Privacy Policy

1. Information We Collect

We collect data you provide directly, such as account details (email, username), learning content (books, chapters, words, notes), and settings/preferences.

We also process operational data required to run the service, such as authentication/session data, basic request metadata, analytics events (for example page views, login success, and quiz activity), and local browser storage/cookies used for app performance and continuity.

2. How We Use Information

We use data to provide app functionality, account security, sync features, learning progress, diagnostics, abuse prevention, and product improvements.

3. Analytics Technologies

We use analytics tools to understand how the service is used and to improve product quality and retention. This may include PostHog and, when enabled, Google Analytics (GA4).

Analytics tools may collect event data such as visited pages, feature usage, quiz flow events, browser/device metadata, and approximate location derived from IP. We configure analytics to reduce unnecessary personal data collection where possible.

Where enabled, analytics may also include session replay (sometimes called screen recordings) to help diagnose usability issues and bugs. Session replay may capture page interactions such as clicks, scrolling, navigation flow, and visible UI state during use.

We aim to avoid capturing sensitive inputs in session replay by using masking/exclusion settings where possible. Payment and authentication data should not be intentionally recorded in full.

You can limit analytics collection by blocking analytics scripts/cookies in your browser settings or extensions. If your browser sends a Do Not Track signal, we attempt to honor it.

4. School and Community Data

If you use school or classroom features, we process school codes, cohort membership, teacher relationships, and learning activity summaries needed to support those workflows.

If your account is connected to a school code or institutional cohort, authorized school or teacher administrators may view vocabulary-learning analytics tied to that cohort, including words added, difficulty/category patterns (for example CEFR level), and aggregate activity summaries.

5. Future Advertising and Cookies

We may introduce ads in the future. If we do, ad technology partners may use cookies or similar identifiers to measure performance, prevent fraud, and personalize ad experience where legally allowed.

If ad features are introduced, we will update this policy and provide any consent controls required by applicable law.

6. Data Sharing

We do not sell personal information. We may share data with service providers strictly as needed to operate, secure, and improve the platform.

This can include infrastructure, authentication/security tooling, email delivery providers, and payment processors for billing (for example Stripe, where enabled), and third-party dictionary providers used to return definition content, and analytics providers used for product measurement.

We may also disclose information if required by law, legal process, or valid government request.

7. Security

We use reasonable administrative and technical safeguards. No system can be guaranteed 100% secure, and you use the service at your own risk.

8. Retention

We keep data while needed for service operation, security, legal compliance, and legitimate business purposes. Account deletion requests are handled according to applicable law and system constraints.

Where billing is active, account deletion may require cancellation of an active paid subscription before deletion can proceed.

Analytics records, including session replay data where enabled, are retained only as needed for diagnostics, security, and product improvement, then deleted or anonymized according to provider and internal retention controls.

9. Your Rights and Choices

Subject to local law, you may request access, correction, export, or deletion of personal data. You may also manage key account controls in-app.

You may also request support in limiting analytics tracking associated with your account activity.

Where required by applicable law, consent controls may be provided for analytics features, including session replay technologies.

10. International Processing

Your data may be processed in countries different from your own. By using the service, you understand that cross-border processing may occur.

11. Children's Privacy

The service is not directed to children below the minimum legal age in their jurisdiction. If we learn personal data was provided without required consent, we will take appropriate action.

12. Policy Updates

We may update this Privacy Policy over time. The latest version will be posted on this page.

13. Contact

Privacy questions or requests: vocalibrysupport@gmail.com.