Privacy Policy

Last updated: January 10, 2026

Introduction

Welcome to spreken.ai ("we," "our," or "us"). We are committed to protecting your privacy and being transparent about how we collect, use, and share your personal information. This Privacy Policy explains our data practices for the spreken.ai platform, which provides AI-powered language learning services through voice interaction.

By using spreken.ai, you agree to the collection and use of information in accordance with this policy.

Information We Collect

1. Authentication Information

We use Google Authentication for user login. When you sign in with Google, we collect:

  • Your Google account email address
  • Your name associated with your Google account
  • Your Google profile picture (if available)
  • A unique Google user identifier

2. Usage and Interaction Data

To provide our language learning services, we collect and process:

  • Voice recordings and audio input from your conversations with our AI
  • Transcriptions of your speech
  • Chat messages and conversation history
  • Your learning progress and preferences
  • Device information and browser type
  • IP address and general location data

3. Account and Profile Information

Any additional information you provide when using our services, such as:

  • Learning preferences and goals
  • Subscription and payment information
  • Support inquiries and feedback

How We Use Your Information

We use the collected information for the following purposes:

  • To authenticate and manage your account
  • To provide personalized language learning experiences
  • To process your voice input through speech-to-text services
  • To generate AI responses for conversation practice
  • To convert text responses to speech for audio playback
  • To track your learning progress and improve our services
  • To communicate with you about service updates and features
  • To analyze usage patterns and improve our platform
  • To comply with legal obligations and prevent fraud

Third-Party Services and Data Sharing

We share your data with the following third-party service providers to operate our platform:

1. Google Authentication

We use Google OAuth 2.0 for authentication. When you sign in with Google, you are subject to Google's Privacy Policy and Terms of Service. We receive limited profile information from Google as described above.

2. Supabase

We use Supabase as our database and backend infrastructure provider to store:

  • Your account information and authentication data
  • Conversation history and learning progress
  • User preferences and settings

Supabase is a secure, SOC 2 Type 2 compliant platform. Your data is encrypted in transit and at rest. For more information, see Supabase's Privacy Policy.

3. OpenAI and AI Language Models

We use AI services, including OpenAI's models, to provide core functionality:

  • Speech-to-Text: Your voice recordings are sent to AI speech recognition services to transcribe your speech
  • Text-to-Speech: Generated AI responses are converted to speech using text-to-speech services
  • Conversation AI: Your messages and conversation history are processed by AI language models to generate contextual responses for language learning

Important: OpenAI and other AI providers process your data to provide these services. According to OpenAI's API data usage policies, data sent via their API is not used to train their models unless you explicitly opt in. For more information, see OpenAI's Privacy Policy.

Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this policy. Specifically:

  • Account information is retained while your account is active
  • Conversation history is retained to track learning progress and improve personalization
  • Voice recordings may be temporarily processed and are not permanently stored unless required for service improvement with your consent
  • After account deletion, we will delete or anonymize your personal data within 30 days, except where required by law

Data Security

We implement industry-standard security measures to protect your personal information:

  • Encryption of data in transit using HTTPS/TLS
  • Encryption of data at rest in our databases
  • Secure authentication using OAuth 2.0
  • Regular security audits and updates
  • Access controls limiting who can access your data

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Data Portability: Request a copy of your data in a machine-readable format
  • Withdraw Consent: Withdraw consent for data processing where consent is the legal basis
  • Object: Object to certain types of processing

To exercise these rights, please contact us at the email address provided below.

Children's Privacy

Our services are not intended for children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately so we can delete it.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from your jurisdiction. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Maintain your session and keep you logged in
  • Remember your preferences
  • Analyze usage patterns and improve our services

You can control cookie preferences through your browser settings, but disabling cookies may affect the functionality of our services.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@spreken.ai

Additional Notice for EU and California Residents

For EU Residents (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with a supervisory authority.

The legal bases for processing your data include:

  • Consent: When you agree to use our services
  • Contract: To fulfill our service obligations
  • Legitimate interests: To improve our services and prevent fraud

For California Residents (CCPA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to deletion
  • Right to non-discrimination for exercising your rights