Privacy Policy
Effective: April 30, 2026
Short version
- We collect only what we need to run the app: your account (via Clerk), your learning progress, and safety-audit metadata.
- We never store the raw text of your chat messages in our database. Chat audit records use one-way hashes and structured safety metadata.
- Your messages to the AI tutor are transmitted to OpenAI for processing.
- You can delete your cloud progress or your entire account at any time.
1. Who we are
Itzli is a free educational app for learning Eastern Huasteca Nahuatl, operated by Sam Villa-Smith. For privacy questions, contact svillasmith3@gmail.com.
2. What we collect
Account data (via Clerk)
When you sign up, Clerk collects your email address, password (hashed, never visible to us), and any profile information you choose to add. Clerk's Privacy Policy applies to that data.
Learning progress (Neon Postgres)
We store your unit completion, quiz accuracy, and spaced-repetition state in our database, keyed to your Clerk user ID. This data lets you resume your learning across devices. It contains no personally identifying information beyond the pseudonymous Clerk ID.
Chat audit log (Neon Postgres)
For AI tutor requests and safety guardrail events, we record an audit row containing: the Clerk user ID, the event kind, request metadata, safety categories and scores where applicable, model names, timestamps, and sha256 hashes of chat content. We do not store the raw text of user messages or AI responses. Hashes let us verify a user-supplied message or detect repeated attack patterns without retaining readable chat content.
Chat content (transient, via OpenAI)
Your chat messages are sent to OpenAI for completion. OpenAI processes them under its Privacy Policy. Per OpenAI's API policy, API messages are not used to train their models. We do not persist chat messages in our own database.
Local storage
Your browser stores a mirror of your learning progress in localStorageso the app works offline. We also set a localStorage entry recording that you agreed to these policies, so we don't re-prompt you every visit. Clearing your browser data will clear these.
Cookies
Clerk sets essential authentication cookies required for you to stay signed in. We do not use third-party advertising or analytics cookies.
Server logs
Our hosting provider (Vercel) may record standard server logs (IP address, user agent, request path, timestamp) for operational and security purposes. These are retained for a limited period per Vercel's policies.
3. How we use data
- to provide authentication and run the app;
- to sync your learning progress across devices;
- to detect and prevent abuse of the AI tutor (via hashed audit log);
- to moderate content using third-party safety APIs;
- to respond to your support requests.
We do not sell your data. We do not share it with advertisers. We do not use it for behavioral profiling.
4. Third parties
- Clerk — processes authentication data
- Neon (Postgres) — stores progress and hashed audit rows
- OpenAI — processes chat content (completion + moderation)
- Vercel — hosts the app and serves requests
- Amazon S3 — serves static assets (audio, database bundle)
- Pexels — serves vocabulary photographs
5. Your rights
Depending on where you live (including under GDPR in the EU/UK or CCPA in California), you may have the right to:
- access the personal data we hold about you;
- correct inaccurate data;
- delete your data ("right to erasure");
- object to or restrict processing;
- receive a portable copy of your data.
To exercise these rights, contact us at svillasmith3@gmail.com. We will respond within 30 days. You may also have the right to lodge a complaint with your local data-protection authority.
6. How to delete your data
From inside the app:
- Go to Progress and use "Reset progress" to clear local progress and delete the cloud copy.
- Delete your account via Clerk to remove authentication data.
For complete deletion of the safety-audit hash log tied to your user ID, email svillasmith3@gmail.com.
7. Retention
We retain progress data for as long as your account is active. If you delete your account or reset progress, the corresponding rows are removed. Hashed audit rows are retained for up to 24 months for abuse-pattern detection, then purged. Server logs follow our hosting provider's retention policy.
8. Children
Itzli is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact us and we will delete it.
9. International transfers
Our services run on infrastructure in the United States. If you access Itzli from outside the US, your data will be transferred to and processed in the US. By using the app you consent to this transfer.
10. Security
We take reasonable technical measures to protect your data: TLS in transit, authentication via Clerk, password hashing on Clerk's side, and sha256 hashing of audit content. No system is perfectly secure; we cannot guarantee absolute security.
11. Changes to this policy
We may update this Privacy Policy. Material changes will be reflected in the effective date above, and you may be asked to re-accept the updated policy on next use.
12. Contact
Privacy questions or requests: svillasmith3@gmail.com.
See also our Terms of Service and EULA.