Legal

Privacy Policy

How Pinyora collects, uses, and protects your information — written in plain English with no surprises.

Last updated: 10 May 2026

This Privacy Policy explains what information Pinyora ("we", "us", or "our") collects, how we use it, and the choices you have. It applies to https://pinyora.com and related services (the "Service").

1. What we collect

1.1 Information you provide

  • Account information. When you sign in with Google, we receive your email address, display name, profile photo URL, and a unique user ID. We do not see your Google password.
  • Vocabulary and reading data. Words you save while reading, your reading progress, daily activity, custom pasted texts, and tool usage statistics.
  • AI Tutor chat messages. If you use AI Tutor, we process the messages you send, your selected HSK level and correction style, short recent conversation history, and the daily challenge context so the tutor can reply and correct your Chinese.
  • Subscription information. When you subscribe to Pro, Stripe handles your payment. We receive a Stripe customer ID, subscription status, the price you subscribed to, billing period dates, and the last invoice status. We do not see or store your full credit-card number, security code, or bank details.
  • Communications. If you email us at hello@pinyora.com, we keep the message and any reply.

1.2 Information collected automatically

  • Anonymous visitor data. For every browser that visits the Service (including before sign-in), we generate a random visitor ID stored in your browser's localStorage and record: the URL path, referrer, browser language, timezone, approximate country/region (derived from IP via Netlify's geo headers — we do not store the IP itself), browser user-agent, and visit timestamps.
  • Daily aggregate counters. We track per-day counts of new visitors, returning visitors, sign-ups, and Pro upgrades. These are aggregate numbers, not per-user records.
  • Google Analytics. We use Google Analytics 4 to understand aggregate website usage, such as page views, traffic sources, device/browser information, approximate location, and engagement events. Google may set analytics cookies or similar identifiers for this purpose.
  • Local storage. We store certain preferences (theme, voice settings, last route) in your browser's localStorage. These never leave your device unless you sign in, in which case some preferences sync to your account.

1.3 Information from third parties

We may receive limited information from Stripe (subscription status, payment outcomes), Google (your basic profile via OAuth), and DeepSeek (AI tutor responses and usage metadata for AI Tutor) as described above. We do not buy or receive personal data from advertising or marketing brokers.

2. How we use your information

We use the information collected to:

  • Provide the Service — store your vocabulary, sync across devices, render reading content, and generate AI Tutor replies.
  • Manage Pro subscriptions, billing, and access control.
  • Operate the Service safely — prevent fraud, abuse, and security incidents.
  • Improve the Service — understand which features are used, identify bugs, plan new features. We do this primarily through the aggregate analytics described above.
  • Communicate with you — send transactional emails (e.g. payment receipts via Stripe, account-related notices), respond to support queries.

We do not sell your personal information. We do not use your reading data, vocabulary, pasted texts, or AI Tutor messages to train our own AI models. AI Tutor messages are sent to DeepSeek only to generate the tutor response you requested. We do not share your individual reading habits with advertisers or third parties for marketing.

3. Legal bases (for users in the EU and UK)

If you're in the EU or UK, our legal bases under GDPR are:

  • Contract — to provide the Service you signed up for.
  • Legitimate interests — to operate, secure, and improve the Service.
  • Consent — for optional analytics cookies or marketing communications where consent is required.
  • Legal obligation — to comply with tax, accounting, and other laws.

4. Who we share with

Your information is shared only with:

  • Google / Firebase — your account, vocabulary, and progress data are stored in Firebase (Cloud Firestore). Subject to Google's terms and privacy policy.
  • Google Analytics — provides aggregate website analytics. Subject to Google's terms and privacy policy.
  • Stripe — for payment processing. Subject to Stripe's privacy policy.
  • Netlify — our hosting provider, which serves the Service and our serverless functions. Subject to Netlify's privacy policy.
  • DeepSeek — powers AI Tutor responses and corrections. We send only the chat content and settings needed to generate the requested tutor response. Subject to DeepSeek's privacy policy.
  • ImprovMX — forwards email sent to hello@pinyora.com to our support inbox. Subject to ImprovMX's privacy policy.

We share with these providers only what's necessary to operate the Service. We do not share your personal data with anyone else, except where required by law (e.g. valid legal process) or to protect rights, safety, or property.

5. Where your data is stored

Account and vocabulary data is stored in Firebase, which uses Google Cloud servers. Depending on the Firestore region you're configured to, this may be in the EU or US. Functions run on Netlify's global edge network. AI Tutor requests may be processed by DeepSeek in regions where it operates. By using the Service, you consent to your information being processed in these regions, including transfers to countries outside your own.

For users in the EU/UK, transfers outside the European Economic Area rely on the Standard Contractual Clauses or other recognised safeguards offered by the relevant provider.

6. How long we keep it

  • Account and vocabulary data: as long as your account is active. Deleted within 30 days of account deletion request, except where we must retain certain records for legal/accounting purposes (typically 6 years for billing records).
  • AI Tutor history: stored in your browser's localStorage so you can continue the conversation on that device. We do not intentionally store full AI Tutor transcripts in our database, though our providers may keep operational logs according to their policies.
  • Anonymous visitor records: retained for analytics; we may delete or anonymise records older than 24 months.
  • Stripe billing data: retained according to Stripe's policies and our legal obligations (typically 6 years).
  • Email correspondence: retained for as long as needed to handle the issue, then deleted within 12 months unless required for legal/accounting reasons.

7. Your rights

Depending on where you live, you may have rights to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your data ("right to be forgotten").
  • Object to or restrict certain processing.
  • Portability — receive your data in a machine-readable format.
  • Withdraw consent where we rely on consent.
  • Lodge a complaint with your local data protection authority. In the UK that's the ICO. In the EU, your country's supervisory authority.

To exercise these rights, email hello@pinyora.com. We'll respond within 30 days. You can also export and delete most of your data directly from within the Service.

8. Cookies and similar technologies

We use localStorage in your browser for essential functionality (theme preference, signed-in session, anonymous visitor ID, vocabulary cache). These are not strictly cookies and are not used for tracking across other sites.

We use Google Analytics cookies or similar identifiers to understand how visitors find and use Pinyora. We do not use Google Analytics for third-party advertising or to share your individual reading data with advertisers. Where required, we will ask for consent before setting optional analytics cookies. You can also limit or block analytics cookies in your browser settings.

9. Security

We protect your data using industry-standard measures:

  • All traffic to the Service uses HTTPS.
  • Authentication via Google OAuth — we never see your password.
  • Sensitive credentials (Firebase service account, Stripe keys) are stored as environment variables, not in code.
  • Firestore security rules restrict who can read what data.

No system is completely secure. If we discover a breach affecting your data, we'll notify you and the relevant authorities as required by law.

10. Children

Pinyora is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have done so inadvertently, contact us at hello@pinyora.com and we'll delete it.

In the UK and EU, the relevant age may be 16 (or as set by your member state). Our minimum age applies accordingly.

11. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we'll notify you by email or by posting a notice in the Service at least 7 days before changes take effect. The "Last updated" date at the top reflects the most recent revision.

12. Contact

Questions, concerns, or requests about this policy? Email hello@pinyora.com.

If you are in the UK or EU and unhappy with our response, you have the right to complain to your local data protection authority.