Last updated: 2026-07-10
1. Introduction
At Hend, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our language learning application and website (collectively, the “Service”).
We prioritize data minimization, local-first technology, and access controls to protect your privacy. Please read this Privacy Policy carefully. By using Hend, you consent to the data practices described in this policy.
2.1 Learning Data
Hend uses a local-first relational database. Reads and writes normally happen against a local database on your device first and are synchronized with Jazz Cloud in the background. Learning data includes:
- Language learning progress and spaced repetition data
- Saved words and phrases with translations
- Texts you have imported or generated
- Files you upload and generated media, including images and audio
- Reading statistics (time spent, sessions, completion)
- Application settings and preferences
Jazz synchronizes this data with its trusted server infrastructure to provide durability and cross-device access. Jazz does not provide system-wide end-to-end encryption. The sync server processes row data to evaluate queries, apply permissions, and synchronize authorized records. See Section 4 for details.
If you use Hend’s sharing features, the content snapshot you choose to share is stored with public read access. Disabling a share removes ordinary access through Hend’s interface but does not change the underlying Jazz read permission. Deleting a snapshot removes it from ordinary live queries, but Jazz may retain its row history. Treat shared snapshots as public information and assume that recipients may keep copies.
When you register for an account, we process the following through our authentication provider, Clerk:
- Email address - used for account identification and authentication
- Authentication tokens - managed by Clerk for session management
We do not collect your name, phone number, or other personal identifiers unless you provide them voluntarily.
For users who purchase credits, payment information is processed by Polar, our Merchant of Record. We do not store your credit card details. We may have access to:
- Credit balance and transaction records
- Billing history
2.4 Usage Metering Data
To manage usage-based features (such as AI generation credits), we record usage events to our payment provider, Polar. These events include:
- The type of action performed (e.g., text generation, translation, text-to-speech)
- The AI model used and token counts
- Character counts for audio generation
- Language codes (not the content itself)
- Cost calculations for billing
This data is associated with your customer ID for billing purposes. It does not include the content of your texts, translations, or other learning materials.
2.5 Analytics Data
With your consent, we collect analytics data to improve the Service. Analytics is opt-in - we only collect this data if you accept cookies via our consent banner. Analytics data may include:
- Pages visited and features used
- Error reports and performance metrics
- Device type and browser information
When analytics is enabled, your Clerk user ID and email address are used as identifiers in our analytics platform (PostHog) to associate sessions with your account.
2.6 Server Logs and Infrastructure Data
When you use the Hend application, which is hosted on Railway, standard request metadata is collected automatically:
- IP addresses (which may be truncated or anonymized)
- Request URLs and response status codes
- Performance and error metrics
We use information to:
- Provide, maintain, and improve Hend
- Store and synchronize your learning data across devices
- Process transactions and manage your credits
- Calculate and enforce usage limits for AI-powered features
- Analyze usage patterns to enhance the user experience (with your consent)
- Detect and prevent fraudulent or unauthorized activity
- Provide customer support
- Communicate with you about your account or credit balance
4. Data Storage and Security
4.1 Local-First Data Storage
Hend is built on Jazz, a local-first relational database provided by Garden Computing, Inc. In supported browsers, Jazz normally stores the local database in the browser’s Origin Private File System (OPFS). In environments where persistent Jazz storage is unavailable, Hend may use an in-memory database and rely on cloud synchronization instead.
Previously synchronized data may remain available from the local database during a temporary loss of connectivity. Initial loading, authentication, cloud-only features, and synchronization require an internet connection. Browser storage may be cleared by you or by the browser, including under storage pressure. Signing out does not necessarily clear the local database from the device.
4.2 Cloud Data Storage and Synchronization
After you sign in, Hend connects to Jazz Cloud’s sync service. Jazz keeps server-side copies of synchronized rows, row-version history, and files, and sends a device only records requested by its active queries and allowed by its permissions.
Jazz is built around a trusted-server model. Data is not opaque to the Jazz sync server: the server evaluates relational queries and permission policies against synchronized data. Hend does not add field-level or application-level end-to-end encryption to learning data stored through Jazz.
4.3 Authentication and Access Controls
Hend passes a Clerk-issued authentication token to Jazz. Jazz uses the token’s stable user identifier to record authorship and enforce server-side row-level permissions. Most Hend learning-data tables use creator-based policies so signed-in users can read and change their own rows. Content you explicitly share uses broader read permissions.
Authorized Hend backend processes and administrators can use privileged credentials that bypass ordinary user row policies for service operation, billing synchronization, support, security, migrations, and data-rights requests. We restrict access to those credentials and access data only when reasonably necessary for those purposes or when required by law.
Connections to Hend and Jazz Cloud use encrypted HTTPS/WebSocket transport. This transport encryption does not make synchronized data end-to-end encrypted from the service provider.
4.4 Data Retention
- Local data may remain in browser storage until you clear site data or the browser removes it. Signing out or deleting your account may not remove every local copy from every device.
- Jazz Cloud data includes live rows, soft-deleted rows, and append-only row-version history. Jazz’s ordinary delete operation removes a row from live queries but preserves its history, and its public documentation does not currently expose application-level hard deletion. We therefore do not promise a fixed deletion deadline for retained Jazz row history.
- Account information is retained by Clerk as long as you maintain an active account.
- Payment records are retained by Polar as required by applicable financial regulations.
- Usage metering data is retained by Polar for billing and accounting purposes.
- Analytics data is retained by PostHog as long as your account is active and can be deleted upon request.
Deleting your Hend account removes your authentication account and initiates deletion of the associated Polar customer record. It does not automatically delete user-owned rows or files from Jazz Cloud. Contact us to request logical deletion of active Jazz records and to learn the status of your request. Complete erasure of retained Jazz row history may require provider-level action and cannot currently be guaranteed through Hend’s account-deletion flow. We will explain any technical or legal limitation that affects a deletion request. Certain information may also be retained where required by law, for fraud prevention, to resolve disputes, or in limited backups until they are overwritten.
5. Third-Party Services
We do not sell your personal information. We rely on the following categories of third-party services to operate Hend. Each receives only the data necessary for its function.
5.1 Authentication - Clerk
- Data received: Email address, authentication tokens, session data
- Purpose: User authentication and session management
- Data location: United States
- GDPR: EU-US Data Privacy Framework certified; DPA available
- Privacy policy: clerk.com/legal/privacy
5.2 Payments - Polar
- Data received: Email address, credit transaction data, usage metering events with metadata (action type, model, token/character counts, language codes, costs)
- Purpose: Merchant of Record; payment processing, credit management, and usage-based billing
- Data location: United States (via Stripe for card processing)
- Privacy policy: polar.sh/legal/privacy
5.3 Data Synchronization - Jazz (Garden Computing, Inc.)
- Data received: Learning records, imported and generated text, vocabulary data, settings, files and file chunks, row history and authorship metadata, authentication identifiers, active query information, and connection metadata
- Purpose: Local-first database hosting, row-level permission enforcement, real-time synchronization, cross-device access, file storage, and schema migration
- Important: Jazz uses a trusted-server permission model and does not provide system-wide end-to-end encryption. Jazz Cloud and holders of Hend’s privileged administrative credentials can technically access synchronized data.
- Data location and transfers: Garden Computing’s public Jazz documentation does not currently identify its processing locations or applicable international-transfer mechanism. We are seeking confirmation from the provider. Contact us if you need this information before using the Service.
- Documentation: jazz.tools/docs
5.4 Application Hosting - Railway
- Data received: HTTP request metadata (IP addresses, URLs, headers), performance metrics
- Purpose: Hosting and delivering the Hend application
- Data location: Depends on the selected deployment region; Railway’s services are largely operated in the United States
- Privacy policy: railway.com/legal/privacy
5.5 Analytics - PostHog
- Data received: Page views, feature usage, error reports, device information. When analytics is enabled: Clerk user ID and email address as identifiers
- Purpose: Product analytics and error monitoring
- Data location: European Union (Germany) - we use PostHog’s EU-hosted instance
- GDPR: EU-US Data Privacy Framework certified; SOC 2 compliant
- Consent: Analytics is opt-in. Data is only collected if you accept analytics via the consent banner. You can opt out at any time by clearing your cookie preferences.
- Privacy policy: posthog.com/privacy
5.6 AI Providers
When you use AI-powered features (text generation, translation, word explanations, etc.), your requests are processed by third-party AI providers. Here is how this works:
OpenRouter (routing layer)
- Data received: Text prompts and generation parameters
- Purpose: Routes AI requests to the appropriate language model provider
- Data location: United States
- Important: OpenRouter forwards your prompts to downstream language model providers (such as Anthropic, OpenAI, Google, and others). Each provider has its own data handling practices. OpenRouter states that it does not control downstream providers’ handling of inputs for purposes such as model training.
- Privacy policy: openrouter.ai/privacy
5.7 Text-to-Speech - fal.ai and ElevenLabs
- Data received: Text content to be converted to speech
- Purpose: Generating audio pronunciation and narration
- Data location: United States (fal.ai infrastructure); ElevenLabs processes in US, Netherlands, and Singapore
- Important: ElevenLabs’ privacy policy states that text data may be used for model improvement unless opted out. Since Hend accesses ElevenLabs through fal.ai’s infrastructure, data passes through both providers.
- Privacy policies: fal.ai/privacy, elevenlabs.io/privacy
5.8 Web Content Fetching - Jina AI
- Data received: URLs you provide when importing web content
- Purpose: Fetching and parsing web page content for import into Hend
- Data location: Germany (EU); EU-compliant infrastructure option available
- GDPR: GDPR compliant; SOC 2 audited
- Privacy policy: jina.ai/legal
5.9 YouTube Data - RapidAPI
- Data received: YouTube video URLs and video IDs
- Purpose: Fetching video metadata and transcripts for import
- Data location: United States (RapidAPI); the underlying API provider (yt-api) is a third-party developer hosted on RapidAPI’s marketplace
- Privacy policy: rapidapi.com/privacy
5.10 Legal Requirements
We may disclose information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).
6. Cookies and Tracking
Hend uses the following storage mechanisms:
- Essential browser storage: Jazz normally stores a local database in OPFS. Hend and its providers may also use local storage and essential cookies for preferences, authentication, and consent. These mechanisms are necessary for the Service to function and are not used for advertising.
- Analytics cookies (opt-in): PostHog uses first-party cookies for analytics. These are only set if you accept analytics via the consent banner.
We do not use third-party advertising cookies or tracking pixels.
7. Your Rights and Choices
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request access to the personal information we hold about you.
- Correction: Request correction of inaccurate information.
- Deletion: Request deletion of your account and personal information.
- Data portability: Export your learning data (texts, saved words) via the Data tab in Settings.
- Withdraw consent: Opt out of analytics at any time by clearing your cookie preferences.
7.1 Data Control
Because Hend uses a local-first architecture:
- You maintain direct control over the data stored on your device.
- You can export your learning data at any time via Settings > Data.
- Clearing Hend’s site data removes the local database from that browser and device.
- You can delete your account through your account settings, which removes your Clerk account and initiates deletion of your Polar customer record. Any unused credits are forfeited upon deletion.
- Account deletion does not clear local databases on other devices or automatically delete user-owned Jazz rows and files. Clear Hend’s site data on each device and contact us to request logical deletion of active Jazz records.
- Jazz soft deletion preserves row history. Complete erasure of that retained history is not currently available through Hend’s account-deletion flow; we will explain the available provider-level options and any limitation when responding to your request.
8. Children’s Privacy
Hend is not intended for children under 16 (or under 13 in jurisdictions where that is the applicable age). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.
9. International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence, including the United States. We use the following safeguards:
- Transport security and access controls protect data while it is transmitted and restrict ordinary user access. Jazz synchronized data is not end-to-end encrypted from the service provider.
- Transfer safeguards depend on the provider and may include adequacy decisions, participation in the EU-US Data Privacy Framework, Standard Contractual Clauses, or another lawful mechanism.
- Garden Computing’s public Jazz documentation does not currently state Jazz Cloud’s processing locations or transfer mechanism. We are seeking confirmation from the provider; contact us for the latest available information.
- Our analytics provider (PostHog) operates from EU-based servers (Germany).
10. California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect and how it is used
- Request deletion of your personal information
- Opt out of the sale of personal information (we do not sell personal information)
- Not be discriminated against for exercising your rights
To exercise these rights, contact us at the address in Section 13.
11. GDPR Compliance
For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). Our legal bases for processing are:
- Contract performance - processing necessary to provide the Service (authentication, data sync, payment processing)
- Consent - analytics data collection (opt-in via cookie banner)
- Legitimate interests - security monitoring, fraud prevention, error tracking
- Legal obligations - financial record keeping
You may exercise your GDPR rights (access, rectification, erasure, portability, restriction, objection) by contacting us at the address in Section 13.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of changes by:
- Posting the updated policy and revising the “Last Updated” date
- For significant changes, providing notice through the application or via email
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at:
Email: [email protected]
This privacy policy aims to accurately reflect Hend’s current data practices as of the date above. We are committed to updating it as our product and third-party provider landscape evolve.