Privacy Policy
Last updated: January 6, 2025
Langluer ("we," "us," or "our") operates language learning mobile applications including Mitho Bol, Nepalism, Rian Lao, and other apps (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Services.
We are committed to protecting your privacy and being transparent about our data practices. Please read this policy carefully. If you do not agree with our policies, please do not use our Services.
Table of Contents
- Information We Collect
- How We Use Your Information
- Legal Basis for Processing (GDPR)
- Information Sharing and Disclosure
- Third-Party Services
- Data Retention
- Your Privacy Rights
- California Privacy Rights (CCPA)
- International Data Transfers
- Children's Privacy
- Data Security
- Changes to This Policy
- Contact Us
1. Information We Collect
1.1 Information You Provide
When you create an account or use our Services, you may provide:
- Account Information: Email address, display name, and profile picture (optional)
- Authentication Data: Password (encrypted) or Google OAuth credentials
- Learning Preferences: Your learning goal (travel, connect with family, curiosity), language proficiency level
- Feedback: Messages you submit through our feedback feature, including optional context about your learning progress
1.2 Information Collected Automatically
When you use our Services, we automatically collect:
- Learning Progress: Current lesson day, completed lessons, exercise scores, time spent learning, streak data
- Vocabulary Data: Words learned, mastery levels, spaced repetition review schedules, correct/incorrect answers
- Achievement Data: Unlocked achievements and progress toward achievements
- Usage Analytics: App opens, feature usage, lesson starts/completions, button taps (anonymized)
- Device Information: Device type, operating system version, app version
- Error Data: Crash reports and error logs (without personally identifiable information)
1.3 Information NOT Collected
We do not collect:
- Precise location data
- Contacts or address book
- Photos, camera, or microphone data
- Financial or payment information (payments are processed by Apple App Store or Google Play)
- Health or biometric data
- Browsing history outside our app
2. How We Use Your Information
We use the information we collect to:
| Purpose | Data Used |
|---|---|
| Provide and personalize the learning experience | Account info, learning progress, vocabulary mastery |
| Sync your progress across devices | All learning data |
| Send learning reminders and streak notifications | Notification preferences, streak data |
| Improve our apps and develop new features | Anonymized usage analytics |
| Fix bugs and maintain app stability | Error logs, device info |
| Respond to your feedback and support requests | Feedback messages, account info |
| Prevent fraud and enforce our terms | Account info, usage patterns |
3. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data based on the following legal grounds:
- Contract Performance: Processing necessary to provide the Services you requested (account management, learning features, progress sync)
- Legitimate Interests: Processing for our legitimate business interests, such as improving our apps, preventing fraud, and ensuring security, balanced against your privacy rights
- Consent: Processing based on your explicit consent, such as sending marketing communications (you may withdraw consent at any time)
- Legal Obligation: Processing necessary to comply with applicable laws
4. Information Sharing and Disclosure
We do not sell your personal information. Third-party services we use only receive the minimum information necessary to provide their service and are contractually prohibited from using your data for any other purpose.
We may share your information only in these limited circumstances:
- Service Providers: With third-party services that help us operate (see Section 5)
- Legal Requirements: When required by law, subpoena, or legal process
- Protection of Rights: To protect our rights, privacy, safety, or property
- Business Transfers: In connection with a merger, acquisition, or sale of assets (you will be notified)
5. Third-Party Services
We use the following third-party services to operate our apps:
PostHog (Product Analytics)
Purpose: Understand how users interact with our app to improve the learning experience
Data Shared: Anonymized usage events (lesson starts, feature usage), user ID (after login), app variant
Location: United States
Retention: Up to 7 years (configurable)
Privacy Policy: posthog.com/privacy
Sentry (Error Tracking)
Purpose: Identify and fix bugs and crashes
Data Shared: Error messages, stack traces, app version, OS version, user ID (no email or PII)
Location: United States
Retention: 90 days
Privacy Policy: sentry.io/privacy
PocketBase (Backend Database)
Purpose: Store user accounts, learning progress, and sync data across devices
Data Shared: Account info, learning progress, vocabulary mastery, achievements
Location: Self-hosted (data location varies by app variant)
Retention: Until account deletion
Google OAuth (Authentication)
Purpose: Allow sign-in with Google account
Data Shared: Email address, name, profile picture (as authorized by you)
Privacy Policy: policies.google.com/privacy
6. Data Retention
We retain your personal data for as long as necessary to provide our Services and fulfill the purposes described in this policy:
- Account Data: Retained until you delete your account
- Learning Progress: Retained until you delete your account
- Usage Analytics: Retained for up to 7 years in anonymized form
- Error Logs: Retained for 90 days
- Feedback: Retained until resolved and for reasonable period thereafter
When you delete your account, we delete or anonymize your personal data within 30 days, except where we are required to retain it for legal purposes.
7. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Rectification: Request correction of inaccurate or incomplete data
- Erasure: Request deletion of your personal data ("right to be forgotten")
- Portability: Request your data in a structured, machine-readable format
- Restriction: Request limitation of processing in certain circumstances
- Objection: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent for processing based on consent at any time
To exercise these rights:
- Delete your account directly in the app (Settings → Delete Account)
- Email us at privacy@langluer.com
We will respond to your request within 30 days (or sooner as required by law). We may ask you to verify your identity before processing your request.
8. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
Right to Know
You have the right to request information about:
- Categories of personal information we collect
- Sources from which we collect personal information
- Business purposes for collecting personal information
- Categories of third parties with whom we share personal information
- Specific pieces of personal information we have collected about you
Right to Delete
You have the right to request deletion of your personal information, subject to certain exceptions.
Right to Opt-Out of Sale
We do not sell your personal information. Therefore, there is no need to opt-out.
Right to Non-Discrimination
We will not discriminate against you for exercising your CCPA rights.
Categories of Personal Information Collected
In the past 12 months, we have collected the following categories of personal information:
- Identifiers (email address, name, user ID)
- Internet or network activity (app usage, feature interactions)
- Inferences (learning preferences, skill levels)
To exercise your CCPA rights, contact us at privacy@langluer.com.
9. International Data Transfers
Our Services are operated from the United States. If you are located outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.
For transfers from the EEA, UK, or Switzerland to the United States, we rely on:
- Standard Contractual Clauses approved by the European Commission
- Data Processing Agreements with our service providers
By using our Services, you consent to the transfer of your information to these countries, which may have different data protection laws than your country of residence.
10. Children's Privacy
Our Services are not directed to children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children under these ages.
If we learn that we have collected personal information from a child under the applicable age, we will take steps to delete that information as quickly as possible.
If you believe we have collected information from a child, please contact us immediately at privacy@langluer.com.
11. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encryption of data in transit (HTTPS/TLS)
- Secure authentication with password hashing and OAuth
- Secure token storage using device keychain/keystore
- Access controls limiting who can access your data
- Regular security reviews and updates
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last updated" date at the top of this policy
- Notify you through the app or by email (for significant changes)
- Give you the opportunity to review the changes before they take effect
Your continued use of our Services after the effective date of any changes constitutes your acceptance of the updated policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Langluer
Email: privacy@langluer.com
For EEA residents: If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.