Lingueez · Legal
Privacy Policy — Lingueez
Last updated: 2026-06-25 · Version: 1.0
This Privacy Policy explains what personal data the Lingueez desktop application (“Lingueez”, “the app”, “we”) collects, why, and what rights you have. It is written to satisfy Articles 12–14 of the EU General Data Protection Regulation (GDPR).
ℹ️ A Ukrainian version is available here.
1. Who is responsible (Controller)
The data controller for the default hosted sync service is:
Lingueez Email: privacy@lingueez.app
Self-hosting note. Lingueez can be pointed at your own Supabase project (via the
SUPABASE_URL / SUPABASE_KEY environment variables). If you do this, you become the
controller for the data stored in your own project, and this policy’s “hosted service”
sections do not apply to that data.
2. The short version
- Lingueez is local-first. You can use it fully without an account; in that mode no personal data leaves your device except for the optional online features you explicitly trigger (translation, read-aloud, AI, dictionary/web lookups).
- If you create an account and enable sync, your vocabulary content is stored in the cloud so you can use it on multiple devices.
- We use no analytics, no advertising, and no tracking.
- You can export all your data and delete your account at any time from within the app.
3. What data we process, and why
3.1 Account data (only if you sign in)
| Data | Source | Purpose | Legal basis |
|---|---|---|---|
| Email address | You (sign-up) or Google (if you use Google sign-in) | Create/identify your account, sign-in, account-related email (verification, password reset) | Contract — Art. 6(1)(b) |
| Account ID (UUID) | Generated by our auth provider | Identify your account and isolate your data | Contract — Art. 6(1)(b) |
| Display name | You, or your Google profile | Show who is signed in | Contract — Art. 6(1)(b) |
| Password | You | Authenticate you (stored only as a salted hash by our auth provider; we never see it) | Contract — Art. 6(1)(b) |
3.2 Synced content (only if you enable sync)
When sync is on, the following content is stored in the cloud and associated with your account ID: your words and their definitions, saved texts/reading passages, tags, and the relationships between them, plus timestamps and status/favourite flags.
- Purpose: keep your library backed up and available across your devices.
- Legal basis: Contract — Art. 6(1)(b).
- Each user’s rows are isolated by Row-Level Security, so one account cannot read another’s data.
3.3 Data that stays on your device (never uploaded by us)
- Your listening/review history (used for learning-progress stats) — local only.
- Authentication tokens — stored in your operating system’s secure keychain when available, otherwise in an encrypted local file. Used to keep you signed in.
- Application logs (
app.log) and crash logs — local only, kept small and rotated. Logs are automatically redacted: email addresses, access tokens and API keys are masked before being written. They are only ever shared if you choose to export a diagnostics bundle (e.g. to report a bug) and send it to us. - Your settings and local backups of your database.
3.4 Optional online features (you control these)
These features only run when you use them, and most require you to provide your own API key. When used, the relevant text is sent to the third party named below:
| Feature | What is sent | To whom | Notes |
|---|---|---|---|
| Translation (default, free) | The word/phrase/text being translated | Google (unofficial, free endpoint) | The default. Runs when you translate. No data-processing agreement covers this; see §5. You can switch to DeepL in Settings. |
| Read-aloud (default, gTTS) | The text to be spoken | Google (unofficial, free endpoint) | The default. Runs when you use read-aloud. See §5. You can switch to Google Cloud TTS in Settings. |
| Translation (DeepL) | The text being translated | DeepL SE (Germany) | Only if you configure a DeepL API key. |
| AI definitions / text generation | Your prompt (e.g. the word, your texts) | OpenAI or Google (Gemini) | Only if you enable AI and provide an API key. |
| Read-aloud (Google Cloud TTS) | The text to be spoken | Google Cloud | Only if you configure Google Cloud credentials. |
| Dictionary / Wikipedia / web & RSS lookups | Your search query or the URL you open | Wikipedia and the sites you choose | Only when you search or open a source. |
- Legal basis: these features run only when you actively use them (you choose to translate, play audio, search, or generate). We rely on Art. 6(1)(b) (taking steps at your request) and, for the optional add-ons you enable, Art. 6(1)(a) (consent). You can avoid any of them by not using the feature, or by switching the default translation/read-aloud to the agreement-backed providers (DeepL / Google Cloud TTS) in Settings.
3.5 Software updates
On startup (if enabled) the app asks GitHub whether a newer release exists. This is a plain version check; no account data or device identifier is sent. Legal basis: legitimate interest in providing security/feature updates — Art. 6(1)(f).
3.6 What we do not do
No analytics, no advertising, no behavioural tracking, no profiling, no automated decision-making with legal effect, and no sale of personal data.
4. How long we keep data (retention)
- Account & synced content: kept while your account exists. When you delete content (or your account), it is soft-deleted and retained for a short grace period (default 30 days) so the deletion can propagate to your other devices, after which it is permanently removed.
- Local backups on your device follow a rolling schedule (recent daily snapshots plus monthly snapshots) and stay until your storage rules prune them or you delete them.
- Logs rotate automatically and are capped at a few megabytes.
5. Sub-processors and international transfers
We use the following processors/sub-processors for the hosted service:
| Processor | Role | Location / transfer safeguard |
|---|---|---|
| Supabase | Database, authentication, account emails | EU region; DPA in place |
| Google (OAuth, Cloud TTS, Gemini) | Optional, user-enabled | DPA / EU Standard Contractual Clauses / EU-US Data Privacy Framework |
| OpenAI | Optional, user-enabled AI | DPA / SCCs |
| DeepL SE | Optional, user-enabled translation | Germany / EU |
⚠️ Unofficial Google endpoints. The default free translation and read-aloud use Google endpoints that are not covered by a data-processing agreement and may transfer data outside the EU without standard safeguards. They run only when you use those features, and you can switch to the official, agreement-backed alternatives (DeepL, Google Cloud TTS) in Settings.
6. Your rights
Depending on where you live (for example the United States — including California — or Ukraine), you have rights over your personal data: to access, correct, delete and export it, to object to or restrict certain processing, and to withdraw consent. We honor these for all users. Many are built into the app:
- Access & portability: use Export to download all your data in an open format.
- Erasure: use Delete account to permanently remove your account and all synced content from the cloud. Remove account signs you out on a device without deleting cloud data.
- Rectification: edit your content and profile directly in the app.
- Withdraw consent: disable optional online features in Settings.
We do not sell or share your personal information for advertising. For any request, contact us at privacy@lingueez.app; we respond within 30 days. If your region has a data-protection authority, you also have the right to lodge a complaint with it.
7. Security
Data in transit is encrypted (HTTPS/TLS). Cloud data is isolated per user by Row-Level Security. Auth tokens are stored in your OS keychain where available, otherwise in an encrypted file. Logs are redacted of secrets. No security measure is perfect, but we apply appropriate technical and organisational measures and will notify you and the supervisory authority of a personal-data breach where the law requires.
8. Children
Lingueez is not directed at children. You must be at least 13 years old to create an account (and old enough to consent to this policy under the law of your country/state). We do not knowingly collect personal data from children under 13; if you believe a child has provided us data, contact us and we will delete it.
9. Changes
We may update this policy. Material changes will be indicated by the Version and Last updated date above, and — where the change affects your account — you may be asked to re-accept the policy in the app.
10. Contact
Lingueez · privacy@lingueez.app