Privacy Policy - Pinyinize

Your privacy is important to us. This Privacy Policy explains how Pinyinize collects, uses, stores, and protects your information when you use our website and services.

1. Information We Collect

We collect information you provide directly when creating an account (email address, display name, and profile preferences), payment information processed securely through our payment providers (we do not store full card numbers), text you submit for conversion or translation, reader progress and learning preferences, and usage data such as feature activity and preferences. We also automatically collect technical data including IP address, browser type, device information, and pages visited. If you use AI-powered features, the text you submit is sent to third-party AI services for processing.

2. How We Use Your Information

We use your information to provide and maintain Pinyinize features, process payments and manage access, personalize your learning experience, improve service quality, send transactional emails (account confirmations, password resets, payment receipts), detect and prevent fraud or abuse, analyze aggregate usage patterns to improve our service, and comply with legal obligations. We do not sell your personal information to third parties.

3. Data Storage and Security

Your data is stored securely using encrypted cloud infrastructure. Sensitive service data is protected before storage. Payment processing is handled entirely by our third-party payment providers. We never store full credit card numbers on our servers. We implement industry-standard security measures to protect your data, including encrypted connections and access controls.

4. Account Security and Fraud Prevention

We collect and retain the following information under our legitimate interests in account security and fraud prevention (GDPR Art. 6(1)(f)). For each sign-in and sensitive account action (email change, password change, enabling or disabling two-factor authentication), we record your IP address, browser user-agent, approximate country, and a server-assigned device identifier. This data helps us detect unauthorized access and verify your identity if you contact support. Retention: sign-in records for 12 months; sensitive-action event records for 24 months. If you change your email address, we also retain a log of your previous addresses for the lifetime of your account; this log is included in any data export you request. Additionally, normalized versions of all email addresses ever associated with your account are permanently stored — including after account deletion — solely to prevent repeated misuse of our free trial across multiple accounts.

5. Third-Party Services

We work with trusted third-party service providers to operate Pinyinize. These include providers for authentication and data storage, payment processing, website analytics (only with your consent where required), advertising (only with consent where required), security and performance, email delivery, AI-powered features, and application hosting. Each provider operates under their own privacy policy. We only share the minimum data necessary for each service to function.

6. Cookies and Tracking Technologies

We use essential cookies required for authentication, preferences, checkout, security, and site functionality. These cannot be disabled. Analytics and advertising cookies help us understand what is helpful, improve the site, and show better ads. They are controlled by your cookie choices and applicable law. You can manage your preferences through Your Privacy Choices, the cookie banner where shown, or your browser settings. For full details, see our Cookie Policy.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data. Under GDPR (European Economic Area): right of access, right to rectification, right to erasure, right to data portability, right to restrict processing, and right to object. Under CCPA (California): right to know what data we collect, right to delete your data, and right to opt out of the sale of personal information (we do not sell your data). You can exercise these rights through your account settings (Dashboard > Settings > Danger Zone), where you can export your data or delete your account, or by contacting us at [email protected].

8. Data Retention

We retain your account data for as long as your account is active. Conversion history, translation activity, and reader progress are retained to provide your account features and can be exported or deleted where supported. Payment records are retained as required by tax and accounting regulations (typically 7 years). If you delete your account, we remove your personal data, conversion history, reader progress, and credit records. However, we retain pseudonymized fraud-prevention identifiers to prevent trial and credit abuse. These identifiers cannot be used to reconstruct your personal information. Anonymized, aggregate data may be retained indefinitely for service improvement. This data cannot be linked back to any individual user.

9. Children's Privacy

Pinyinize is not directed at children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete that information. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected].

10. International Data Transfers

Your data may be processed in countries other than your own. Our hosting, payment, analytics, security, and AI service providers may operate globally. Where data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify registered users via an in-app notification banner and update the "Last Updated" date at the top of this page. Your continued use of Pinyinize after changes are posted constitutes acceptance of the revised policy. We encourage you to review this page periodically.

12. Contact Information

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at [email protected]. We aim to respond to all privacy-related inquiries within 30 days.