Privacy Policy
Effective Date: December 2024
At Bennie, your privacy is fundamental to our mission. We're committed to protecting your personal information while helping you achieve your language learning goals through personalized AI-powered conversations.
1. Information We Collect
Account Information
- Basic Profile Data: Name, email address, and profile picture
- Authentication Data: Login credentials and session information
- Google Sign-In Data: When you choose Google authentication, we receive your Google name, email, and profile picture only
Language Learning Preferences
- Target Language: The language you want to learn
- Proficiency Level: Your current skill level (beginner to advanced)
- Learning Goals: What you hope to achieve (travel, business, personal growth, etc.)
- Topics of Interest: Subjects you enjoy discussing
- Motivation: Why you're learning the language
- Email Preferences: Communication frequency and timing preferences
Learning Activity Data
- Email Conversations: All exchanges between you and Bennie AI
- Progress Metrics: Response length, vocabulary usage, and improvement tracking
- Learning History: Topics covered, difficulty levels, and engagement patterns
- Usage Analytics: Login frequency, email open rates, and feature usage
2. How We Use Your Information
Core Learning Services
- Personalized Content: Generate custom language learning emails tailored to your level, interests, and goals
- Progress Tracking: Monitor your improvement and adjust difficulty accordingly
- Weekly Evaluations: Provide comprehensive progress reports and learning recommendations
Communication
- Learning Emails: Send you personalized language learning content 3 times per week (Monday, Wednesday, Friday)
- Welcome Messages: Onboard new users with introductory content
- Progress Updates: Weekly evaluation emails with feedback and encouragement
- Service Updates: Important account and service notifications
Service Improvement
- Content Enhancement: Improve AI responses and learning effectiveness
- Feature Development: Build new tools based on user needs and behavior
- Quality Assurance: Monitor system performance and user satisfaction
3. Third-Party Services & Data Sharing
Essential Service Providers
We partner with trusted third-party services to deliver Bennie's functionality:
- Supabase: Database storage and user authentication
- Stores your profile and learning data securely
- Provides secure authentication services
- Data is encrypted and protected by industry-standard security
- OpenAI: AI content generation and analysis
- Receives your learning context (name, proficiency, goals, interests) to generate personalized content
- Analyzes your responses to track progress and adjust difficulty
- Does not retain your data after processing
- Subject to OpenAI's privacy policy and data protection standards
- SendGrid: Email delivery service
- Delivers learning emails and notifications
- Provides delivery analytics and engagement metrics
- Maintains high deliverability and anti-spam compliance
- Google OAuth: Authentication option
- Allows secure sign-in with your Google account
- We only access basic profile information (name, email, profile picture)
- No access to other Google services or personal data
Data Processing Transparency
OpenAI Data Usage: When generating your personalized learning content, we share your learning context (proficiency level, interests, recent topics, and conversation history) with OpenAI's GPT-4 model. This enables Bennie to create content perfectly matched to your skill level and interests. OpenAI does not store or train on your personal data.
4. Google Sign-In & OAuth
When you choose to sign in with Google:
- We request access only to basic profile information (name, email, profile picture)
- We do not access your Google Drive, Gmail, Calendar, or any other Google services
- You can revoke this access at any time through your Google Account settings
- Your Google account information is used solely for authentication and profile setup
- We comply with Google's OAuth policies and user data protection requirements
5. Data Security & Protection
Technical Safeguards
- Encryption: All data is encrypted in transit and at rest
- Access Controls: Row-level security ensures you can only access your own data
- Authentication: Secure login with optional two-factor authentication
- Regular Backups: Your data is backed up regularly to prevent loss
Privacy by Design
- Data Minimization: We collect only what's necessary for your learning experience
- Purpose Limitation: Your data is used only for language learning services
- Retention Limits: Data is retained only as long as needed for your active learning
6. Your Rights & Controls
Account Management
- Access: View all your personal data through your profile page
- Correction: Update your profile information, learning preferences, and goals
- Email Preferences: Adjust frequency and timing of learning emails
- Account Deactivation: Pause your learning emails while keeping your account
Data Rights
- Data Export: Request a copy of all your personal data
- Account Deletion: Permanently delete your account and all associated data
- Correction Requests: Fix any inaccurate information in your profile
- Processing Objection: Object to specific uses of your data
7. Email Communications
Learning Email Schedule
- Regular Learning Emails: 3 times per week (Monday, Wednesday, Friday)
- Weekly Progress Reports: Comprehensive evaluation and feedback every week
- Welcome Series: Onboarding emails for new users
- Service Notifications: Important account and service updates
Email Management
- You can adjust your email frequency and preferences in your profile
- You can pause learning emails temporarily while keeping your account active
- Unsubscribe links are included in all non-essential communications
- Critical service emails (security, billing) may still be sent after unsubscribing from learning content
8. Data Retention
- Active Accounts: Data is retained as long as your account is active
- Inactive Accounts: Data may be deleted after 2 years of inactivity
- Account Deletion: All data is permanently deleted within 30 days of account deletion
- Legal Requirements: Some data may be retained longer if required by law
9. Children's Privacy
Bennie is designed for users 13 years of age and older. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately.
10. International Users
Bennie serves users globally. Your data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place to protect your data regardless of where it's processed.
11. Changes to This Policy
We may update this privacy policy periodically to reflect changes in our practices or legal requirements. We'll notify you of significant changes through email or our website. Your continued use of Bennie after changes are posted constitutes acceptance of the updated policy.
12. Contact Us
If you have questions about this Privacy Policy, want to exercise your data rights, or need support:
- Email: privacy@itsbennie.com
- General Support: hello@itsbennie.com
- Website: itsbennie.com
This privacy policy complies with:
- Google's OAuth 2.0 and user data policies
- OpenAI's API usage requirements
- GDPR (General Data Protection Regulation)
- CCPA (California Consumer Privacy Act)
- Other applicable privacy laws and regulations
At Bennie, we believe that protecting your privacy enhances your learning experience. We're committed to maintaining your trust while helping you achieve your language learning goals.