Privacy Policy

• We collect the minimum needed to operate the Service.
• We do not sell your data, ever.
• We do not use your uploads or study content to train AI models.
• You can export everything as JSON and delete your account at any time from the Settings page.

Account information. When you sign up we record your email address and (via Clerk) any profile details you choose to provide. We assign you a Clerk user ID which we use as the primary key for everything you create.

Content you upload or create. Images you capture, text you paste, kanji and vocabulary added to your library, sentences generated for your review sessions, your review history, and your difficulty ratings.

Subscription information. If you start a paid subscription, Stripe stores your billing details. We store your Stripe customer and subscription identifiers, the current subscription status, the price you are on, the current period end, and trial end. We never receive or store your full card number.

Operational logs. We log per-request AI usage (model name, input/output token counts, estimated cost, timestamp) so we can enforce per-user and global cost limits. These logs include your user identifier and a hashed IP address; we never store the raw IP. AI usage records may be retained after account deletion in anonymized form (your user identifier is detached) so that cost analytics remain accurate over time.

Error reports. When the application crashes, we send the error message, stack trace, and request metadata to Sentry. Sentry receives an anonymous user identifier so we can correlate errors per user, but not your email or content.

Issue reports. If you submit a report via the "Report this issue" button, we record the report category, your note, your user agent, and (when applicable) the identifier of the source image you were working with.

We do not use third-party analytics or advertising trackers. If we add product analytics in the future (e.g. PostHog), we will update this Policy and disclose it in-app before turning it on.

• To operate the core learning loop (extract, store, review).
• To bill you, if you are a paid subscriber, and to honor your cancellations and refunds.
• To send transactional email: welcome, billing receipts, payment failures, study reminders, and (for Pro) session recap emails.
• To enforce free-tier limits and protect the Service from abuse, including AI cost limits and per-IP throttles.
• To debug crashes and fix bugs (via Sentry error reports).
• To contact you about substantive changes to the Service, Terms, or this Policy.

When you upload an image or paste text, we send it to Anthropic (Claude) to extract kanji, vocabulary, and sentences. When you start a sentence-generation request, we send a small payload describing the target items to Anthropic for generation.

We do not train AI models on your uploads or generated content. We use third-party AI providers for some features. The providers we use today do not train this kind of data. Provider terms can change over time, and we may switch providers; if a change materially affects how your content may be used, we will update this Policy as soon as we can.

Free tier images. Deleted from Uploadthing after extraction completes. The extracted kanji, vocabulary, and sentences remain in your library.

Pro tier images. Retained while your subscription is active so that you can re-extract or browse history. Deleted shortly after subscription cancellation or account deletion.

Library, review history, generated sentences. Retained as long as your account is active. Preserved across Pro cancellation so you do not lose progress if you resubscribe.

Billing records. Subscription history and invoices are retained for as long as required by tax and accounting law (typically 7 years), even after account deletion. These records do not include your library content.

AI usage events. Retained indefinitely in a form that may be detached from your account on deletion. Used only for cost analytics and circuit-breaker enforcement.

You can export all your data as a JSON file from Settings → Export data.

You can delete your account from Settings → Delete account. Deletion permanently removes your account record, library, sentences, review history, source images, and subscription record from our active systems. Cascade deletion runs immediately. Stripe and Uploadthing retain copies according to their own retention windows; see their privacy policies linked below.

If you reside in a jurisdiction with applicable data-protection law (e.g. GDPR, UK GDPR, CCPA), you may have additional rights including access, correction, portability, restriction of processing, and objection. To exercise these rights, email support@kanjikatch.com.

The Service relies on the following third parties to operate. Each link below points to their own privacy policy.

If we change subprocessors in a way that materially affects how your data is processed, we will update this list and notify active users by email.

We use a minimal set of strictly-necessary cookies for authentication (set by Clerk) and session security. We do not use advertising or cross-site tracking cookies. If we add optional analytics in the future, we will surface a cookie disclosure and an opt-out before doing so.

The Service is not directed to children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has signed up, email support@kanjikatch.com and we will delete the account.

All data is transmitted over HTTPS. Database credentials and API keys are stored as encrypted environment variables. Authentication is handled by Clerk. Payment data is handled by Stripe. No system is perfectly secure; if you discover a vulnerability, please report it to support@kanjikatch.com.

We may update this Policy from time to time. If a change is material, we will notify active users by email at least 14 days before it takes effect. The "Effective" date at the top of this page reflects the current version.

Privacy questions or requests? Email support@kanjikatch.com.