Your data, in plain English.

Lidini LLC is a software studio registered in Georgia (country), with its principal place of business in Tbilisi. We are the data controller for personal information collected through our websites and the consumer apps we publish.

We only collect what we need to operate and improve our products.

• Account information. When you create an account, we store your email address, a hashed password (or a third-party identifier if you sign in with Apple, Google, or a similar provider), display name, and the date your account was created.
• Content you create. Some of our apps let you create personal content (for example, journal entries, quiz answers, or generated audio in MindPod). This content is stored so the app can function and so you can access it across devices.
• Usage and diagnostics. We collect aggregated, mostly anonymous information about how our products are used: pages visited, features opened, crash reports, and approximate session length. This helps us find bugs and decide what to build next.
• Device information. Operating system, device model, app version, language, and a non-personal device identifier used for diagnostics and abuse prevention.
• Payment information. If you subscribe, the transaction is processed by Apple, Google, Stripe, or a similar payment processor. We do not see or store your full card number. We receive a transaction reference, subscription status, and the country of purchase.

We use the information above for the following purposes:

• Operating our products and providing the features you sign up for.
• Authenticating your account and protecting it from abuse.
• Delivering generated content, such as the personal audio episodes in MindPod.
• Processing subscriptions, refunds, and tax obligations.
• Improving our products through aggregated, de-identified analytics.
• Communicating with you about service changes, security notices, and support requests.

We do not sell your personal information. We do not share your personal content with advertisers, and we do not use your private content to train third-party AI models.

If you are in the European Economic Area or the United Kingdom, we process your information under the following legal bases: performance of a contract (to provide the service), legitimate interests (security, fraud prevention, product improvement), consent (for optional features such as email updates), and legal obligation (tax, accounting, regulatory compliance).

To run our products, we rely on a small set of vetted vendors who process information on our behalf, under written data-processing agreements:

• AI processing. We use third-party AI providers (such as OpenAI, Anthropic, and ElevenLabs) to generate text and audio in specific app features. Where applicable, we use API endpoints with zero data retention or short retention windows. We do not authorize these providers to use your content to train their models.
• Hosting and infrastructure. Cloudflare, Vercel, AWS, and similar providers host our websites, APIs, and stored content.
• Analytics. Privacy-respecting analytics tools (such as Plausible, PostHog, or equivalent) help us understand product usage without building advertising profiles of you.
• Payments. Apple App Store, Google Play, Stripe, and similar processors handle subscriptions and one-time purchases.
• Customer support. Email and ticketing tools we use to respond to support requests.

We keep your information for as long as your account is active. If you delete your account, we delete your personal content within 30 days, except where we are required to retain certain records (for example, financial transactions for tax purposes, which are kept for the period required by Georgian law). Backups are rotated on a schedule and any residual copies are purged within 90 days.

We use TLS in transit, encryption at rest for stored content, scoped access controls for our team, and regular review of vendor security posture. No system is perfectly secure, but we treat your data with the level of care we would want for our own.

Depending on where you live, you may have the right to access, correct, export, or delete your personal information; to object to or restrict certain processing; and to withdraw consent. Residents of California (under the CCPA / CPRA) have the right to know what personal information we collect, to request deletion, to opt out of any "sale" or "sharing" of personal information (we do not sell or share personal information as those terms are commonly understood), and to be free from discrimination for exercising these rights.

To exercise any of these rights, email privacy@lidini.com from the address associated with your account, or use the in-app data export and deletion tools where available. We respond within 30 days.

Our products are not directed to children under 13 (or under the age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

We are based in Georgia and our service providers operate globally. When personal information is transferred outside your country, we rely on appropriate safeguards (such as Standard Contractual Clauses where applicable) to protect it.

We may update this policy as our products evolve or the law changes. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you in the app or by email.

For privacy questions or to exercise your rights, write to privacy@lidini.com or by post to: Lidini LLC, Tbilisi, Georgia.