Privacy Policy

1. Who We Are

ReadNihongo ("ReadNihongo," "we," "us," or "our") is a language-learning service operated by Elm and Ink LLC, located at 9755 N Lucerne Ave, Kansas City, MO 64154, USA.

For privacy questions or requests, contact us at privacy@readnihongo.com. For general support, you may also contact hello@readnihongo.com.

2. Information We Collect

We collect only the information we need to run the Service.

A. Account and authentication information

If you create an account, we may collect:

• your email address;
• authentication session data, such as session cookies or tokens used to keep you signed in; and
• if you choose Continue with Google, basic account information made available through our authentication flow, such as your email address and other profile data needed to sign you in.

We use Supabase for authentication and session management.

B. Learning and account data

If you use synced features while signed in, we may store learning data linked to your account, such as:

• saved words;
• where a saved word came from in the app, such as a story, sentence, or token;
• review status and review scheduling data for saved words, such as due dates and review counts; and
• story progress, such as the last sentence reached, whether a story was completed, and a furigana preference associated with that story.

C. Data stored on your device

If you use the Service without signing in, or when you use device-based features, your browser may store information locally, including:

• saved words;
• furigana preferences;
• completed stories or lessons;
• lesson progress;
• migration reminders or snooze settings; and
• cached pages and assets used for offline or faster app performance.

This information is generally stored using browser storage technologies such as localStorage and the browser cache / service worker.

D. Audio and text-to-speech data

If you use audio playback features, we may process the text or SSML you ask us to read aloud.

Depending on how the Service is configured, that may include:

• sending your request to our server-side text-to-speech feature;
• sending the requested text or SSML to Google Cloud Text-to-Speech to generate audio;
• temporarily or persistently caching generated audio in private cloud storage for performance; and
• delivering audio back to you using time-limited links.

If server-side text-to-speech is unavailable, your browser or device may use its own local speech-synthesis capabilities instead.

E. Support and correspondence

If you email us or contact us through a support form, we receive the information you choose to send, such as your name, email address, and message. We may also keep basic request metadata, such as request time, referrer, and hashed abuse-prevention signals.

F. Technical and security information

Like most online services, our infrastructure may receive technical information needed to operate the Service, such as IP address, request metadata, browser information, and similar diagnostic data.

In particular, some protected endpoints, including text-to-speech features and anonymous support intake, may use account identifiers and/or IP-based signals for authentication, rate limiting, abuse prevention, and service reliability.

When diagnostic error reporting is enabled, we may receive limited browser or service-worker error reports, such as an error message, stack trace, page path without query strings, browser type, display mode, online state, and related deployment metadata. These reports are used to diagnose reliability issues and are not designed to collect account contents, saved words, form submissions, cookies, local storage values, or authentication tokens.

3. How We Use Information

We use personal information to:

• create and secure user accounts;
• authenticate logins, including email login and Google sign-in;
• sync saved words and reading progress across devices;
• remember your preferences and support offline or app-like features;
• provide review, study, and reader functionality;
• generate or deliver audio playback when you use text-to-speech features;
• protect the Service from misuse, unauthorized access, and excessive automated requests;
• respond to support requests and communications;
• comply with legal obligations; and
• enforce our Terms and protect our rights.

We do not currently use a dedicated third-party crash-reporting SDK in the reviewed project version.

When advertising is enabled, we may also use Google AdSense and Google Privacy & messaging to manage privacy choices and to serve ads on selected parts of the Service. Visible ad units are released only after the consent flow produces a usable advertising decision for the current visit.

4. Cookies, Local Storage, and Similar Technologies

ReadNihongo uses browser-side storage and similar technologies to make the Service work.

These may include:

• essential authentication cookies used to keep signed-in users authenticated;
• localStorage entries used for preferences and local learning state; and
• service worker / browser cache storage used to support installable and offline-capable web app behavior.

These technologies are used for authentication, preferences, syncing, offline performance, and, when enabled, advertising consent and ad delivery.

If Google AdSense / Privacy & messaging is enabled, Google may also use cookies, local storage, or similar technologies for advertising, consent-state management, fraud prevention, and measurement. Where required by law, we ask for consent or provide opt-out controls before using non-essential advertising-related storage and processing.

5. When We Share Information

We do not sell your personal information.

We may share personal information with service providers that help us operate the Service, including:

A. Supabase

We use Supabase for authentication, session handling, and database storage for account-linked learning data.

B. Google

We may use Google services in two different ways:

• Google Sign-In / OAuth, if you choose to sign in with Google;
• Google Cloud Text-to-Speech and related cloud storage features, if you use server-side audio playback features; and
• Google AdSense and Google Privacy & messaging, if advertising and consent messaging are enabled for the site.

C. Hosting and infrastructure providers

Our hosting and infrastructure providers may process personal information as needed to serve the website, APIs, stored content, runtime logs, and limited diagnostic error reports.

D. Legal and safety disclosures

We may disclose information if required by law, legal process, or a valid government request, or when we believe disclosure is reasonably necessary to protect users, the Service, or our rights.

E. Business transfers

If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, personal information may be transferred as part of that transaction, subject to applicable law.

6. Advertising and Analytics

We do not currently enable a separate third-party site analytics product by default.

We may use Google AdSense and Google Privacy & messaging / Consent Management Platform (CMP) to request privacy choices and to serve ads on selected parts of the Service.

Depending on your location and choices, the site may request personalized ads, non-personalized ads, or may avoid loading visible ad units entirely. We also provide a footer link labeled Privacy & cookie settings so users can revisit privacy choices when Google makes that flow available.

The AdSense site tag may be enabled for site verification or consent messaging even when visible ad units remain turned off.

7. Legal Bases for Processing (EEA, UK, and similar jurisdictions)

Where applicable law requires a legal basis, we generally rely on the following:

• Contract: to provide the Service you requested, such as account login, syncing, saved words, reading progress, and audio features;
• Legitimate interests: to secure the Service, prevent abuse, improve reliability, respond to support, and maintain the Service;
• Legal obligation: where we must keep or disclose information under applicable law; and
• Consent: where required for optional features such as advertising, consent-based analytics, or similar processing.

If we rely on your consent, you may withdraw it at any time. Withdrawal does not affect processing that happened before withdrawal.

8. Data Retention

We keep personal information for as long as reasonably necessary for the purposes described in this policy, including to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements.

In general:

• account and synced learning data are kept until you delete your account or ask us to delete them, unless we need to retain certain information for legal, security, or fraud-prevention reasons;
• data stored locally on your device remains there until you clear it, uninstall the web app, or your browser removes it;
• generated text-to-speech audio may remain cached for performance until removed, replaced, or no longer needed; and
• support communications may be retained as long as reasonably necessary to respond to you and maintain business records.

9. International Data Transfers

ReadNihongo is based in the United States, and our service providers may process information in the United States and other countries.

If you use the Service from outside the United States, your information may be transferred to and processed in countries that may not provide the same level of legal protection as your home jurisdiction. Where required, we rely on appropriate safeguards for such transfers.

10. Security

We use reasonable administrative, technical, and organizational measures designed to protect personal information.

These measures may include secure transport, access controls, authentication controls, and database access restrictions. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Your Rights

Depending on where you live, you may have rights such as:

• the right to know whether we process your personal information;
• the right to access a copy of your personal information;
• the right to correct inaccurate information;
• the right to delete personal information, subject to legal exceptions;
• the right to object to or restrict certain processing;
• the right to data portability;
• the right to withdraw consent, where processing is based on consent;
• the right to opt out of sale or sharing, if we ever engage in that type of processing; and
• the right to lodge a complaint with a supervisory or regulatory authority.

To make a privacy request, email privacy@readnihongo.com from the email address associated with your account, or contact us using the contact details below. We may need to verify your identity before completing certain requests. We will respond within the time required by applicable law.

California notice

If Google advertising features are enabled, California and other U.S. state residents may be offered additional notice or choice controls for advertising-related processing through the site's privacy controls.

Users can revisit applicable privacy choices through the footer link labeled Privacy & cookie settings when that control is available.

12. Children's Privacy

ReadNihongo is not directed to children under 13.

If local law requires a higher age for consent to online services, users under that age should not use the Service without permission from a parent or guardian.

If you believe a child provided personal information to us in violation of this policy, contact us and we will take appropriate steps to review and delete it where required.

13. Changes to This Policy

We may update this Privacy Policy from time to time.

If we make material changes, we will post the updated version in the Service and update the "Last updated" date above. Where required by law, we will also provide additional notice or obtain consent.

14. Contact Us

Elm and Ink LLC

9755 N Lucerne Ave
Kansas City, MO 64154
USA

Privacy: privacy@readnihongo.com
General support: hello@readnihongo.com