Privacy Policy

Last updated: February 26, 2026

This policy explains what Lecture Processor stores and how that data is used. This document is an operational baseline for a student-run project and should be reviewed by qualified legal counsel before public/commercial launch.

1. Who This Applies To

This policy applies to your use of Lecture Processor, including the website, dashboard, study library, planner, and related features.

2. Service Operator

Lecture Processor is operated by the project owner/maintainer (the "operator"). The operator determines how data in this app is processed and is the contact point for privacy requests.

3. Data We Collect

Depending on how you use the service, we may collect:

Account and sign-in data (for example email address, user ID, sign-in provider) through Firebase Authentication.
Uploaded files and generated learning content (such as PDFs, audio files, transcripts, notes, flashcards, and practice questions).
Study organization and progress data (such as folders, study packs, card states, goals, and planner entries).
Purchase and credit data (for example bundle purchased, amount, currency, and Stripe session ID).
Operational and security logs (for example processing job logs, error details, rate-limit events, and high-level event telemetry).

4. How We Use Data

We process personal data to:

Provide core features (file processing, study tools, credits, and account access).
Maintain service reliability, security, abuse prevention, and debugging.
Operate payment workflows and purchase history records.
Improve product quality using aggregated operational metrics.

5. Legal Bases (EEA/UK-style Summary)

Where applicable, we process data under one or more of these bases:

Contract/performance: to provide requested features and account functionality.
Legitimate interests: to secure, monitor, and improve service reliability.
Consent: where a specific feature requires permission (for example browser notifications).
Legal obligations: to keep records where required by law.

6. Third-Party Processors

Lecture Processor relies on service providers that process data on our behalf, including:

Google Firebase (authentication and database services).
Google Gemini API (AI processing of uploaded materials and prompts).
Stripe (payment checkout and transaction processing).
Sentry (error monitoring), when configured.

7. Uploads, Audio, and Transcript Handling

Uploaded files are processed to generate study outputs.
For packs with playback features enabled, a processed audio file may be stored so playback and notes-to-audio sync can work.
Audio/transcript data can be removed by deleting the study pack or deleting the account.

8. Payments

Card details are processed by Stripe and are not stored on Lecture Processor servers. We store purchase metadata required for crediting, support, accounting, and fraud prevention.

9. Data Retention

We retain data for as long as reasonably necessary to provide the service and meet legal obligations. Retention can vary by data type:

Generated study packs and user study data are retained until removed by the user or by administrative cleanup.
Temporary processing files are intended to be removed after processing completes.
Stored study-pack audio files are removed when the corresponding pack or account is deleted (subject to technical failures).
Purchase/accounting records may be retained longer where required for legal, tax, audit, or fraud-prevention obligations.

10. Security

We use access controls, authentication checks, and server-side validation to reduce unauthorized access and abuse. No online system is fully risk-free, so absolute security cannot be guaranteed.

11. International Processing

Your data may be processed in countries where our infrastructure providers operate. Those transfers are handled through provider contractual safeguards where applicable.

12. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or export personal data, and to object to certain processing activities.

You can request a self-service export or account/data deletion from the dashboard user menu when signed in.

13. Requests and Contact

For privacy requests (access, deletion, export, correction), contact: Nord-Security-account@proton.me.

14. Local Storage and Browser Data

The app may use browser storage (for example localStorage) to keep UI preferences and cached study state. Clearing browser data may remove locally cached values.

15. Children

This service is intended for students and adult learners and is not designed for children under the age required by applicable law in your region.

16. Changes to This Policy

We may update this page when product behavior or legal requirements change. Material changes should be reflected by an updated date above.