Privacy Policy
Last updated: May 2026
This Privacy Policy describes how Languit ("we", "us") collects, uses, and shares information about you when you use our mobile application and related services.
1. Information we collect
Account info. When you sign in with Apple, Google, or email (via Clerk), we receive your name and email address.
Learning data. Languages you select, proficiency level, lessons you generate, vocabulary you mark known, flashcard ratings, streak history.
Usage data. Anonymized event data via PostHog: which screens you visit, lesson generation attempts, feature usage. We do not link this to advertisers.
Payment info. Subscriptions are processed by Apple/Google. We never see your card details. RevenueCat tells us your subscription status only.
YouTube URLs you submit. We fetch the captions of videos you paste, send them to AI providers, and store the resulting lesson tied to your account.
2. How we use your information
- Generate personalized language lessons
- Show your progress, streaks, and review queue
- Process subscription billing
- Improve product features (anonymized analytics)
- Communicate with you about your account
3. Third-party services
We share data with these processors only as needed:
- Clerk — authentication
- Neon (PostgreSQL) — encrypted database hosting
- Vercel — backend hosting
- Google Gemini — AI lesson generation (transcripts sent for processing, not used for training your custom data)
- RevenueCat — subscription management
- PostHog — anonymized product analytics
We do not sell your personal data.
4. Data retention
Account and lesson data are retained until you delete your account. Anonymized analytics events are retained for 12 months. To delete everything, email us at privacy@languit.com.
5. Your rights
Under GDPR, CCPA, and similar laws, you can request: access to your data, correction, deletion, export, or restriction of processing. Contact us at privacy@languit.com and we'll respond within 30 days.
6. Children
Languit is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us data, contact us and we'll delete it.
7. Security
We use HTTPS for all traffic, encrypted storage at rest, and access controls on our infrastructure. No system is perfectly secure — if we detect a breach affecting you, we'll notify you within 72 hours.
8. Changes to this policy
We'll post the new version here and update the "Last updated" date. For material changes we'll send an in-app notice.