Privacy policy
1. Introduction
This Privacy Policy explains how Lectoria (“Lectoria”, “we”, “us”, or “our”) collects, uses, and protects personal data when you use our website and services (the “Service”).
We are committed to protecting your privacy and handling your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).
2. Data Controller
The data controller responsible for processing your personal data is:
Email: support@lectoria.app
3. Personal Data We Collect
We may collect and process the following categories of personal data:
a) Account & Usage Data
- name or username
- email address
- account identifiers
- course purchases and access history
b) Payment Information
Payments are processed by third-party payment providers (e.g. Stripe).
We do not store full payment card details.
c) Technical & Usage Data
- IP address (in limited form)
- device and browser information
- pages visited and actions taken on the Service
- session recordings and usage replays, used to understand how users interact with the Service and to improve usability and reliability
Session recordings are used for product improvement and debugging and are not used to intentionally collect sensitive personal data.
4. Cookies & Tracking Technologies
We use cookies and similar technologies to operate and improve the Service.
a) Strictly Necessary Cookies
These cookies are required for core functionality such as:
- authentication
- security
- session management
They cannot be disabled.
b) Analytics (PostHog)
WWe use PostHog to understand how users interact with the Service, including through usage analytics and session recordings, in order to improve functionality, usability, and reliability.
Analytics data is used solely for internal product improvement and operational purposes and is not used for advertising.
Legal basis: legitimate interest
Purpose: improving product usability, performance, and reliability
Where possible, we:
- use aggregation and minimization
- do not use analytics data for advertising
c) Customer Support (Crisp)
We use Crisp to provide customer support and communicate with users.
Legal basis: legitimate interest
Purpose: responding to inquiries, providing support, and improving user experience
5. Legal Bases for Processing
We process personal data under the following legal bases:
- Contract – to provide the Service you requested
- Legitimate interest – to operate, secure, and improve the Service
- Legal obligation – where required by law
You may object to processing based on legitimate interest at any time.
6. Data Storage & Processing Location
Personal data is stored and processed using Microsoft Azure cloud infrastructure.
Primary data storage location:
Germany West Central (European Union)
We take reasonable technical and organizational measures to protect your data.
7. Data Sharing
We may share personal data with:
- payment processors
- infrastructure and hosting providers
- analytics and customer support providers
Only data necessary to provide the Service is shared.
We do not sell personal data.
8. Data Retention
We retain personal data only as long as necessary to:
- provide the Service
- comply with legal obligations
- resolve disputes
- enforce agreements
When data is no longer required, it is deleted or anonymized.
9. Your Rights (GDPR)
If you are located in the EU, you have the right to:
- access your personal data
- correct inaccurate data
- request deletion (“right to be forgotten”)
- restrict or object to processing
- request data portability
To exercise your rights, contact us at support@lectoria.app
10. Security
We implement reasonable technical and organizational security measures to protect personal data against unauthorized access, loss, or misuse.
However, no system is completely secure.
11. Changes to This Policy
We may update this Privacy Policy from time to time.
Continued use of the Service after changes constitutes acceptance of the updated policy.
12. Contact Information
Questions about these Terms?