Privacy Policy

Last updated: June 15, 2025 Thank you for choosing Lithuaningo (“us”, “we”, or “our”). This Privacy Policy explains how we collect, use, and disclose information about you when you use our mobile application (“App”).

By using the App, you agree to the collection and use of information in accordance with this Privacy Policy.

Data Controller

• Data Controller: Lithuaningo
• Contact Email: [email protected]
• If you are located in the EEA/UK, the Data Controller is responsible for your personal data under this policy.

1. Information We Collect

We collect the following types of information:

Personal Information

• Name and email address
• Profile picture and preferences
• Authentication data (Email, Google, or Apple Sign-In)
• In-app purchase history and subscription status
• Selected subscription plan (e.g., monthly, yearly)
• Premium subscription entitlements
• Payment transaction data (processed by third-party payment providers)

Usage Data

• App access patterns and learning behavior
• Device information and system settings
• Quiz and flashcard performance
• Practice session statistics
• Achievement progress
• Word and sentence learning history
• Sentence analysis usage and word detail requests
• Chat conversation history and AI interaction data
• Audio pronunciation usage
• Learning preferences and difficulty settings

Technical Data

• App performance metrics
• Crash reports and error logs
• Network connectivity status
• Device specifications
• Storage usage statistics
• API usage patterns
• Session management data

Content Data

• User-created flashcards and study materials
• Custom practice sessions
• Audio pronunciation recordings and generated speech
• AI-generated images and visual content
• Learning preferences and progress tracking
• Theme settings (Dark/Light mode)
• Challenge answers and explanations

AI-Generated Content

• Chat conversations with AI assistant
• Personalized learning explanations
• Generated flashcard content
• Sentence analysis and word explanations
• Computer-generated images for learning materials
• Text-to-speech audio files
• Educational content recommendations

2. How We Use Your Information

We use the collected information for:

Core Functionality

• User authentication and account management
• Progress tracking and statistics
• Personalized learning experience
• Flashcard management and generation
• Quiz generation and assessment
• AI-powered chat assistance
• Sentence analysis and word detail explanations
• Premium subscription management

AI-Enhanced Learning

• Generating personalized flashcards using AI
• Creating educational images and audio content
• Providing intelligent explanations for learning materials
• Analyzing sentences and providing detailed word explanations
• Customizing learning difficulty based on performance
• Conversation-based language practice

Service Improvement

• Performance optimization
• Content recommendations
• Feature enhancement
• Bug fixing and troubleshooting
• Usage pattern analysis
• AI model training and improvement

User Experience

• Push notification delivery
• Progress synchronization across devices
• Offline mode management
• Theme preferences
• Accessibility settings
• Subscription status management

3. Data Storage and Security

Storage Methods

• Supabase for primary data storage and user management
• RevenueCat for subscription management and payment processing
• OpenAI for AI-powered features and content generation
• Cloud storage services for media files (images, audio)
• AsyncStorage for local app data
• Secure token management for authentication

Security Measures

• End-to-end encryption for sensitive data
• Secure API communication protocols
• Regular security audits and monitoring
• Automated backup systems
• Data access controls and user permissions
• Secure payment processing through verified providers

4. Third-Party Services

We utilize the following services:

Authentication & User Management

• Supabase Authentication
• Google Sign-In
• Apple Sign-In
• Email verification services

Subscription & Payment Processing

• RevenueCat for subscription management
• App Store payment processing (iOS)
• Google Play payment processing (Android)
• Payment transaction security and fraud prevention

AI & Content Generation

• OpenAI services for:
  • Chat-based learning assistance
  • Educational content generation
  • Image creation for flashcards
  • Text-to-speech audio generation
  • Question explanation services
  • Sentence analysis and word detail explanations

Cloud Services & Infrastructure

• Supabase for database and real-time features
• Cloudflare R2 for media file storage (images, audio)
• Content delivery networks for global access
• Performance monitoring services

Analytics and Monitoring

• App performance analytics
• Usage pattern analysis
• Error reporting and crash analytics
• Learning progress tracking
• Error and Performance Monitoring Services: We use services like Sentry to monitor and diagnose errors and performance issues in the App. This involves collecting technical data, such as crash reports and device information, to help us improve stability and performance.

Advertising & Monetization

• We use Google AdMob to show banner, interstitial, and app-open ads in the free version of the App on both iOS and Android. AdMob may process device identifiers (e.g., Advertising ID/IDFA), IP address, coarse location, and usage information to deliver, limit, and measure ads.
• Your controls for ad personalization and tracking:
  • Android: Settings → Google → Ads → Opt out of Ads Personalization
  • iOS: Settings → Privacy & Security → Tracking → disable “Allow Apps to Request to Track,” or manage per‑app tracking permissions.
• Where required, we request consent for tracking (e.g., App Tracking Transparency on iOS) and honor your choices and platform settings.
• Premium subscribers do not see ads.

Consent Management (EEA/UK)

• Where required by law (e.g., EEA/UK), we obtain your consent for advertising, analytics, and tracking technologies. We use Google’s User Messaging Platform (UMP) to collect and manage consent for AdMob on Android and App Tracking Transparency (ATT) on iOS for tracking.
• How to change your choices: Visit our Manage Consent page for instructions to review or revoke consent, including device-level controls and how to request a consent reset.

5. Data Management

Data Access

• View and export learning progress
• Download user-created content
• Access practice history and statistics
• Review achievement records
• Export subscription and payment history

Data Deletion

• Account deletion through profile settings
• Content removal options
• AI conversation history clearing
• Data export before deletion
• Subscription cancellation and data cleanup

Data Retention

• Learning data retained for educational continuity
• AI conversation history maintained for session context
• Subscription data retained as required by payment processors
• Generated content (images, audio) stored for app functionality

We use commercially acceptable means to protect your Personal Information, but we cannot guarantee its absolute security. No method of transmission over the Internet or method of electronic storage is 100% secure.

We do not knowingly allow third parties to use your personal information for their own independent marketing purposes without your consent. We do not sell personal information for monetary consideration. We may “share” personal information for cross‑context behavioral advertising when showing ads, as defined under certain U.S. state privacy laws; see “California Privacy” for opt‑out options.

6. Device Permissions and Data Access

Android Permissions

When you use our Android app, we may request the following permissions:

• Internet Access: Required for core app functionality and API communication
• Network State: To detect connectivity and optimize performance
• Storage Access: For local data caching and temporary file storage
• Notifications: For daily review reminders and app updates (with your consent)
• Boot Completed: To restore scheduled notifications after device restart
• Exact Alarms: For precise daily reminder scheduling
• Billing: For subscription management through Google Play

iOS Capabilities

Our iOS app uses standard capabilities for:

• Network communication
• Background app refresh for notifications
• In-app purchases through App Store
• Push notifications (with your consent)

All permissions are requested with clear explanations and can be managed through your device settings.

7. Data Retention and Storage

Storage Locations

• Primary Database: Supabase (secure cloud hosting)
• Media Files: Cloudflare R2 with encrypted storage
• AI Conversations: Temporarily stored in backend server memory (not persisted to database)
• Local Device: AsyncStorage for app preferences and temporary data
• Payment Data: Processed by platform stores and RevenueCat

Retention Periods

• Learning Data: Retained while your account is active
• AI Conversations: Stored temporarily in server memory during active sessions, automatically cleared when sessions end or server restarts
• Generated Media: Retained to support app functionality, deleted upon account deletion
• Analytics Data: Aggregated data retained for 2 years for service improvement

8. User Controls

Notification Management

• Custom notification settings
• Daily reminder preferences
• Learning progress alerts
• Achievement notifications
• Subscription and payment notifications

Privacy Controls

• Profile visibility settings
• Data sharing preferences
• AI interaction consent
• Offline mode options
• Sync settings and data controls

Premium Features Control

• Subscription management
• Feature access controls
• AI service usage limits
• Content generation preferences

9. AI and Automated Content

AI Data Processing

• Chat conversations are processed to provide relevant responses
• Learning patterns analyzed for personalized recommendations
• Content generation based on user progress and preferences
• Speech recognition and pronunciation feedback

Content Generation

• AI-generated flashcards tailored to your learning level
• Computer-generated images for visual learning aids
• Text-to-speech audio for pronunciation practice
• Personalized explanations for challenging concepts

Data Improvement

• Anonymized usage patterns help improve AI responses
• Learning effectiveness data enhances content generation
• User feedback improves AI recommendation accuracy

10. International Data Transfer

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and that adequate data protection mechanisms, such as Standard Contractual Clauses, are in place for transfers of data outside the EEA.

11. Children’s Privacy

Our App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us at the email address provided below. If we become aware that we have collected personal information from a child under 13 without verification of parental consent, we take steps to remove that information from our servers.

12. Contact Information

For privacy-related inquiries:

• Email: [email protected]
• Website: Privacy Policy
• Support: Available through in-app help center

If you believe your privacy rights have been violated, you may lodge a complaint with your local data protection authority. We would appreciate the opportunity to address your concerns first.

13. Policy Updates

We regularly review and update this policy to reflect:

• New features and AI capabilities
• Changes in data handling practices
• Updated security measures
• Regulatory requirements
• Third-party service updates

Last major update: June 15, 2025

14. Legal Basis for Processing (GDPR Compliance)

We process your personal data under the following legal bases:

• Contract Performance: Processing necessary for app functionality and subscription services
• Legitimate Interest: Service improvement, analytics, and educational content enhancement
• Consent: Push notifications, marketing communications (where applicable)
• Legal Obligation: Payment processing records and compliance requirements

Your Rights (EU Users)

If you’re in the EU, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your data (“right to be forgotten”)
• Restrict processing
• Data portability
• Object to processing
• Withdraw consent at any time

To exercise these rights, contact us at [email protected].

15. U.S. State Privacy Rights (including CA/CO/CT/VA/UT)

Depending on your U.S. state of residence (e.g., California, Colorado, Connecticut, Virginia, Utah, and other similar laws), you may have the following rights, subject to certain exceptions:

• Right to know/access the categories and specific pieces of personal information we collect and how we use and disclose them
• Right to delete personal information
• Right to correct inaccurate personal information
• Right to data portability (receive a copy of your data in a portable format)
• Right to opt out of: “sale” of personal information; “sharing”/targeted advertising; and certain profiling for decisions that produce legal or similarly significant effects (where applicable)
• Right to limit use/disclosure of sensitive personal information (where applicable)
• Right to non‑discrimination for exercising your rights

We collect the categories described in Sections 1–4 (e.g., identifiers, device information, internet/network activity, coarse location, and in‑app interactions) for the purposes in Sections 2–4, and disclose to service providers and partners (e.g., Supabase, Google AdMob, RevenueCat, OpenAI, Cloudflare R2) as necessary to operate the App and show ads in the free version.

How to Exercise Your Rights: Email us at [email protected] with the subject “U.S. Privacy Request” and specify your request (access, deletion, correction, portability, or opt‑out of sale/sharing/targeted advertising). We may take steps to verify your identity. You may authorize an agent to act for you, subject to verification of both you and your agent.

Opt‑Out of Sale/Sharing/Targeted Ads: Limit personalized ads via platform settings (see Advertising & Monetization). You can also submit an email request as noted above. We do not knowingly sell or share the personal information of users under 16.

Appeals (CO/CT/VA and similar): If we decline your request, you may appeal by replying to our response with the subject “Appeal.” We will inform you in writing of any action taken or not taken and the reasons.

Nevada Privacy: Nevada residents may opt out of the sale of covered information by emailing [email protected] with the subject “Nevada Do Not Sell.” We do not currently sell covered information as defined under Nevada law.

16. Do Not Track

Your browser may offer a “Do Not Track” (DNT) signal. Because there is no industry standard for recognizing DNT, we do not currently respond to DNT signals. We honor applicable consent and platform privacy settings.

17. Cookies and Similar Technologies

While the App does not use traditional website cookies, we and our partners use mobile SDKs and similar technologies (e.g., device identifiers, local storage) to enable core functionality, analytics, crash diagnostics, advertising (in the free version), fraud prevention, and performance measurement. You can manage certain settings through your device’s privacy controls, consent prompts (e.g., ATT/UMP), and in‑app preferences where available.

18. Exercising Rights and Response Times

When you submit a privacy request, we will respond within the timeframes required by applicable law (generally 30–45 days). We may request information necessary to verify your identity and to secure your data before fulfilling a request. If we need more time, we will inform you of the reason and extension period permitted by law. Where permitted, we may deny a request (e.g., if we cannot verify you or must retain data under legal obligations). Appeal processes (where applicable) are described in the U.S. State Privacy section.