Quralingo Privacy Policy
Last updated: 24 April 2025
Introduction
Welcome to Quralingo! This Privacy Policy explains how Quralingo ("we", "us", or "our") collects, uses, and protects your personal information when you use our mobile application and website. Quralingo provides an educational platform designed especially for children, and we are committed to safeguarding user privacy in compliance with applicable laws in the European Union (EU) and the United States (US). By using Quralingo, you agree to the practices described in this Privacy Policy. We adhere to the General Data Protection Regulation (GDPR) in the EU and the California Consumer Privacy Act (CCPA) in California, as well as the Children’s Online Privacy Protection Act (COPPA) in the US for users under 13. We strive to present this policy in clear, plain English, so that both parents and users (including younger users) can understand how their data is handled.
Information We Collect
We collect various types of information from and about our users in order to provide and improve our services. This includes:
-
Account Information: When you sign up for Quralingo, we ask for personal information such as your name, email address, and phone number. You may create an account directly or use third-party login options (Google, Apple, or Facebook). If you register via a third-party login, we receive certain profile information from them (for example, your name, email, and profile photo) that you have authorized the provider to share with us. We use this to set up your Quralingo profile. (For Apple Sign-in, if you choose to hide your email, we will receive an anonymous relay email address instead.)
-
Profile Photos and Content: You may upload a profile photo or other images to your account. We store these images and associate them with your profile. Any information you add to your profile (such as a biography or display name) is also collected and stored by us.
-
User-Generated Interactions: Quralingo allows social interaction features. We collect information about your interactions with other users and content on the platform. This includes data on who you follow or unfollow, the posts or content you like or react to, and any comments you write. These interactions are recorded to enable those features (for example, to show your comments to other users or to notify a user that someone liked their post).
-
Usage Data and Device Information: Like most apps and websites, we automatically collect certain data about how you access and use Quralingo. This may include your device type, operating system, browser type, IP address, device identifiers, and app version. We also log usage information such as the pages or screens you view, the features you use, access times, and referring websites. For the website, we use cookies and similar technologies to remember your preferences and track your use of our site (more details on cookies are provided in the Cookies section below).
-
Newsletter and Communications: If you voluntarily sign up to receive our newsletter or other email updates, we will collect your email address and any preferences you provide. We will use this information to send you news, updates, and marketing communications. Each newsletter email will contain an unsubscribe link so you can opt out at any time. If you opt out or unsubscribe, we will remove you from the mailing list and stop sending you the newsletter.
How We Use Your Information
We use the collected information for the following purposes:
-
To Provide and Maintain Our Services: We use personal data to create your account, enable the app’s features, and allow you to interact with other users. For example, we use your sign-up information to log you in and your follow/unfollow data to manage your social feed. This use is necessary to perform our contract with you (providing the Quralingo service).
-
To Facilitate Social Interaction: Your profile information (like name and photo) and user-generated content (such as comments or reactions) may be shared with other users of Quralingo as part of the app’s normal functionality. For instance, when you comment on a post, other users can see your comment along with your display name and profile photo.
-
To Communicate with You: We use your contact information to send important account-related messages, such as verification emails, password reset links, or notifications about changes to our service. If you sign up for the newsletter or agree to receive marketing communications, we will send you those as well (you can unsubscribe at any time). Additionally, we may send push notifications or in-app notifications via our notification system (OneSignal) to alert you about activity in the app (for example, when someone follows you or replies to your comment). You can control push notifications through your device settings or in-app preferences.
-
To Improve and Analyze Our Services: We are continuously working to make Quralingo better. We analyze usage data and feedback to understand how users interact with our app and website. For this purpose, we use analytics tools (described below) to collect data on app performance, popular features, and crash reports. For example, if the app crashes, we receive technical details about the crash through Firebase Crashlytics to help us diagnose and fix the issue. Similarly, aggregated analytics about which lessons are most used helps us improve content. We also track bug reports and errors using Sentry to maintain app stability.
-
For Safety and Compliance: We may process personal information to enforce our Terms of Service, to ensure user safety, and to prevent fraud or misuse of Quralingo. This includes using data to detect and address violations (such as inappropriate behavior or content). We also use personal data as required to comply with legal obligations, such as keeping records for regulatory compliance or responding to lawful requests by authorities.
We will only use your personal information for the purposes described above and will seek your consent if we need to use it for any other purpose. For users in the EEA, our legal bases for processing your data include: the necessity to perform a contract (for core features of Quralingo), your consent (for optional features like marketing emails or, in the case of children, parental consent), compliance with legal obligations, and our legitimate interests in improving our services and ensuring the security of our platform (balanced against your rights).
Third-Party Services and Analytics
To provide a high-quality experience, Quralingo relies on several third-party service providers. These third parties act as our data processors, meaning they process information on our behalf under strict confidentiality and security obligations. We do not sell your personal data to anyone, and we only share data with these providers to the extent necessary for them to perform their functions. Our key third-party services include:
-
Firebase Analytics & Crashlytics (Google): We use Google Firebase Analytics to understand how users engage with our app, and Firebase Crashlytics to monitor app crashes and performance issues. Firebase may automatically collect identifiers and device info (like your device model, OS version, and user actions in the app) to provide aggregated usage statistics and crash reports. For example, if the app crashes, Crashlytics logs technical details such as the app’s version, the time of crash, device OS version, and device model. This information helps us diagnose the problem and improve the app’s stability. The data collected through Firebase Analytics is subject to Google’s Privacy Policy. We have configured Firebase to mask or avoid collecting any information that directly identifies you (such as your full name or phone number) in analytics or crash logs.
-
OneSignal (Push Notifications): We integrate OneSignal to send push notifications and in-app messages. OneSignal collects device information like a push token (a unique identifier for your device) so that we can deliver notifications to you. It may also track whether you have opened or interacted with a notification, helping us understand engagement. OneSignal does not collect contact information like your email or phone; it primarily uses technical data to send notifications. You can opt out of push notifications at any time by adjusting your device or app settings.
-
Google Analytics and Tag Manager (Website): On our website, we use Google Analytics, facilitated via Google Tag Manager, to collect information about web visitors. Google Analytics uses cookies (small text files stored on your browser) to gather data such as your IP address, browser type, pages visited on our site, time spent on pages, and referring URL. This data helps us analyze web traffic and improve the website’s design and content. The information collected is generally aggregated and does not directly identify you. You can control or block cookies through your browser settings if you prefer (see the Cookies section below for more on how we use cookies). Google Tag Manager is used to manage these analytics scripts and does not itself collect personal data.
-
Sentry (Error Tracking for Backend): Our backend system uses Sentry to log and track errors that occur in our application (for example, a server-side error when you use the app). When an error occurs, Sentry captures information about the error and the environment in which it happened. This typically includes technical details like the error message, stack trace (the sequence of code events leading to the error), timestamp, and possibly contextual data such as your user ID or the action you were performing. We use this information to quickly identify and fix bugs. We have measures in place to avoid sending sensitive personal data in these error reports. Sentry is a third-party service that may process this data on servers in the US; however, it is contractually bound to treat all data confidentially and only use it for providing error monitoring to us.
Cookies: In connection with the above services, our website uses cookies and similar tracking technologies. Cookies are small data files placed on your device when you visit our site. They allow us and our analytics providers (like Google Analytics) to recognize your browser and remember certain information. For example, cookies enable functions like keeping you logged in, remembering your site preferences, and gathering web analytics. We do not use cookies for advertising purposes. You have the ability to accept or refuse cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. Note that disabling cookies may affect some features of the website (for instance, the site might not remember your preferences).
Children's Privacy
Protecting the privacy of young users is especially important to us. Quralingo is designed for children’s education, and we comply with child privacy laws such as COPPA in the US and relevant provisions of the GDPR (and EU member state laws) for children. This section explains how we handle personal data for users under the age of 13 (or under the applicable age of digital consent in your region, which is 16 in some EU countries).
Parental Consent: If a user indicates that they are under the age of 13 (or the applicable age in their country) during the sign-up process, we will require verifiable parental consent before that account can be fully used. We have implemented a simple and legally compliant parental consent mechanism that minimizes impact on the user experience. In practice, this means we may ask the child user to provide a parent or guardian’s email address. We then contact the parent directly with information about Quralingo’s data practices and request consent for the child’s use of our service. The parent can provide consent by responding to the email or clicking a verification link. We take an additional step to confirm the consent (for example, sending a follow-up confirmation email to the parent), in line with the "email plus" method recognized under COPPA . This method is permitted when a child’s personal information will only be used internally by us and not shared publicly or with unrelated third parties
If we do not receive the required parental consent within a reasonable time, we will not activate the child’s account (or we will suspend or delete any information collected from the child in the interim). We do not allow children under 13 to use Quralingo without parental approval.
Limitations on Child Data Collection: We do not ask children to provide any more personal information than is reasonably necessary to use Quralingo. For example, while an email address is needed (usually the parent’s email for children) to create an account, we do not require a physical address or phone number from a child user. Any profile information or content that a child provides is entirely optional and under parental supervision.
We also take measures to prevent a child from sharing personal information publicly. Quralingo’s social features are designed with safety in mind – for instance, a child’s profile may only display a username or avatar, and we filter or moderate public content to avoid disclosure of sensitive info. We do not knowingly allow children to post personal contact details in public areas of the app.
Parental Rights and Controls: If you are a parent or legal guardian of a Quralingo user under 13, you have special rights regarding your child’s information. At any time, parents can contact us to: (a) review the personal information we have collected about their child; (b) request correction or update of that information; (c) refuse further collection or use of the child’s information; and (d) request deletion of their child’s account or personal data . If you revoke consent or request deletion, we will promptly remove the child’s personal information from our records (except as needed to comply with legal obligations) and ensure it is deleted securely or anonymized. Note that even after deletion, it may take a short period to fully remove data from backups.
We will notify parents of any material changes to our practices regarding children’s data. If we make significant changes to how we collect or use children’s personal information, we will seek updated parental consent as required by law. Our goal is to give parents control while allowing children to benefit from Quralingo’s educational content in a safe manner.
Your Rights Under GDPR (EU/EEA)
If you are located in the European Economic Area (EEA) or another jurisdiction with similar laws, you have certain rights over your personal data under the GDPR. These include:
-
Right of Access: You have the right to request a copy of the personal data we hold about you, as well as information on how we process it.
-
Right to Rectification: If any of your information is inaccurate or incomplete, you have the right to ask us to correct or update it.
-
Right to Erasure: You can request that we delete your personal data if, for example, it is no longer necessary for the purposes it was collected. This is also known as the "right to be forgotten." We will honor such requests to the extent required by law. (Please note we may retain some information if we have a legal obligation to do so or other lawful basis to keep it.)
-
Right to Restrict Processing: You have the right to ask us to limit the processing of your data in certain circumstances – for instance, while we address a concern about the accuracy of your data or an objection you have raised to our processing.
-
Right to Data Portability: You have the right to obtain your personal data from us in a structured, commonly used, machine-readable format, and to have that data transmitted to another service provider where technically feasible.
-
Right to Object: You may object to our processing of your personal information if we are processing it based on legitimate interests or for direct marketing. If you object, we will consider your request and stop or adjust processing unless we have compelling legitimate grounds to continue (or if the objection is to marketing, we will stop).
-
Right to Withdraw Consent: If we rely on your consent to process any of your data, you have the right to withdraw that consent at any time. For example, you can opt out of the newsletter or revoke consent for a child’s account, and we will stop the processing that was based on consent. Withdrawal of consent does not affect the lawfulness of any processing conducted prior to your withdrawal.
To exercise any of these rights, please contact us using the contact details in the “Contact Us” section below. We may need to verify your identity (to protect your privacy by ensuring it’s you making the request) and in the case of a parent exercising rights on behalf of a child, we may need additional verification of the relationship. We will respond to your request within one month, as required by GDPR, unless an extension is permitted. There is no fee for exercising your rights, unless requests become excessive or repetitive, in which case a reasonable fee may apply as allowed by law.
Additionally, if you believe we have infringed your data protection rights, you have the right to lodge a complaint with your local supervisory authority (Data Protection Authority) in the EU. We would, however, appreciate the chance to address your concerns directly, so we encourage you to contact us first with any complaint.
Your Rights Under CCPA (California)
If you are a California resident, you are protected by the California Consumer Privacy Act (CCPA) (as amended by the CPRA). In compliance with CCPA, we provide the following rights to California users:
-
Right to Know: You have the right to know what personal information we collect, use, disclose, and sell (please note, Quralingo does not sell your personal information, as explained below). You can request that we disclose the categories of personal information we have collected about you, the categories of sources of that information, the business purpose for collecting it, and the categories of third parties with whom we share it. Much of this information is provided in this Privacy Policy. You also have the right to request a copy of the specific pieces of personal information we have collected about you in the 12 months preceding your request.
-
Right to Deletion: You have the right to request that we delete personal information we have collected from you (and direct our service providers to do the same). Upon a verified request, we will delete your personal data from our records, unless an exception applies. For example, we may retain information needed to complete a transaction you requested, detect security incidents, comply with legal obligations, or other reasons permitted by CCPA.
-
Right to Opt-Out of Sale: CCPA gives you the right to opt out of the “sale” of your personal information. As stated, Quralingo does not sell personal data to third parties for monetary value. We also do not share personal information for behavioral advertising or targeted advertising in a way that would be considered a sale under CCPA. Therefore, there is no need for you to opt out – we simply do not sell your data. If in the future we ever considered sharing data in a way that CCPA defines as a “sale,” we would provide a clear opt-out mechanism (such as a “Do Not Sell My Info” link) and obtain any required consents, especially for minors.
-
Right to Correct: You have the right to request that we correct any inaccurate personal information we hold about you. If you have an account, you can also correct and update some of your information directly (for example, by editing your profile).
-
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we will not deny you our services, charge you a different price, or provide a lesser quality of service because you exercised your rights. Quralingo provides the same level of service and features to all users regardless of any privacy rights requests.
To make a CCPA request, you (or an authorized agent acting on your behalf) can contact us through the methods listed in the “Contact Us” section. Please specify that you are making a “CCPA request” and describe which right you are seeking to exercise (access/know, deletion, correction, etc.). We will need to verify your identity (or your agent’s authority) before fulfilling the request, which may involve asking you to provide additional information or to log in to your account. We will respond to verifiable requests within 45 days as required by CCPA (or notify you if we need more time).
Note that some information we collect is exempt from CCPA’s scope (for example, information governed by other privacy laws like COPPA or medical/financial information protected by other laws). However, our policy is to apply the same spirit of transparency and control to all users. If you have any questions about your California privacy rights, you can also contact us for further information.
Data Retention and Deletion
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations. This means that we keep your data for the duration of your account being active and for a period afterward only if needed for legal, accounting, or legitimate business purposes.
-
Account Data: If you have an account with Quralingo, we will retain your account information and user content for as long as your account is active. If you choose to delete your account (or a parent withdraws consent for a child’s account), we will initiate deletion of personal data associated with that account. Account deletion will result in removal of your profile information and any personal data not required for our legal compliance. Some residual data (like comments you made on others’ posts) might remain visible to other users unless those users delete it, but we will disassociate it from your profile.
-
Interactions and Content: Content that you have posted (such as comments or reactions) may be retained as part of another user’s experience (for example, comments you made on a teacher’s post may remain visible to that teacher). However, we can anonymize or remove identifying information from such content upon request. If another user (e.g., a parent or teacher) deletes content that involved your data, it will be deleted from our systems according to that user’s request.
-
Analytics and Logs: Usage data, analytics records, and crash logs are generally retained for a shorter period. We might keep analytics data in aggregated form (which does not identify individuals) indefinitely to help us understand trends over time. Crash reports and technical logs are typically retained only long enough to analyze and fix issues, then they may be deleted or stored in aggregate form. For instance, Crashlytics and Sentry data are routinely purged after issues are resolved or after a set time frame, to reduce storage of unnecessary personal data.
-
Legal Retention Requirements: In some cases, we may need to retain certain information for longer periods if required by law. For example, records of parental consents, transactions, or communications might be kept to comply with COPPA or other regulatory requirements. If we are under a legal obligation to retain data (such as for tax, audit, or court order reasons), we will securely store the data for the required period and not use it for other purposes.
When we no longer have a legitimate need or legal obligation to keep your personal information, we will delete it or anonymize it. We use commercially reasonable and secure methods to delete data. For example, we may permanently erase data from our servers or overwrite it. In some cases, instead of outright deletion, we may anonymize the data so it can no longer be associated with you (for instance, converting event logs to statistical summaries). We follow industry best practices to ensure that deleted data is not accessible by unauthorized parties
Please note that when you delete the app from your device, it does not automatically delete your account or data. You will need to follow the in-app account deletion process or contact us to request deletion. We also want to highlight that removing data from backup systems may take additional time, but we will ensure it’s removed in the next backup cycle.
Data Security
We take the security of your personal information very seriously. Quralingo implements appropriate technical and organizational measures to protect your data from unauthorized access, loss, misuse, or alteration. These measures include encryption of data in transit (e.g., using HTTPS for our website and secure communication for the app) and encryption of sensitive data at rest where applicable. We also restrict access to personal data to authorized personnel who need it to operate our service, and we ensure our staff and partners are subject to confidentiality obligations.
We continuously work to update and improve our security practices to adapt to new threats. However, please understand that no method of transmitting or storing data is completely secure. While we strive to protect your personal information, we cannot guarantee absolute security of information transmitted through the internet or stored on our servers. You share and transmit data at your own risk, but rest assured we are using commercially reasonable efforts and industry standards to protect your data.
As a user, you also have a role in keeping your information secure. Please maintain the confidentiality of any account credentials (such as your password, if you have one) and be mindful of the information you share. If you believe that your account or personal data has been compromised, please contact us immediately so we can take appropriate action.
International Data Transfers
Quralingo is accessible to users around the world. The data we collect from you may be transferred to, and stored on, servers located outside of your state, province, or country. In particular, if you are in the EU/EEA, be aware that your personal information may be transferred to and processed in the United States or other countries where some of our third-party service providers (such as Google, OneSignal, and Sentry) are based. These countries may have data protection laws that are different from those in your jurisdiction and, in some cases, may not be deemed “adequate” by the European Commission.
Whenever we transfer personal data out of the EU/EEA, we take steps to ensure that appropriate safeguards are in place to protect your information. We rely on Standard Contractual Clauses (SCCs) – which are the European Commission’s approved model data protection clauses – as a legal mechanism for international data transfers . These SCCs contractually require the recipient of the data to protect it to EU privacy standards. In some cases, we may rely on other safeguards or exceptions permitted by the GDPR, such as when a transfer is necessary to perform our contract with you, or if you give us explicit consent after being informed of the possible risks.
By using Quralingo, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this policy. That said, we will always ensure such transfers are done in compliance with applicable privacy laws and that your data remains protected. If you would like more information about international data transfers or a copy of the SCCs we use, you can contact us using the information below.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will notify you by means of a prominent notice within the app or on our website, or by sending you an email (if we have your email on file). We will indicate at the top of this Privacy Policy the date of the latest revision.
We encourage you to review this Privacy Policy periodically for any updates. Your continued use of Quralingo after any changes to this Privacy Policy constitutes your acceptance of those changes, to the extent permitted by law. If you do not agree with any updates or changes, you should stop using the service and, if applicable, delete your account.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. We are here to help and will respond as promptly as we can.
Contact Information:
Email: privacy[at]quralingo[dot]com
(If you prefer to reach us by mail, please send correspondence to our headquarters address 9169 W State St #485 Garden City ID 83714 United States.) For privacy-specific concerns, please include "Privacy Inquiry" in the subject line of your email. If you are contacting us to exercise a privacy right (such as a GDPR or CCPA request), please describe your request with sufficient detail and include any information that will help us verify your identity.
Language of this Privacy Policy
Please note that this Privacy Policy is provided in English only and we currently do not offer translations in other languages. If you do use a translation tool to read this policy in another language, keep in mind that the English version is the official text.
Thank you for taking the time to read our Privacy Policy. We value your trust and are dedicated to protecting your privacy while you or your children engage with Quralingo’s educational platform.