logo
Privacy Policy

Privacy Policy for Vocabia

Last updated: February 8, 2026

This Privacy Policy describes how Vocabia ("we," "us," or "our") collects, uses, shares, and protects information when you interface with the Vocabia mobile application (Flutter-based iOS and Android), our website (https://www.vocabia.com), and our backend microservices (collectively, the "Service").

By creating an account, downloading, or using Vocabia, you agree to the collection and use of information in accordance with this Privacy Policy.

Information Collection and Technical Nature

We collect information to power our Smart Memory Algorithm, AI Feedback, and Spaced Repetition System (SRS).

Personal Data

  • Identity & Contact: Name, email address, and authentication credentials.
  • Learning Profile: Native language, target language, proficiency level, and specific goals (e.g., IELTS, Business English).
  • Sync Data: Progress is synchronized across devices via our secure API using unique User Identifiers (UUIDs).

Sensitive Data (Audio & Microphone)

To facilitate "Speak & Improve" and AI-driven pronunciation feedback:

  • Access: We request microphone access only during active speaking exercises.
  • Processing: Audio is streamed via encrypted channels (TLS 1.3) to our analysis microservices.
  • Retention: We utilize an "Immediate Purge" policy. Raw audio files are processed in volatile memory and deleted immediately after the AI feedback score is generated. We do not store raw voice recordings permanently.

Usage and Metadata

  • Performance Metrics: Flashcard retention rates, error frequency, and SRS intervals.
  • Gamification: XP, streaks, and achievement timestamps.
  • Technical Logs: IP address, device model, OS version, and crash reports (via Sentry/Firebase).

How We Use Your Data

  • Personalized Learning: To calculate optimal review times for vocabulary.
  • System Optimization: We analyze de-identified, aggregated data to improve our AI feedback accuracy.
  • Communication: Sending critical account updates and optional learning reminders (Push Notifications).

Data Storage, Security, and Retention

Infrastructure & Security

  • Location: Data is hosted on secure, encrypted servers within the European Union (Germany).
  • Encryption: We enforce AES-256 encryption at rest and TLS 1.3 for data in transit.
  • Architecture: Our microservices architecture ensures data compartmentalization, minimizing the impact of any single-point vulnerability.

Retention & Deletion

  • Active Data: Retained as long as your account is active.
  • Account Deletion: Upon a deletion request, we trigger a system-wide purge across all microservices (User, Progress, and Gamification services). All PII (Personally Identifiable Information) is erased within 30 days.

Third-Party Disclosure & Sub-processors

We do not sell your data. We share limited data only with:

  • Cloud Providers: Infrastructure services (e.g., AWS/Hetzner) for hosting.
  • AI Sub-processors: Industry-standard APIs for specialized linguistic analysis. Data sent is anonymized where possible and never used for third-party model training.
  • Analytics: Google Firebase/Sentry for crash reporting and app stability monitoring.

Your Rights (GDPR, CCPA, & PIPEDA)

You have the following rights regarding your data:

  • Access & Portability: Request a JSON export of your learning data.
  • Rectification: Correct any profile inaccuracies.
  • Erasure (Right to be Forgotten):
  • Consent Withdrawal: Revoke microphone or notification permissions at any time via OS settings.

Children's Privacy

Vocabia is not intended for children under 13 (or the relevant age of consent). If we detect data collection from a child without parental consent, we will purge the data from our clusters immediately.

Changes to This Policy

We reserve the right to update this policy to reflect changes in our architecture or legal requirements. Users will be notified of significant changes via in-app alerts.

Contact Us

If you have any questions or suggestions about our Privacy Policy, please contact us: