Back to Home

Privacy Policy

Last updated: January 15, 2025

1. Introduction

Welcome to ConvoAI’s Privacy Policy. This policy describes how ConvoAI (“we,” “our,” or “us”) collects, uses, shares, and protects your personal information when you use our website, mobile applications, and related services (collectively, the “Service”).

We are committed to protecting your privacy and being transparent about our data practices. By using ConvoAI, you agree to the collection and use of information in accordance with this Privacy Policy.

If you have any questions about this Privacy Policy, please contact us at privacy@convoai.app.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us when you:

  • Create an account: Name, email address, password, preferred learning languages, and profile information
  • Subscribe to our service: Payment information (processed securely through Stripe), billing address
  • Use our features: Conversation transcripts, game results, learning progress, achievements, and preferences
  • Contact support: Messages, feedback, and support requests
  • Participate in surveys: Survey responses and feedback

2.2 Information Collected Automatically

When you use ConvoAI, we automatically collect certain information, including:

  • Device information: Device type, operating system, browser type, IP address, and device identifiers
  • Usage data: Pages visited, features used, time spent, clicks, and interaction patterns
  • Performance data: Error reports, crash logs, and diagnostic information
  • Location data: Approximate location based on IP address (not precise GPS location)

2.3 Information from Third Parties

We may receive information from third-party services when you:

  • Sign up using social media authentication (if available)
  • Make payments through Stripe
  • Interact with our AI-powered features (OpenAI)

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 To Provide and Improve Our Service

  • Create and manage your account
  • Provide personalized language learning experiences
  • Track your learning progress and achievements
  • Generate AI-powered conversations and feedback
  • Improve our algorithms and features
  • Troubleshoot technical issues

3.2 To Communicate with You

  • Send service-related announcements and updates
  • Respond to your inquiries and support requests
  • Send you learning reminders and progress reports (if enabled)
  • Notify you about new features and updates
  • Send promotional emails (with your consent, which you can withdraw at any time)

3.3 To Process Payments

  • Process subscription payments through Stripe
  • Manage billing and invoicing
  • Detect and prevent fraud

3.4 For Analytics and Research

  • Analyze usage patterns and trends
  • Conduct research to improve language learning methodologies
  • Generate aggregate, anonymized statistics

3.5 For Legal and Security Purposes

  • Comply with legal obligations
  • Enforce our Terms of Service
  • Protect against fraud, abuse, and security threats
  • Resolve disputes and enforce agreements

4. Data Storage and Security

4.1 Where We Store Your Data

Your personal information is stored securely using Supabase, a cloud-based database service. Data is stored on secure servers with industry-standard encryption and access controls.

4.2 How We Protect Your Data

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit (HTTPS/SSL) and at rest
  • Regular security audits and vulnerability assessments
  • Access controls and authentication requirements
  • Secure password hashing algorithms
  • Regular backups and disaster recovery procedures
  • Employee training on data protection and privacy

4.3 Data Retention

We retain your personal information for as long as necessary to provide our Service and fulfill the purposes described in this Privacy Policy. When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or regulatory purposes.

Aggregated, anonymized data may be retained indefinitely for research and analytics purposes.

5. Third-Party Services

ConvoAI integrates with the following third-party services. Each service has its own privacy policy governing how they collect and use your information:

5.1 Stripe (Payment Processing)

We use Stripe to process payments securely. Stripe collects and processes your payment information according to their Privacy Policy. We do not store your complete credit card information on our servers.

5.2 Supabase (Data Storage & Authentication)

We use Supabase to store your account information, learning data, and manage authentication. Supabase’s privacy practices are described in their Privacy Policy.

5.3 OpenAI (AI Language Models)

Our AI-powered conversation features use OpenAI’s language models. When you interact with our AI features, your messages may be processed by OpenAI according to their Privacy Policy.

Please note: Conversation data sent to OpenAI is used solely to generate responses and is not used to train OpenAI’s models (as per OpenAI’s API data usage policy).

5.4 Analytics Services

We may use analytics services to help us understand how users interact with our Service. These services may collect information about your device and usage patterns.

6. Cookies and Tracking Technologies

6.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. We use cookies and similar tracking technologies to enhance your experience and collect information about how you use our Service.

6.2 Types of Cookies We Use

  • Essential Cookies: Required for the Service to function properly (authentication, security)
  • Performance Cookies: Help us understand how visitors interact with our Service
  • Functionality Cookies: Remember your preferences and settings
  • Analytics Cookies: Collect information about Service usage and performance

6.3 Managing Cookies

You can control and manage cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Service. Most browsers accept cookies by default, but you can usually modify your browser settings to decline cookies if you prefer.

7. Data Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information in the following circumstances:

7.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our Service (e.g., Stripe, Supabase, OpenAI, hosting providers). These providers are contractually obligated to protect your information and use it only for the purposes we specify.

7.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to:

  • Comply with legal obligations
  • Protect our rights, property, or safety
  • Prevent fraud or abuse
  • Respond to emergencies

7.3 Business Transfers

If ConvoAI is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any change in ownership.

7.4 With Your Consent

We may share your information for other purposes with your explicit consent.

8. Your Rights and Choices

8.1 Access and Correction

You have the right to access, update, and correct your personal information through your account settings. If you need assistance, contact us at privacy@convoai.app.

8.2 Data Portability

You have the right to request a copy of your personal information in a structured, commonly used, and machine-readable format.

8.3 Deletion

You can delete your account at any time through your account settings. Upon deletion, we will remove or anonymize your personal information within 30 days, subject to legal retention requirements.

8.4 Opt-Out of Marketing

You can opt out of receiving promotional emails by clicking the “unsubscribe” link in any marketing email or by adjusting your notification preferences in your account settings.

8.5 Do Not Track

Some browsers include a “Do Not Track” (DNT) feature. Our Service does not currently respond to DNT signals.

8.6 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

  • Right to know what personal information we collect
  • Right to delete your personal information
  • Right to opt-out of the sale of personal information (note: we do not sell personal information)
  • Right to non-discrimination for exercising your rights

8.7 European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:

  • Right of access
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

9. Children’s Privacy

ConvoAI is designed for users aged 13 and older. We do not knowingly collect personal information from children under 13. If you are under 13, please do not use our Service or provide any personal information.

If we learn that we have collected personal information from a child under 13, we will delete that information as quickly as possible. If you believe we have collected information from a child under 13, please contact us at privacy@convoai.app.

Users between 13 and 18 must have permission from a parent or guardian to use ConvoAI.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

We take appropriate measures to ensure that your personal information remains protected in accordance with this Privacy Policy, regardless of where it is processed.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make changes, we will:

  • Update the “Last Updated” date at the top of this policy
  • Notify you via email or through a notice on our Service
  • For material changes, provide prominent notice and, where required by law, obtain your consent

Your continued use of ConvoAI after changes to this Privacy Policy constitutes your acceptance of the updated policy.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

ConvoAI - Privacy Team
Email: privacy@convoai.app
Data Protection Officer: dpo@convoai.app
Website: https://convoai.app
Location: Germany

We will respond to your inquiry within 30 days.

By using ConvoAI, you acknowledge that you have read, understood, and agree to this Privacy Policy and our Terms of Service.

Last updated: January 15, 2025
Privacy Policy | ConvoAI | ConvoAI