Privacy Policy

Effective Date: 2024-08-14

1. Introduction

Welcome to Lingaku! We are committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy outlines how we collect, use, store, and protect your information when you use our web application for learning Chinese and Japanese vocabulary.

2. Data Collection and Usage

Information We Collect and How We Use It:

• Registration Information:
  • Data Collected: Name, email address, and profile image URL (via Google authentication).
  • Purpose: To create and manage your account.
  • Lawful Basis: Performance of a contract.
• Payment Information:
  • Data Collected: Handled directly by Stripe and/or Paddle (depending on the region); we do not store this information.
  • Purpose: For processing payments.
  • Lawful Basis: Performance of a contract.
• Cookies and Tracking Technologies:
  • Data Collected: Cookies and similar technologies.
  • Purpose: To authenticate users and analyze traffic via Google Analytics.
  • Lawful Basis: Legitimate interests for essential cookies and consent for non-essential cookies.
• Marketing and Promotional Purposes:
  • Data Collected: With your consent, we may use your data for marketing and promotional purposes.
  • Lawful Basis: Consent.

Sharing Information:

• We share your email address with Stripe and/or Paddle (depending on the region) for payment processing. Other payment information is directly entered by the user into Stripe or Paddle.
• We do not share your personal data with any other third parties unless required by law or to protect our rights.

3. Cookies and Tracking Technologies

We use cookies to authenticate users and to analyze traffic via Google Analytics. Cookies are small text files stored on your device that help us provide a better user experience.

Types of Cookies We Use:

• Authentication Cookies: Essential for website operation and managing user sessions.
  • __Host-authjs.csrf-token: Prevents Cross-Site Request Forgery attacks. Lasts for the session.
  • __Secure-authjs.callback-url: Redirects users during authentication. Lasts for the session.
  • __Secure-authjs.session-token: Maintains user sessions across pages. Lasts for one month.
• Google Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously.
  • _ga: Distinguishes unique users by assigning a randomly generated ID. Lasts for 2 years.
  • _ga_<container-id>: Persists session state and counts page views. Lasts for 2 years.

Consent to Cookies:

• When you first visit our website, you will see a cookie banner that informs you about our use of cookies and provides a link to this policy. You can choose to accept all cookies or manage your cookie preferences.
• You can change your cookie preferences at any time via Cookie Preferences.

4. Data Storage and Security

Storage:

• User data is stored in cloud storage within the EU.

Retention Periods:

• Registration Information: We retain registration information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy. If you delete your account, your personal information will be permanently deleted within 30 days, except where we are required to retain it for legal, regulatory, or security reasons.
• Cookies: Refer to the Cookies and Tracking Technologies section.

Security Measures:

• Communication with our server is encrypted to protect your data.
• We use access controls to ensure only authorized personnel can access your data.

5. User Rights

Under the GDPR, you have the following rights:

• Right to be Informed: You have the right to be informed about the collection and use of your personal data.
• Right of Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can request that we correct any inaccuracies in your personal data.
• Right to Erasure (Right to be Forgotten): You can request that we delete your personal data.
• Right to Restriction of Processing: You can request that we limit the processing of your personal data.
• Right to Data Portability: You can request a copy of your personal data in a commonly used format.
• Right to Object: You can object to the processing of your personal data in certain circumstances.
• Right Not to Be Subject to Automated Decision-Making: You have the right not to be subject to decisions made solely by automated processing, including profiling, if these decisions have legal effects on you or significantly affect you in a similar way.

To exercise any of these rights, please contact us at support@lingaku.com. We will respond to your request within one month. This period may be extended by two additional months if the request is complex or if we receive numerous requests. You will be informed of any such extension within one month of your request.

6. Children's Privacy

Our application is not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to delete that information.

7. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure it is protected by appropriate safeguards, such as the Standard Contractual Clauses approved by the European Commission.

8. Data Breach Notification

In the event of a data breach, we will notify affected users and the relevant supervisory authorities within 72 hours, as required by the GDPR. Notification will include the nature of the breach, likely consequences, and measures taken to address the breach.

9. Policy Updates

We review and update the privacy policy periodically to ensure compliance with legal requirements. Users can read about any changes to the privacy policy on this page. We will notify you of significant changes to this policy by email or through the application.

10. Consent Management

Obtaining Consent:

We obtain your explicit consent for the use of cookies and for processing your personal data for specific purposes.

Managing and Withdrawing Consent:

You can manage your consent preferences and withdraw consent at any time via Cookie Preferences for cookies. For the withdrawal of consent regarding the processing of personal data, please contact us via email at support@lingaku.com. Please note that withdrawing consent for personal data processing may limit our ability to provide our services to the fullest extent. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

11. Contact Information

For any privacy questions or concerns, please contact us at support@lingaku.com.