Privacy Policy

Last updated: 2026-07-10

1. Introduction

At Hend, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our language learning application and website (collectively, the “Service”).

We prioritize data minimization, local-first technology, and access controls to protect your privacy. Please read this Privacy Policy carefully. By using Hend, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Learning Data

Hend uses a local-first relational database. Reads and writes normally happen against a local database on your device first and are synchronized with Jazz Cloud in the background. Learning data includes:

Jazz synchronizes this data with its trusted server infrastructure to provide durability and cross-device access. Jazz does not provide system-wide end-to-end encryption. The sync server processes row data to evaluate queries, apply permissions, and synchronize authorized records. See Section 4 for details.

If you use Hend’s sharing features, the content snapshot you choose to share is stored with public read access. Disabling a share removes ordinary access through Hend’s interface but does not change the underlying Jazz read permission. Deleting a snapshot removes it from ordinary live queries, but Jazz may retain its row history. Treat shared snapshots as public information and assume that recipients may keep copies.

2.2 Account Information

When you register for an account, we process the following through our authentication provider, Clerk:

We do not collect your name, phone number, or other personal identifiers unless you provide them voluntarily.

2.3 Payment and Credits Information

For users who purchase credits, payment information is processed by Polar, our Merchant of Record. We do not store your credit card details. We may have access to:

2.4 Usage Metering Data

To manage usage-based features (such as AI generation credits), we record usage events to our payment provider, Polar. These events include:

This data is associated with your customer ID for billing purposes. It does not include the content of your texts, translations, or other learning materials.

2.5 Analytics Data

With your consent, we collect analytics data to improve the Service. Analytics is opt-in - we only collect this data if you accept cookies via our consent banner. Analytics data may include:

When analytics is enabled, your Clerk user ID and email address are used as identifiers in our analytics platform (PostHog) to associate sessions with your account.

2.6 Server Logs and Infrastructure Data

When you use the Hend application, which is hosted on Railway, standard request metadata is collected automatically:

3. How We Use Your Information

We use information to:

4. Data Storage and Security

4.1 Local-First Data Storage

Hend is built on Jazz, a local-first relational database provided by Garden Computing, Inc. In supported browsers, Jazz normally stores the local database in the browser’s Origin Private File System (OPFS). In environments where persistent Jazz storage is unavailable, Hend may use an in-memory database and rely on cloud synchronization instead.

Previously synchronized data may remain available from the local database during a temporary loss of connectivity. Initial loading, authentication, cloud-only features, and synchronization require an internet connection. Browser storage may be cleared by you or by the browser, including under storage pressure. Signing out does not necessarily clear the local database from the device.

4.2 Cloud Data Storage and Synchronization

After you sign in, Hend connects to Jazz Cloud’s sync service. Jazz keeps server-side copies of synchronized rows, row-version history, and files, and sends a device only records requested by its active queries and allowed by its permissions.

Jazz is built around a trusted-server model. Data is not opaque to the Jazz sync server: the server evaluates relational queries and permission policies against synchronized data. Hend does not add field-level or application-level end-to-end encryption to learning data stored through Jazz.

4.3 Authentication and Access Controls

Hend passes a Clerk-issued authentication token to Jazz. Jazz uses the token’s stable user identifier to record authorship and enforce server-side row-level permissions. Most Hend learning-data tables use creator-based policies so signed-in users can read and change their own rows. Content you explicitly share uses broader read permissions.

Authorized Hend backend processes and administrators can use privileged credentials that bypass ordinary user row policies for service operation, billing synchronization, support, security, migrations, and data-rights requests. We restrict access to those credentials and access data only when reasonably necessary for those purposes or when required by law.

Connections to Hend and Jazz Cloud use encrypted HTTPS/WebSocket transport. This transport encryption does not make synchronized data end-to-end encrypted from the service provider.

4.4 Data Retention

Deleting your Hend account removes your authentication account and initiates deletion of the associated Polar customer record. It does not automatically delete user-owned rows or files from Jazz Cloud. Contact us to request logical deletion of active Jazz records and to learn the status of your request. Complete erasure of retained Jazz row history may require provider-level action and cannot currently be guaranteed through Hend’s account-deletion flow. We will explain any technical or legal limitation that affects a deletion request. Certain information may also be retained where required by law, for fraud prevention, to resolve disputes, or in limited backups until they are overwritten.

5. Third-Party Services

We do not sell your personal information. We rely on the following categories of third-party services to operate Hend. Each receives only the data necessary for its function.

5.1 Authentication - Clerk

5.2 Payments - Polar

5.3 Data Synchronization - Jazz (Garden Computing, Inc.)

5.4 Application Hosting - Railway

5.5 Analytics - PostHog

5.6 AI Providers

When you use AI-powered features (text generation, translation, word explanations, etc.), your requests are processed by third-party AI providers. Here is how this works:

OpenRouter (routing layer)

5.7 Text-to-Speech - fal.ai and ElevenLabs

5.8 Web Content Fetching - Jina AI

5.9 YouTube Data - RapidAPI

We may disclose information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).

6. Cookies and Tracking

Hend uses the following storage mechanisms:

We do not use third-party advertising cookies or tracking pixels.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

7.1 Data Control

Because Hend uses a local-first architecture:

8. Children’s Privacy

Hend is not intended for children under 16 (or under 13 in jurisdictions where that is the applicable age). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence, including the United States. We use the following safeguards:

10. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

To exercise these rights, contact us at the address in Section 13.

11. GDPR Compliance

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). Our legal bases for processing are:

You may exercise your GDPR rights (access, rectification, erasure, portability, restriction, objection) by contacting us at the address in Section 13.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of changes by:

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Email: [email protected]

This privacy policy aims to accurately reflect Hend’s current data practices as of the date above. We are committed to updating it as our product and third-party provider landscape evolve.