We may disclose data if required by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to protect legal rights, your safety, or the safety of others.
In the event of a merger, acquisition, or sale of assets, user data may transfer as part of that transaction. You will be notified in advance and retain the right to delete your account before any transfer.
Your data may be processed in countries outside your country of residence, including countries outside the European Economic Area. Where required by applicable law, we implement appropriate safeguards for such transfers, relying on Supabase's data processing agreements and applicable transfer mechanisms.
| Data Category | Retention |
|---|---|
| Account data (email, username, progress) | Until account deletion |
| Learning progress and history | Until account deletion |
| Raw anonymous analytics (question answers) | 90 days |
| Aggregated anonymous analytics | Indefinite (fully anonymised) |
| Crash reports (opt-in) | 90 days |
| Support correspondence | As required by legal or operational need |
| Deleted account data | Processed via backend account-deletion flow; some records may remain temporarily in backups/logs where legally required |
Depending on your jurisdiction, and in particular under GDPR if you are in the EU/EEA, you have the following rights:
You may request a copy of all personal data we hold about you in a structured, machine-readable format (JSON) within 30 days. How to exercise: "Download My Data" in app Settings, or email [email protected].
You may correct inaccurate or incomplete personal data. Username and profile information can be updated directly in the app.
You may request deletion of all your personal data. How to exercise: "Delete Account" in app Settings. Limited records may be retained where required for security, fraud prevention, legal, or bookkeeping purposes as permitted by GDPR Art. 17(3).
You may export your personal data in JSON format at any time via app Settings.
In certain circumstances, you may request that we restrict processing of your personal data.
You may object to processing based on legitimate interests, including anonymous analytics. You can disable analytics in app Settings.
Where we rely on consent, you may withdraw it at any time via app Settings. Withdrawal does not affect the lawfulness of prior processing.
You have the right to lodge a complaint with your national data protection authority. In Finland:
Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto)
Website: tietosuoja.fi
Jogg is designed as a professional and educational AI/ML learning product intended for users aged 16 and over. We do not knowingly collect personal data from children below the applicable age threshold. If you are a parent or guardian and believe your child has provided personal information without appropriate consent, please contact us at [email protected].
We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last Reviewed" date at the top, notify you via in-app notification, and for significant changes affecting your rights, provide advance notice and, where required, seek renewed consent.
MokingBird Oy
Privacy contact: [email protected]
Subject line: "Privacy — Jogg"
Website: https://jogg.mokingbird.xyz
We aim to respond to all privacy-related enquiries within 30 days.