Privacy Policy
Last updated: June 2026
1. Who we are
Mundoo is a language learning app developed and operated by Michiel Van Tilborg, based in Amsterdam, the Netherlands. For the purpose of EU data protection law, Michiel Van Tilborg is the data controller for personal data processed through the Mundoo app.
For any privacy-related questions, reach us at privacy@mundoo.ai.
2. What data we collect and why
Account data. When you sign in via Apple or Google, we receive your email address and display name. We use this solely to identify your account. Legal basis: contract performance.
Learning data. We store your progress through lessons, session history, vocabulary lists, and CEFR level. Without this, Mundoo can't remember where you left off or adapt to your level. Legal basis: contract performance.
Personal facts you share. During conversations with your tutor, you may share personal details — your name, where you live, your job, hobbies. Mundoo stores a curated set of these so future conversations feel coherent and your tutor remembers what you've told them. You can view and delete these from your profile at any time. Legal basis: legitimate interest.
Voice recordings. When you use hold-to-speak, your voice is sent to OpenAI's Whisper API for transcription. The transcribed text becomes your message. We do not store the raw audio — it is processed in real time and discarded immediately. OpenAI does not use API-submitted audio to train their models. Legal basis: contract performance.
Chat history. We store your conversation history so sessions feel continuous. A rolling window of recent turns is sent to Anthropic's Claude API to generate tutor responses. Anthropic does not use API-submitted data to train their models. Legal basis: contract performance.
Nightly anonymisation. Each night, an automated process strips personally identifiable information from older session logs, replacing them with anonymised identifiers. This limits the period during which raw personal data exists in our systems. Aggregated, anonymised data may be retained indefinitely for product improvement.
Device and usage data. We collect minimal technical data (device type, OS version, crash reports) to keep the app stable. We do not run advertising analytics or third-party trackers.
3. Who we share data with
We use a small number of sub-processors to operate the service, sharing only what is necessary for each to do their job.
| Sub-processor | Purpose | Location |
|---|---|---|
| Supabase | Database and authentication | EU (AWS eu-west-1) |
| Railway | API server hosting | US |
| Anthropic | AI tutor responses (Claude API) | US |
| OpenAI | Voice transcription (Whisper API) | US |
| ElevenLabs | Tutor voice synthesis (TTS) | US |
| Apple / Google | Sign-in authentication | US |
| Vercel | Website hosting | US / global CDN |
For transfers to the US, Anthropic, OpenAI, ElevenLabs, and Railway operate under Standard Contractual Clauses or equivalent mechanisms that provide adequate data protection under EU law.
We do not sell your data. We do not share your data with advertisers.
4. How long we keep your data
| Data type | Retention period |
|---|---|
| Account data | Until you delete your account |
| Learning progress and vocabulary | Until you delete your account |
| Personal facts | Until you delete them or your account |
| Voice recordings | Not stored — discarded immediately after transcription |
| Raw session logs | Anonymised nightly; raw data retained max 30 days |
| Anonymised session data | Indefinitely, for product improvement |
5. Your rights (GDPR)
If you are in the EU or EEA, you have the following rights regarding your personal data:
- Access Request a copy of the personal data we hold about you.
- Correct Ask us to fix inaccurate or incomplete data.
- Delete Request deletion of your account and associated personal data.
- Port Receive your data in a machine-readable format.
- Restrict Ask us to limit how we process your data in certain circumstances.
- Object Object to processing based on legitimate interest.
- Withdraw Withdraw consent at any time where processing is based on consent.
To exercise any of these rights, contact us at privacy@mundoo.ai. We will respond within 30 days.
Delete account in-app. You can delete your account directly from the app's profile screen. This permanently removes your account, progress, personal facts, and conversation history.
You also have the right to lodge a complaint with the Dutch Data Protection Authority: autoriteitpersoonsgegevens.nl.
6. Children
Mundoo is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, contact us at privacy@mundoo.ai and we will delete it promptly.
7. Security
We use industry-standard security measures including encrypted connections (TLS), row-level security on our database, and access controls limited to what the service requires. No system is perfectly secure — if you have a security concern, contact us at privacy@mundoo.ai.
8. Changes to this policy
We may update this policy as the app evolves. If we make material changes, we'll notify you via the app or email. The "last updated" date at the top reflects when changes were last made.
9. Contact
Michiel Van Tilborg
Amsterdam, Netherlands
privacy@mundoo.ai