Introduction

At Triplenso, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (iOS), website, and related services (collectively, the "Platform"). By using Triplenso, you consent to the practices described in this policy.

Information We Collect

We collect information you provide directly to us, including: your name, email address, username, and password when creating an account; your learning preferences, goals, and daily learning duration when setting up learning plans; profile information such as bio, avatar, and cover image; posts, comments, and media you share through community features; messages and queries in AI coaching conversations; and contact form submissions. When you sign in with Google or Apple, we receive your name and email from those services. We do not access your Google or Apple password.

Information Collected Automatically

When you use our mobile app or website, we automatically collect: device type, operating system version, and device model; push notification tokens (for delivering learning reminders); app state changes (foreground/background) for notification badge management; IP address for security and rate limiting; app usage data, crash logs, and performance metrics. We do not collect precise location data, contacts, or calendar information.

AI Services & Data Processing

Triplenso uses artificial intelligence to generate personalized learning content. When you use AI features, your learning goals, conversation messages, and context are processed by the following third-party AI providers: Google Gemini API for generating exercises, translations, and content enrichment; OpenAI API for learning path generation and personalized content; and Perplexity AI API for resource discovery and validation. These providers process your data according to their own privacy policies. We do not use your conversations to train publicly available AI models, but we may use anonymized, aggregated data to improve our service quality.

File Storage & Uploads

When you upload files through our platform (profile avatars, post images, videos up to 1GB, audio recordings, or documents), these files are stored on Cloudflare R2 cloud storage. Videos exceeding 100MB may be automatically compressed for performance optimization. Supported file types include JPEG, PNG, GIF, WebP, AVIF, HEIC, MP4, MOV, WebM, MP3, WAV, PDF, and common document formats. For information on how Cloudflare handles your files, please review their privacy policy at cloudflare.com/privacy.

Activity & Engagement Tracking

We track your learning activity to provide personalized recommendations and maintain learning streaks. This includes: daily task completion counts and learning duration; streak history and freeze usage; social interactions (posts created, comments, likes, follows, community joins); badge and milestone achievements; and leaderboard rankings. Public activity records are automatically deleted after 90 days, unless they are part of community posts or content you created.

Email Communications

We send transactional and notification emails via our SMTP mail service, including: account verification codes; password reset links; learning reminders and progress updates; and subscription and payment updates. These emails are sent to your registered email address and may include personalized learning data for context.

Payment & Subscription Data

When you subscribe to the Pro plan, your payment is processed by Apple App Store (for iOS in-app purchases) or Polar (for web-based purchases). We collect billing name, email, transaction history, subscription tier, and renewal dates. Payment processors handle your card details directly and are PCI-DSS compliant. We do not store your full credit card numbers. We also maintain a credits system that tracks your credit balance and transaction history for platform features.

How We Use Your Information

We use the information we collect to: provide, maintain, and improve our services; personalize your learning experience and generate AI-powered learning paths; send push notifications about your learning progress and streaks; communicate with you about your account, updates, and support; process payments and manage subscriptions; analyze app usage to improve performance and fix bugs; enforce rate limiting and prevent abuse; process background tasks such as notifications, media compression, and feed updates; and ensure the security of our platform.

Social Features & Public Data

When you use community features, certain data becomes visible to other users. Public profile data includes: name, username, and avatar; bio and location (if provided); follower and following counts; posts, comments, and community participation; learning streak information and badges; and public activity feed. Other users can view and interact with your public content, follow you, and mention you in posts and comments. You can control your profile visibility in Settings.

Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your information with: AI service providers (Google Gemini, OpenAI, Perplexity) for generating learning content; Cloudflare for file storage; payment processors (Apple, Polar) for transactions; SMTP providers for email delivery; law enforcement or government agencies when required by law; and other users only when you choose to make your profile or posts public through community features. All service providers are subject to confidentiality agreements.

Data Retention

We retain your personal information for as long as your account is active. If you request account deletion, we will soft-delete your profile within 30 days and clean up associated data including community posts, conversations, and notification history. However, we retain the following for legal compliance: payment and transaction records for up to 7 years (anonymized where possible); credit transaction history (anonymized with personal details removed); and any data subject to legal holds or law enforcement requests. Anonymized usage data may be retained indefinitely for analytics purposes.

Data Security

We implement appropriate technical and organizational measures to protect your personal information, including encrypted data transmission (TLS/SSL), secure password hashing (bcrypt), JWT-based authentication with short-lived access tokens (15 minutes) and refresh tokens (7 days), HttpOnly cookies for session management, rate limiting on sensitive endpoints, and restricted access controls. However, no method of electronic storage is 100% secure, and we cannot guarantee absolute security.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. When you use AI features, your data is transferred to Google Gemini API, OpenAI API, and Perplexity AI, which process data in the United States. File uploads are stored on Cloudflare R2 infrastructure. If you are located outside the United States, your personal data will be transferred to and processed in the United States. We ensure appropriate safeguards are in place to protect your data in compliance with applicable data protection laws.

Children's Privacy

Triplenso is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@triplenso.com.

Your Rights (GDPR - EU/EEA Residents)

If you are located in the European Union or European Economic Area, you have the following rights under GDPR: right to access a copy of your personal data; right to rectification of inaccurate data; right to erasure (right to be forgotten); right to restrict processing; right to data portability in a machine-readable format; right to object to certain processing activities; and right to withdraw consent at any time. To exercise these rights, contact info@triplenso.com. You also have the right to lodge a complaint with your local data protection authority.

Your Rights (CCPA - California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act: right to know what personal information we collect, use, and disclose; right to delete your personal information; right to opt-out of the sale or sharing of your personal information (we do not sell your data); and right to non-discrimination for exercising your privacy rights. To exercise these rights, contact info@triplenso.com.

App Tracking & Advertising

Triplenso does not track you across other apps or websites for advertising purposes. We do not use Apple's IDFA (Identifier for Advertisers) or participate in ad networks. We do not display third-party advertisements in our app. We do not use any advertising SDKs or sell data to advertisers.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our platform and updating the "Last updated" date. Continued use of the Platform after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at info@triplenso.com. For legal inquiries, contact info@triplenso.com.