Privacy Policy

When you create an account through our authentication system (Supabase), we collect:

• Email address (required for account creation and authentication)
• Account credentials (passwords are encrypted and never stored in plain text)
• Account preferences and settings
• Authentication tokens (with expiration, encrypted in transit)

To provide our language learning services, we collect and store:

• Vocabulary words you save and their translations
• Your flashcard review history and spaced repetition progress
• Learning statistics (words learned, study streaks, session duration)
• Study preferences and learning goals
• Progress tracking data (mastery levels, review schedules)

When you use Violingo with video platforms:

• Subtitle text extracted from videos you watch (for translation and word breakdown)
• Video metadata (title, episode information, timestamp) associated with saved words
• Playback interactions (when you pause to save a word, timestamp of learning)
• Language preferences for subtitles

Important: We only access subtitle text and metadata you actively engage with for learning. We do NOT collect your full viewing history, video streams, audio, or content you haven't interacted with for learning purposes.

We automatically collect information about how you use our extension:

• Feature usage patterns (which tabs you visit, features you use)
• Click events and user interface interactions
• Session duration and frequency of use
• Error logs and crash reports (automatically anonymized)
• Browser type, operating system, and extension version
• Device identifiers (for multi-device sync)
• IP address (for security and fraud prevention, not for tracking)

If you purchase a paid subscription:

• Subscription tier and billing cycle
• Credit balance and transaction history
• Billing email address
• Country/region (for tax purposes)
• Last 4 digits of payment card (provided by Stripe for reference)

Note: Full payment card details are processed and stored exclusively by Stripe. We never have access to your complete credit card number.

• Authenticate users and maintain secure accounts
• Process and display subtitle translations
• Save and sync your vocabulary across devices
• Implement spaced repetition and review algorithms
• Track your learning progress and statistics
• Improve our AI-powered features and translation accuracy
• Optimize extension performance and fix bugs

• Process payments and manage subscriptions
• Track credit usage and balances
• Send billing receipts and renewal reminders
• Handle refund requests and payment disputes
• Comply with tax regulations

• Send important service updates and security notices
• Respond to your support requests
• Notify you of significant feature updates (you can opt out)

We do NOT send marketing emails without your explicit opt-in consent.

• Detect and prevent fraudulent activity
• Protect against security threats and unauthorized access
• Enforce our Terms of Service
• Comply with legal obligations

• Purpose: User authentication, account management, and data storage
• Data shared: Email, encrypted passwords, learning data, vocabulary, progress
• Privacy: SOC 2 Type II and GDPR compliant
• Location: Data stored in secure cloud infrastructure
• Policy: supabase.com/privacy

• Purpose: Secure payment processing and subscription management
• Data shared: Billing email, subscription details, payment amount
• Privacy: PCI DSS Level 1 certified, highest security standard
• Card storage: Stripe stores payment card details, not us
• Policy: stripe.com/privacy

• Purpose: Enhanced word definitions and explanations (only if you enable this feature)
• Data shared: Subtitle text and vocabulary words for processing
• Control: You can disable AI features anytime in settings
• Retention: OpenAI may retain data according to their policy
• Policy: openai.com/privacy

Important Disclaimer: Violingo is an independent extension and is not created, endorsed, or maintained by Netflix, Google, or YouTube.

• By using Violingo, you agree to comply with Netflix and YouTube's Terms of Service
• We respect content provider restrictions and DRM protections
• Extracted subtitle content is for personal educational use only
• You may not redistribute or use subtitles for commercial purposes

• HTTPS/TLS encryption for all data in transit
• Encryption at rest for sensitive data in our database
• Secure authentication tokens with expiration
• Password hashing using industry-standard algorithms

• Limited employee access to personal data (need-to-know basis)
• Multi-factor authentication for administrative access
• Regular security audits and penetration testing
• Automated monitoring for suspicious activity

• We collect only data necessary to provide our services
• Error logs are anonymized before storage
• IP addresses are not used for tracking or profiling
• Session data is aggregated and cannot identify individual users

• Account information: Retained while your account is active
• Learning data: Retained for the duration of your account unless you request deletion
• Usage analytics: Aggregated data retained for up to 12 months
• Billing records: Retained for 7 years (required by law for tax purposes)
• Support communications: Retained for 3 years for quality assurance

When you delete your account:

• Personal data is deleted within 30 days
• Anonymized analytics may be retained for service improvement
• Billing records are retained as required by law
• Backups are purged within 90 days

To delete your account, contact us at support@violingo.ai with "Account Deletion Request" in the subject line.

• Access: You can view your personal data through your account settings
• Export: Request a copy of your data in machine-readable format
• Correction: Update incorrect information through account settings
• Deletion: Request deletion of your account and associated data
• Opt-out: Disable analytics and optional data collection in settings

If you are a California resident, you have additional rights:

• Right to know: What personal information we collect and how it's used
• Right to delete: Request deletion of personal information (with exceptions)
• Right to opt-out: We do NOT sell personal information
• Right to non-discrimination: Equal service regardless of exercising rights

If you are in the European Union, you have these rights:

• Right of access: Obtain confirmation and access to your personal data
• Right to rectification: Correct inaccurate personal data
• Right to erasure: Request deletion ("right to be forgotten")
• Right to restrict processing: Limit how we use your data
• Right to data portability: Receive data in structured format
• Right to object: Object to processing based on legitimate interests
• Right to lodge a complaint: File complaints with supervisory authorities

Legal basis for processing: (1) Performance of contract (providing service), (2) Legitimate interests (improving service), (3) User consent (optional analytics).

Cache your vocabulary, preferences, and session state locally so the extension works offline and syncs when you're online.

Inject translation features into Netflix and YouTube video players. This allows you to click words in subtitles for definitions. We only access subtitle text—never video/audio streams.

Open the learning dashboard in Chrome's side panel and keep your progress synced across tabs.

Required to interact with subtitle elements on these platforms. We only access pages you actively navigate to while using the extension.

Process subtitles and sync data in the background without interrupting your browsing.