Privacy Policy

1. Who we are

This Privacy Policy describes how NestIT Ltd ("NestIT", "we", "us", "our") handles personal data in connection with the Penna mobile application ("Penna", the "App") and this website at handwritehq.com (the "Website"). Together, the App and the Website are the "Service".

NestIT Ltd is a company registered in England & Wales (registered office: London, United Kingdom). NestIT is the data controller for personal data processed in connection with the Service.

Contact us at gdpr@handwritehq.com for privacy questions, and at support@handwritehq.com for general support.

2. Scope of this policy

This policy covers personal data processed when you:

• visit the Website;
• create an account in the App and use Penna's features;
• contact us by email or via our forms.

It does not cover websites or services we link to.

3. The personal data we process

Category	What it includes	Source
Account data	Firebase user ID, email, display name, profile photo URL.	From you via Google Sign-In, synced from Firebase.
Handwriting images	Photographs of handwriting you upload.	Provided by you.
AI analysis results	Transcribed text, scores, feedback, practice drill, annotated image (PNG).	Generated by AI providers from your image.
Usage data	Monthly analysis count, subscription tier, analysis timestamps.	Generated by the App and our servers.
Subscription data	Subscription status, trial state, transaction identifiers (no card data).	Synced from RevenueCat / App Store / Google Play.
Diagnostic data	Crash reports, device model, OS version, app version, anonymised installation ID.	Firebase Crashlytics in the App.
Communications	Contents of emails or forms you send us.	Provided by you.
Website technical data	IP address (truncated), user-agent, page, response code, timestamp. Webserver logs: 30 days.	Automatically collected.

We do not collect: card numbers, precise geolocation, contacts, behavioural advertising identifiers, or any data through tracking cookies or advertising SDKs.

4. How we use your data, and our legal basis

Purpose	Lawful basis (UK GDPR Art. 6)
Creating your account, signing you in, showing your history.	Contract (Art. 6(1)(b))
Sending your image to AI providers and returning the result.	Contract (Art. 6(1)(b))
Counting monthly usage, enforcing free-tier limits.	Contract (Art. 6(1)(b))
Synchronising subscription state with RevenueCat / app stores.	Contract (Art. 6(1)(b))
Detecting crashes and fixing bugs (Crashlytics).	Legitimate interests (Art. 6(1)(f))
Defending against abuse, preventing fraud.	Legitimate interests (Art. 6(1)(f))
Replying to support / privacy enquiries.	Legitimate interests (Art. 6(1)(f))
Complying with legal, accounting, and regulatory obligations.	Legal obligation (Art. 6(1)(c))

We do not use your data for advertising, profiling for marketing, or training third-party AI models on your handwriting.

5. Who we share your data with

Processor	Purpose	Location
Google Ireland Ltd (Firebase Auth, Crashlytics)	Sign-in, crash reporting.	EU / US
Anthropic, PBC (Claude API)	Primary AI analysis of handwriting.	United States
Google LLC (Gemini API)	Alternate AI analysis, annotated image generation.	United States
RevenueCat, Inc.	Subscription management.	United States
Apple Inc. / Google LLC (app stores)	App distribution, billing.	US / EU
Hetzner Online GmbH	Hosting the API and Website.	Germany (EU)

We do not sell, rent, or commercially trade your personal data. International transfers to the US rely on the UK International Data Transfer Addendum (IDTA/SCCs).

6. Your data and AI

When you request an analysis:

1. Your image is uploaded over HTTPS to our servers.
2. We resize and re-encode the image and pass it to an AI API in a single call.
3. The API returns feedback; we save and display it to you.

No model is trained on your data. The commercial APIs we use prohibit training on customer inputs by default.

Your original photo is not stored. It is held in memory only during one analysis and discarded on completion.

The annotated PNG is stored on our servers until you delete the analysis or your account.

AI feedback is generated automatically. It is not human expert advice and may be imprecise.

7. International transfers

Some processors are in the United States. We rely on the UK adequacy decision (EU/EEA) where applicable and the UK International Data Transfer Addendum to the EU Standard Contractual Clauses for US transfers. Email gdpr@handwritehq.com to request a copy of the relevant safeguards.

8. How long we keep your data

Data	Retention
Account record	Until you delete your account.
Analyses (scores, feedback text)	Until you delete the analysis or account.
Annotated image PNGs	Until you delete the analysis or account. (A fixed TTL — likely 90 days — is planned for v1.5.)
Original uploaded photo	In memory only — never persisted.
Usage counters	12 months; older monthly rows pruned.
Crash reports (Crashlytics)	90 days (Crashlytics default).
Webserver / application logs	30 days.
Email correspondence	24 months; longer if a dispute requires it.
Postgres backups	Up to 30 days from creation.

When you delete your account (in-app or via the web form), we erase records within 30 days.

9. Your rights

Under UK GDPR you have the right to: access your data; rectify inaccurate data; erasure; restriction; portability; object to legitimate-interest processing; and to complain to the ICO at ico.org.uk.

To exercise any right, email gdpr@handwritehq.com. We respond within one month.

10. Children

Penna is for users aged 13 or older (UK/US) or the applicable digital-consent age in your jurisdiction (e.g. 16 in some EU countries). We do not knowingly collect data from younger children. If you believe a child has registered, contact gdpr@handwritehq.com and we will delete the data.

11. Changes to this policy

We may update this policy. The "Last updated" date will reflect the change. For material changes we will notify you in the App or by email before the change takes effect.

12. Contact

NestIT Ltd · London, United Kingdom
Privacy: gdpr@handwritehq.com
Support: support@handwritehq.com