Privacy Policy

Last updated: [effective date]

This Privacy Policy explains how [Operator legal name] (“DueNote”, “we”, “us”, or “our”) collects, uses, shares, and protects personal data when you use the DueNote website and application (the “Service”). It also describes the rights you have over your personal data.

DueNote is offered to users in the European Union/European Economic Area and the United States. This Policy is designed to meet the requirements of the EU General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”), and other applicable US state privacy laws.

If anything here is unclear, or you want to exercise a privacy right, contact us at [privacy contact email].

1. Who we are (data controller)

The controller responsible for your personal data is:

[Operator legal name] ([legal form])
[postal address]
Privacy contact: [privacy contact email]

We are established in the European Union ([governing jurisdiction]). Because we have an establishment in the EU, we are not required to appoint an Article 27 EU representative. We have not appointed a Data Protection Officer; for any data protection matter, use the privacy contact above.

2. Scope and our role

This Policy applies to personal data we process as a controller through the Service. For most data we determine the purposes and means of processing and therefore act as the controller; the third-party providers listed in Section 7 act as our processors or, where they determine their own purposes, as independent controllers.

It does not cover third-party websites or services that you may reach through links from the Service, which have their own privacy practices.

3. Personal data we collect

We collect only the data needed to run the Service. The categories are:

a) Account and profile data

Email address (required to create an account and sign in).
Display name (optional).
Profile picture / avatar (optional; either uploaded by you or obtained from Google if you sign in with Google).
If you sign in with Google: your Google account identifier, email address, name, and profile photo URL (we do not receive or store your Google password or OAuth tokens beyond what is needed to complete sign-in).
Account status flags and timestamps (e.g., email-verified time, account created/updated times).

b) Authentication data

One-time sign-in codes (we store only a cryptographic hash of each code, never the code itself), with a short expiry.
A session identifier stored in a strictly necessary cookie (see Section 12).

c) Content you create or upload

Courses, workbooks, notes, and vocabulary you create.
Files you upload as study materials — PDFs, audio, video, and images.
Content automatically derived from your materials so the features work: extracted text from documents (OCR), transcripts generated from audio, and the vocabulary entries you save.
Feedback and support requests you send us — the message you write and any image or video files you attach.

Your materials and content may contain personal data if you choose to include it. Please do not upload other people’s personal data unless you have a lawful basis to do so.

d) Technical and usage data

IP address, browser/user-agent string, and request identifiers.
Security and audit records of important actions (for example sign-in, sign-out, and creating, changing, sharing, or deleting your content), including the action, outcome, time, IP address, and user-agent.
Operational metering of feature usage (for example the number of characters translated or pages processed, the provider used, language codes, and an indicative cost). These records hold counts and metadata only — they never store the text, audio, images, or document content itself.
Error diagnostics when something goes wrong (for example the URL path, error type, and a technical stack trace). Our request logs deliberately redact credentials, cookies, and request bodies.

If you choose a paid plan, we process subscription and billing data: a Stripe customer identifier, your subscription tier and status (for example active, trialing, canceled), the billing interval, and related payment metadata. Our payment processor, Stripe, collects and handles the actual payment details (such as your card number) directly (see Section 7) — we do not receive or store full card numbers on our servers.

We do not knowingly collect special categories of data, and we do not use the Service to build advertising profiles.

4. Where the data comes from

Directly from you — when you register, sign in, edit your profile, upload materials, or use features.
From Google — if you choose Google sign-in, we receive your basic Google profile (identifier, email, name, photo) under the “profile” and “email” scopes.
Automatically — technical, security, and usage data generated as you interact with the Service.

5. How and why we use your data (legal bases)

Under the GDPR we rely on the following legal bases:

Purpose	Legal basis (GDPR Art. 6)
Create and maintain your account; authenticate you; provide the notebook and the features you invoke (translation, text-to-speech, transcription, text recognition); store your courses, materials, and derived content.	Performance of a contract (Art. 6(1)(b)).
Keep the Service secure, prevent and investigate abuse and fraud, maintain audit and error records, and meter feature usage so we can run the Service reliably.	Our legitimate interests in operating a secure, reliable service (Art. 6(1)(f)), balanced against your rights.
Take payment, issue invoices, keep accounting and tax records (paid plans).	Performance of a contract (Art. 6(1)(b)) and compliance with a legal obligation (Art. 6(1)(c)).
Anything we ask your separate permission for (for example optional communications, if introduced).	Consent (Art. 6(1)(a)), which you may withdraw at any time.

Where we rely on legitimate interests, we have considered the impact on you and limited the data to what is necessary; you may object as described in Section 9.

6. Automated decision-making

We do not carry out automated decision-making that produces legal or similarly significant effects about you. Translation, text-to-speech, transcription, and text recognition are content-processing tools that help you study; they do not make decisions about you.

7. Service providers and third parties

To provide certain features we share the minimum necessary content with specialist providers acting on our behalf. The providers actually used depend on how this instance of DueNote is configured by the operator; the table lists every provider that may be used:

Provider	Data shared	Purpose	Location
DeepL SE	The text you select to translate	Translation	European Union (Germany)
Google LLC (Google Cloud)	Selected text; audio you transcribe; images/pages for text recognition	Translation, text-to-speech, speech-to-text, text recognition (OCR)	United States
Microsoft Corporation (Azure)	Documents/pages for text recognition; text for speech	Text recognition (OCR), text-to-speech	United States or the configured region
Amazon Web Services, Inc. (S3)	Files you upload (materials, avatars)	File storage	The configured storage region
[email/SMTP provider]	Your email address and the sign-in code	Delivering sign-in codes	[provider region]
Stripe, Inc.	Your email and name, a customer/subscription identifier, and the card/payment details you enter directly with Stripe	Processing subscription payments and managing billing (paid plans)	United States

Some text recognition can also be performed locally on our own servers (using an on-server engine) without sending your files to a third party; which path is used depends on configuration.

We may also disclose personal data to professional advisers, or to authorities, where required by law, to comply with legal process, or to protect our rights, users, or the public. If our business is involved in a merger, acquisition, or asset sale, personal data may be transferred subject to this Policy.

We do not sell your personal data, and we do not share it for cross-context behavioral advertising.

8. International data transfers

Some providers in Section 7 are located in the United States or other countries outside the EU/EEA. When we transfer personal data outside the EU/EEA, we rely on an appropriate safeguard, such as the European Commission’s Standard Contractual Clauses and/or, where the provider is certified, the EU–US Data Privacy Framework. You can request a copy of the relevant safeguard by contacting us at [privacy contact email].

9. How long we keep your data

We keep personal data only as long as needed for the purposes above:

Data	Retention
Account, profile, courses, materials, and derived content	Until you delete the item or your account (see Section 11).
Feedback and support requests (message and attachments)	Kept while we handle and triage your request, then until resolved or closed; your account reference is removed if you delete your account (see Section 11).
Session cookie	Up to 7 days, refreshed while you stay active.
Sign-in codes	A few minutes, then deleted or expired.
Security, audit, usage, and error records	A limited retention window (by default 90 days), after which they are deleted; configurable by the operator via LOG_RETENTION_DAYS.
Billing and accounting records (paid plans)	As required by applicable tax and accounting law.

Backups are kept for a limited period and then overwritten in the ordinary course of operations.

10. Your rights (EU/EEA/UK)

If you are in the EU/EEA or the UK, you have the right to:

Access — obtain a copy of the personal data we hold about you.
Rectification — correct inaccurate or incomplete data.
Erasure — ask us to delete your data (“right to be forgotten”).
Restriction — ask us to limit processing in certain cases.
Portability — receive certain data in a structured, commonly used, machine-readable format.
Objection — object to processing based on our legitimate interests.
Withdraw consent — where we rely on consent, withdraw it at any time (without affecting prior processing).

You can edit your profile, download a copy of all your data (as a ZIP archive containing a machine-readable data.json plus your uploaded files), and permanently delete your account at any time from within the Service’s profile settings. To exercise any other right, email [privacy contact email]; we respond within the time limits set by law (generally one month under the GDPR). You also have the right to lodge a complaint with your local supervisory authority. In [governing jurisdiction] this is [supervisory authority] ([supervisory authority contact]).

11. Deleting your account

When you delete your account, we delete your courses, workbooks, vocabulary, materials, and the files you uploaded (on a best-effort basis from file storage), and we remove your profile. Security, audit, usage, and error records, and any feedback or support requests you sent, are retained for the limited window described in Section 9, but they are de-identified — your account reference is removed so the records can no longer be linked to you — and then deleted on the normal schedule.

12. Cookies and similar technologies

We use a single strictly necessary cookie to keep you signed in (named “duenote.sid”). It is essential to provide the Service, so it does not require consent and there is no cookie banner. We do not use analytics, advertising, or tracking cookies.

You can delete cookies in your browser settings, but if you remove the session cookie you will be signed out and unable to use the signed-in parts of the Service.

13. Your California privacy rights (CCPA/CPRA)

This section provides additional disclosures for California residents under the CCPA/CPRA, and serves as our notice at collection.

Categories of personal information we collect

Identifiers (e.g., name, email, account/Google identifier, IP address).
Customer records (e.g., billing details for paid plans).
Internet or network activity (e.g., usage, audit, and error records).
Audio, electronic, visual, or similar information (the materials you upload and content derived from them).
Commercial information (e.g., the plan or features you use).

We collect this information from the sources in Section 4, for the business purposes in Section 5, and we disclose it to the categories of recipients in Section 7. We retain it as described in Section 9.

Sale and sharing

We do not sell personal information and we do not share it for cross-context behavioral advertising, as those terms are defined under the CCPA/CPRA. We have not done so in the preceding 12 months. We do not use or disclose sensitive personal information for purposes that would give you a right to limit such use.

Your California rights

Right to know/access the personal information we collect, use, and disclose.
Right to delete personal information we have collected.
Right to correct inaccurate personal information.
Right to opt out of “sale” or “sharing” (not applicable, as we do not do either).
Right to limit the use of sensitive personal information (not applicable, as described above).
Right not to receive discriminatory treatment for exercising your rights.

To exercise these rights, use the in-app account controls or email [privacy contact email]. We will verify your request using the account information we hold (for example, control of your registered email). You may use an authorized agent, who must provide proof of authorization. We do not offer financial incentives for personal information.

“Shine the Light”

California Civil Code § 1798.83 lets California residents request information about disclosures to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their own direct marketing.

14. Other US state privacy rights

Residents of other US states with comprehensive privacy laws (for example Virginia, Colorado, Connecticut, Utah, and others as they take effect) have rights similar to those above — to access, correct, delete, and obtain a copy of their personal data, and to opt out of targeted advertising, sale, and certain profiling. We do not sell personal data, conduct targeted advertising, or carry out profiling with legal or similarly significant effects. To exercise your rights, or to appeal a decision on a request, email [privacy contact email].

15. How we protect your data

We use technical and organizational measures appropriate to the risk, including encryption in transit (HTTPS), hashing of sign-in codes, access controls that scope your data to your account, and logging that redacts credentials and request contents. No method of transmission or storage is completely secure, but we work to protect your data and to address incidents promptly.

Our authorized administrators may access your account to provide support, to investigate abuse, fraud, or non-payment, and to operate the Service — including the ability to view the Service as your account (impersonation) and to suspend an account. Such access is limited to these purposes and is recorded in our audit logs.

16. Children

The Service is not directed to children. You must be at least 16 years old (or at least 13 where permitted by local law, such as in the United States) to use it. We do not knowingly collect personal data from children below the applicable age. If you believe a child has provided us personal data, contact [privacy contact email] and we will delete it.

17. Changes to this Policy

We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date and, where appropriate, notify you within the Service. Your continued use after an update means you accept the revised Policy.

18. Contact us

For any question about this Policy or your personal data, contact [Operator legal name] at [privacy contact email] or [postal address].