Privacy Policy
1. Introduction & Scope
Welcome to Grovin. This Privacy Policy explains how Chonghui Chen ("we," "us," or "our") collects, uses, shares, and protects your personal information when you use the Grovin mobile application and related services (collectively, the "Service").
Grovin is an AI-powered language learning app that uses artificial intelligence to deliver personalized Japanese lessons through character "sensei" tutors. Because AI processing is central to how Grovin works, we want to be transparent about what data flows through our systems and our third-party partners.
By creating an account or using the Service, you agree to the collection and use of your information as described in this policy. If you do not agree, please do not use Grovin.
2. Information We Collect
2.1 Information You Provide Directly
| Category | Examples |
|---|---|
| Account information | Email address, display name, timezone, display preferences (theme, sensei selection) |
| Authentication | Email/password, or tokens from Google Sign-In or Apple Sign-In |
| Chat messages | Text you type to your AI sensei during lessons and conversations |
| Memory & journal | Learning memories, identity notes, and journal entries you create to personalize your experience |
2.2 Information Generated Through Your Use
| Category | Examples |
|---|---|
| Learning data | Curriculum progress, lesson completion, drill results, scene performance, vocabulary mastery, confidence scores, streaks |
| Chat session data | AI-generated responses to your messages, session metadata (timestamps, step context, session IDs) |
| Audio data | Text-to-speech audio generated from AI sensei responses. We do not record your voice. |
| Subscription data | Subscription status, product identifier, platform (iOS/Android), expiry dates, message pack inventory |
2.3 Information Collected Automatically
| Category | Examples |
|---|---|
| Device information | Device type, operating system version, app version |
| Usage analytics | Feature usage patterns, session duration, engagement metrics, screen views |
| Error & crash data | Stack traces, error context, device state at time of crash |
| Push tokens | Device tokens used to deliver push notifications |
2.4 Information from Third Parties
- Google or Apple may share basic profile information (name, email) when you use their sign-in services.
- RevenueCat shares subscription status and purchase validation results with us so we can unlock the correct features for your account.
3. How We Use Your Information
- Delivering the Service. Running lessons, generating AI tutor responses, producing drills, managing scenes, tracking your progress, and generating text-to-speech audio.
- Personalization. Adapting lesson content, difficulty, pacing, and sensei personality to your level, learning style, and history.
- AI processing. Sending your messages and relevant learning context to AI services to generate tutor responses, lesson content, and drill questions. See Section 4 for full details.
- Analytics and improvement. Understanding how features are used, measuring engagement, and making product decisions.
- Communication. Sending push notifications for study reminders, streak alerts, and service updates (with your permission).
- Security and integrity. Detecting and preventing fraud, abuse, and technical issues.
- Legal compliance. Meeting legal obligations and enforcing our terms.
4. AI and Machine Learning
This section describes in detail how artificial intelligence processes your data in Grovin. AI is not a peripheral feature — it is the core of how Grovin teaches.
4.1 What Data Is Sent to AI Services
When you interact with your sensei or when the system generates lesson content, the following data may be sent to our AI provider:
- Your chat messages — the text you type to your sensei
- Lesson context — the current step, topic, curriculum position, and learning objectives
- Learning history context — your progress level, vocabulary mastery, recent drill performance, and confidence scores
- Sensei persona context — your selected sensei's personality traits and teaching style
- Memory content — learning memories and identity notes you have created
Your email, password, payment information, and device identifiers are never sent to AI services.
4.2 Which AI Services Process Your Data
OpenRouter (openrouter.ai) is our AI infrastructure provider. OpenRouter routes requests to large language models (LLMs) that generate your sensei's responses, lesson content, and drill questions. OpenRouter acts as our data processor and processes your data only to fulfill our API requests. When OpenRouter processes a request, your data is forwarded to the underlying model provider that runs the LLM. The model providers we currently use through OpenRouter include:
- xAI — provider of Grok models
- Google — provider of Gemini models
- OpenAI — provider of GPT and o-series models
- Anthropic — provider of Claude models
We select models based on quality and suitability for language education, and may change which providers are actively in use over time. All model providers are accessed through OpenRouter's API and are subject to OpenRouter's data processing terms.
Fish Audio is our text-to-speech provider. Fish Audio receives the text of AI-generated sensei responses and returns synthesized audio. Fish Audio does not receive your messages, learning data, or any personally identifiable information — only the text that the AI has already generated.
4.3 How AI Uses Your Data
Your data is used by AI services solely to generate responses for you in real time:
- To produce your sensei's conversational responses during chat
- To generate personalized drill questions and answer choices
- To create scene dialogues and role-play scenarios
- To adapt teaching style and content to your level
4.4 Your Data Is Not Used to Train AI Models
When we send data to OpenRouter's API, it is processed to generate a response and is not incorporated into model training datasets. OpenRouter's API terms prohibit using API customer data for model training. Your conversations with your sensei are yours. They are not fed back into any model's training pipeline.
4.5 Chat Request Logging
We retain logs of AI chat requests (your message, the AI response, and session metadata) on our own servers for the following purposes:
- Debugging — diagnosing errors when something goes wrong in a lesson
- Quality assurance — reviewing AI response quality to improve our prompts and system behavior
- Safety — monitoring for inappropriate AI outputs
These logs are stored in our database and are subject to the data retention periods described in Section 6. They are not shared with third parties.
4.6 AI Processing Is Essential to the Service
AI processing is not optional — it is how Grovin works. Without sending your messages to AI services, we cannot generate sensei responses, create personalized lessons, or produce drills. By using Grovin, you consent to this AI data processing.
If you are not comfortable with AI processing of your learning data, you should not use the Service. You may delete your account at any time (see Section 9).
4.7 Data Retention by AI Providers
- OpenRouter processes data in real time. Per their data processing terms, request data is not permanently stored beyond short-term operational needs. See their privacy policy at openrouter.ai/privacy for current details.
- Fish Audio processes text-to-speech requests in real time. Generated audio files are stored on our servers, not Fish Audio's.
5. How We Share Your Information
We share your information only with the third-party services necessary to operate Grovin. We do not sell your personal information to anyone.
| Service | What They Receive | Why |
|---|---|---|
| OpenRouter | Chat messages, lesson context, learning history | Routing requests to LLM providers for AI tutor responses, lessons, and drills |
| xAI, Google, OpenAI, Anthropic | Chat messages, lesson context, learning history (via OpenRouter) | Running the LLMs that generate AI responses |
| Fish Audio | Text of AI-generated responses | Producing text-to-speech audio for sensei voice |
| Supabase | All user data | Core infrastructure: database, authentication, file storage |
| RevenueCat | User ID, purchase receipts, subscription status | Managing subscriptions and validating purchases |
| PostHog | Anonymized usage events, user properties | Product analytics and improvement |
| Sentry | Crash reports, error context, device info | Identifying and fixing bugs |
| Firebase | Device push notification tokens | Delivering push notifications |
| Google / Apple | Authentication tokens | Verifying identity during sign-in |
We may also share information to comply with legal obligations, to protect rights and safety, or in connection with a merger or acquisition (with notice to you).
6. Data Retention
| Data Category | Retention Period |
|---|---|
| Account information | Retained while active. Deleted within 30 days of account deletion. |
| Learning progress | Retained while active. Deleted with your account. |
| Chat messages & AI responses | Retained while active. Deleted with your account. |
| Chat request logs | Retained indefinitely for debugging and quality assurance. Not deleted upon account deletion. |
| Generated TTS audio | Retained indefinitely for performance. Not deleted upon account deletion. |
| Subscription data | Retained while active. RevenueCat may retain purchase records per their own policy. |
| Analytics data | Retained per PostHog's default retention settings. See PostHog's privacy policy for details. |
| Error & crash data | Retained per Sentry's plan-based retention settings. See Sentry's privacy policy for details. |
| Push notification tokens | Deleted when you disable notifications or delete your account. |
After account deletion, we may retain anonymized, aggregated data that cannot be used to identify you.
7. Data Security
We take the security of your data seriously and implement the following measures:
- Encryption in transit. All data transmitted between the app and our servers uses TLS (HTTPS) encryption.
- Encryption at rest. Database storage is encrypted at rest.
- Row-Level Security (RLS). Our database enforces row-level security policies, meaning each user can only access their own data through the API.
- Access controls. Access to production systems and user data is restricted to authorized personnel.
- Authentication security. Passwords are hashed using industry-standard algorithms. We support secure third-party authentication through Google and Apple.
- Signed URLs. Audio files and media are served via time-limited signed URLs rather than public links.
No system is perfectly secure. While we strive to protect your data, we cannot guarantee absolute security. If we become aware of a security breach affecting your personal information, we will notify you as required by applicable law.
8. Your Rights and Choices
Depending on your location, you may have the following rights regarding your personal information:
- Access. Request a copy of the personal data we hold about you.
- Correction. Request correction of inaccurate personal data.
- Deletion. Request deletion of your account and associated data (see Section 9).
- Data portability. Request your data in a structured, machine-readable format.
- Opt out of analytics. Contact us at get.grovin.app@gmail.com to opt out of PostHog analytics collection.
- Push notification control. Enable or disable push notifications through your device settings.
- Withdraw consent. Where processing is based on consent, you may withdraw it at any time. Note that withdrawing consent for AI processing means you would need to stop using the Service.
To exercise any of these rights, contact us at get.grovin.app@gmail.com. We will respond within 30 days.
9. Account Deletion
You can delete your account directly within the Grovin app. Here is what happens when you do:
- Account and profile data — permanently deleted.
- Learning progress, chat history, memories, and journal entries — permanently deleted.
- Generated audio files — not automatically deleted. Audio files associated with your lessons may persist in storage.
- Chat request logs — not automatically deleted. Logs of AI requests and responses may persist for debugging and quality assurance purposes.
- Analytics and error data — data already sent to third-party analytics and error-tracking services (PostHog, Sentry) is retained per those services' own retention policies.
- Subscription — your subscription is not automatically canceled. Active subscriptions must be canceled through the App Store (iOS) or Google Play Store (Android) before or after deleting your account.
Account deletion is permanent and cannot be undone. Deletion is completed within 30 days of your request.
10. Children's Privacy
Grovin is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.
- Users must be at least 13 years old to create a Grovin account.
- If we learn that we have collected personal information from a child under 13, we will take steps to delete that information as quickly as possible.
- If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us at get.grovin.app@gmail.com and we will delete it.
For users between 13 and the age of majority in their jurisdiction, we recommend that a parent or guardian review this Privacy Policy.
11. International Data Transfers
Grovin's servers and third-party service providers may be located in countries other than your own, including the United States. By using the Service, you consent to the transfer of your information to these countries.
| Service | Primary Data Location |
|---|---|
| Supabase | United States |
| OpenRouter | United States |
| RevenueCat | United States |
| PostHog | United States / EU |
| Sentry | United States |
| Firebase | United States |
If you are located in the EEA, United Kingdom, or Switzerland, transfers to the United States are conducted under standard contractual clauses or other approved transfer mechanisms where applicable.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes, we will update the "Effective Date" at the top. For material changes, we will notify you through an in-app notification or by email before the changes take effect. Your continued use of Grovin after changes take effect constitutes acceptance of the updated policy.
13. Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us:
- Email: get.grovin.app@gmail.com
- Company: Chonghui Chen
- Address: San Francisco, CA
14. App Store Privacy Details
For transparency and to support our App Store privacy nutrition labels:
| Data Type | Collected | Linked to Identity | Used for Tracking |
|---|---|---|---|
| Email address | Yes | Yes | No |
| Name | Yes | Yes | No |
| User ID | Yes | Yes | No |
| Purchase history | Yes | Yes | No |
| Usage data | Yes | Yes (pseudonymized) | No |
| Crash data | Yes | No | No |
| Performance data | Yes | No | No |
| Precise location | No | — | No |
| Contacts | No | — | No |
| Photos / videos | No | — | No |
| Audio (user voice) | No | — | No |
| Health / fitness | No | — | No |
| Financial info | No | — | No |
We do not use any collected data for third-party advertising or tracking.