Privacy Policy

Last updated: May 2026

1. Who We Are

Lenzo is operated by Timova Labs Ltd ("we", "us", "our"), a company registered in the United Kingdom. We are the data controller responsible for your personal data under the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR).

For any privacy-related questions, you can reach us at hello@lenzo-app.com.

2. Information We Collect

We collect and process the following categories of data:

Data stored locally on your device

The following data never leaves your device unless described otherwise below:

  • Vocabulary cards (words, translations, phonetic guides, context phrases)
  • Photos you take within the app (stored in your device's app sandbox)
  • Learning progress (streaks, pronunciation scores, review history)
  • Roleplay conversation history
  • Your language preferences and app settings

Data transmitted to our servers and third-party services

  • Device identifiers: We generate a unique device ID and customer ID (random UUIDs) stored on your device. These are sent to our backend to authenticate requests. They do not identify you personally but are considered pseudonymous data under GDPR.
  • Images: When you scan an object, the photo is sent to Google's AI services via our servers for object recognition. We do not store these images on our servers — they pass through in transit and are then processed by Google.
  • Audio recordings: When you practise pronunciation, a short audio clip (typically 4–6 seconds) is sent to Google's AI services via our servers for scoring. We do not store these recordings — they are processed by Google and discarded from our servers immediately.
  • Conversation messages: When you use roleplay conversations, your spoken replies and conversation context are sent to Google's AI services to generate responses. These are not stored on our servers.
  • Analytics events: We collect anonymous usage events (e.g., feature usage, scan counts, subscription events) through PostHog. These events are linked to a random anonymous ID, not to your name or email. See Section 5 for details.
  • Subscription data: Purchase and subscription status data is managed by RevenueCat and Apple. See Section 5 for details.
  • Crash reports: If the app crashes, diagnostic data may be collected to help us fix bugs. This does not include your photos, audio, or vocabulary data.

Data we do NOT collect

  • Your name, email address, or contact details (we do not require an account)
  • Your location
  • Your contacts, calendar, or health data
  • Your photo library (we only access the camera, not your saved photos)

3. How We Use Your Information

We process your data for the following purposes and lawful bases:

  • Providing the service (lawful basis: contract performance) — Processing images for object recognition, scoring pronunciation, generating roleplay conversations, managing subscriptions.
  • Improving the app (lawful basis: legitimate interest) — Analysing anonymous usage patterns to understand which features are used and improve the learning experience. You can opt out of analytics — see Section 8.
  • Preventing abuse (lawful basis: legitimate interest) — Using device attestation to verify that requests come from genuine devices.
  • Crash diagnostics (lawful basis: legitimate interest) — Collecting crash reports to identify and fix bugs.

We do not sell your personal data. We do not use your data for advertising. We do not build profiles for marketing purposes.

4. Camera & Microphone Access

Lenzo requests access to your device's camera to photograph real-world objects for vocabulary learning. Microphone access is used for pronunciation practice.

Important: When you take a photo or record audio, that data is transmitted over an encrypted connection (HTTPS) to our backend server, which forwards it to Google's AI services for processing. Our servers do not retain your images or audio after processing. Google processes this data under their own data handling policies (see Section 5). Photos you take are also saved locally on your device as part of your vocabulary cards.

You can revoke camera or microphone access at any time in your device's Settings. The app will not function fully without camera access.

5. Third-Party Services

We share data with the following third-party processors to provide the service:

Google (AI processing)

We use Google's AI services for object recognition, pronunciation scoring, and roleplay conversation responses. When you use these features, your images, audio, and/or text are sent to Google's servers for processing. Google processes this data as a data processor on our behalf. For more information, see Google's Cloud Privacy Notice.

PostHog (analytics)

We use PostHog, hosted in the EU (Frankfurt), to collect anonymous usage analytics. PostHog receives event data linked to a random anonymous ID — not your name, email, or device identifiers. Events include feature usage, scan counts, and subscription interactions. For more information, see PostHog's Privacy Policy.

RevenueCat (subscription management)

We use RevenueCat to manage subscriptions and in-app purchases. RevenueCat receives purchase transaction data from Apple and an anonymous app user ID. For more information, see RevenueCat's Privacy Policy.

Apple App Store (payments)

All payments are processed by Apple through the App Store. We do not receive or store your payment card details. Apple's privacy policy governs how they handle your payment information.

6. International Data Transfers

Our backend servers are hosted on Cloudflare's global edge network. When you use AI-powered features, your data is transmitted to Google's servers, which may be located in the United States or other countries outside the UK/EEA.

Where data is transferred outside the UK/EEA, we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • UK International Data Transfer Agreements (IDTAs) or UK Addenda to SCCs, where applicable
  • Adequacy decisions where they exist

PostHog analytics data is processed and stored within the EU (Frankfurt, Germany).

7. Data Retention

  • Local data (vocabulary, photos, progress): Stored on your device indefinitely until you delete the app or clear the app's data.
  • Images and audio: Transmitted to Google for processing and not retained on our servers. Google's retention policies apply during processing.
  • Device identifiers: Your device ID is retained on our servers for as long as you use the app. You can request deletion by contacting us.
  • Analytics data: Anonymous analytics events are retained by PostHog for up to 12 months, after which they are automatically deleted.
  • Subscription data: Retained by RevenueCat and Apple for as long as required for billing and legal purposes.
  • Crash reports: Retained for up to 90 days for diagnostic purposes.

8. Your Rights

Because Lenzo does not require an account, the only personal data we hold server-side is a random device identifier and anonymous analytics events. Most of your data lives entirely on your device and is under your control. That said, under the UK GDPR and EU GDPR you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your data — remove the app to delete all local data, or contact us to delete your device identifier from our servers.
  • Object to analytics processing or request that we restrict how we use your data.
  • Receive your data in a portable format.
  • Lodge a complaint with the UK Information Commissioner's Office (ico.org.uk) or your local EU data protection authority.

To exercise any of these rights, email hello@lenzo-app.com. We will respond within 30 days.

9. Children's Privacy

Lenzo is designed for language learners of all ages and is rated 4+ on the App Store. We do not knowingly collect personal information from children under 13 (or under 16 in the EEA where applicable).

Because Lenzo does not require an account and does not collect names, emails, or other directly identifying information, children can use the app without providing personal details. However, when using the camera or microphone features, photos and audio are transmitted to Google's servers for processing as described in this policy.

If you are a parent or guardian and have concerns, deleting the app from the device will remove all locally stored data. If you would also like us to delete the associated device identifier from our servers, contact us at hello@lenzo-app.com.

10. Security

We take reasonable measures to protect your data, including:

  • All data transmitted between the app and our servers is encrypted using HTTPS/TLS.
  • Authentication tokens are stored in your device's secure Keychain.
  • Device attestation (Apple App Attest) is used to verify that requests come from genuine devices.
  • Our backend does not persist images, audio, or conversation data.

No method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

11. Changes to This Policy

We may update this privacy policy from time to time. If we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of the app after changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related questions, data requests, or complaints, contact us at:

hello@lenzo-app.com