Privacy Policy

1. Data Controller

Leandro Acevedo, Bessemerstraße 51/1.OG, 13055 Berlin, Germany. Email: leandro@lingolean.com.

2. Data We Collect

3. Legal Basis for Processing

We process your personal data on the following legal bases under GDPR Art. 6(1): (a) Consent — for analytics cookies and optional data processing (you can withdraw consent at any time); (b) Contract performance — to provide and maintain the Service, process payments, and manage your account (Art. 6(1)(b)); (c) Legitimate interest — to improve our Service, ensure security, and prevent fraud (Art. 6(1)(f)).

4. How We Use Your Data

We use your data to: provide and improve the Service, process payments, send essential account notifications, and analyze usage patterns to improve our tools. We do not sell your data to third parties.

5. Third-Party Services

We use the following third-party services: Firebase (authentication and data storage, Google LLC), Stripe (payment processing), PostHog (analytics, EU-hosted). Each service processes data according to their respective privacy policies.

6. International Data Transfers

Some of our third-party service providers (Firebase/Google, Stripe) are based in the United States. Data transfers to the US are protected by the EU-US Data Privacy Framework adequacy decision, and where applicable, Standard Contractual Clauses (SCCs) approved by the European Commission. PostHog is hosted in the EU and does not transfer personal data outside the EEA.

7. Cookies

We use essential cookies for authentication and session management, which are necessary for the Service to function. Analytics cookies (PostHog) are only set after you grant consent via our cookie consent banner. You can change your cookie preferences at any time by clearing your browser's local storage and reloading the page.

8. Your Rights (GDPR)

Under the GDPR, you have the right to: access your personal data (Art. 15), rectify inaccurate data (Art. 16), request deletion of your data (Art. 17), restrict processing (Art. 18), data portability (Art. 20), and object to processing (Art. 21). To exercise these rights, contact us at leandro@lingolean.com. You also have the right to lodge a complaint with your local data protection supervisory authority. For users in Berlin, this is the Berliner Beauftragte für Datenschutz und Informationsfreiheit (https://www.datenschutz-berlin.de).

9. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on you.

10. Data Retention

Account data is retained while your account is active. You may request deletion of your account and associated data at any time. Analytics data is anonymized and retained for up to 12 months.

11. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (HTTPS) and at rest, secure authentication via Firebase, and access controls.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The latest version is always available on our website.

13. Contact

For privacy-related inquiries, contact: Leandro Acevedo, Bessemerstraße 51/1.OG, 13055 Berlin, Germany. Email: leandro@lingolean.com.