Kielo Logo

Privacy Policy

Last Updated: October 24, 2025

GDPR Compliance: This Privacy Policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws. Your privacy rights are protected.

1. About Kielo

Service Provider: Erminai Oy

Business ID: 3571359-6

Location: Helsinki, Finland

Contact: connect+privacy@kielo.app

2. Data We Collect

2.1 Information You Provide

  • Email address for account creation and communication
  • Display name for personalization
  • Profile picture (optional)
  • Language learning preferences

2.2 Automatically Collected Data

  • Device information (type, OS version)
  • Usage data (lessons completed, time spent)
  • Performance data for app improvement

2.3 Voice and Conversation Data

  • Voice recordings processed in real-time for speech recognition
  • Conversation transcripts for learning analytics
  • Voice recordings are not permanently stored

3. How We Use Your Data

  • Providing and improving our language learning services
  • Personalizing your learning experience
  • Sending important service updates
  • Analyzing usage patterns to improve features
  • Ensuring security and preventing fraud

4. Legal Basis for Processing

  • Contract Performance: To provide you with our services
  • Legitimate Interests: To improve our services and ensure security
  • Consent: For marketing communications and optional features
  • Legal Obligations: To comply with applicable laws

5. Data Retention

Data TypeRetention Period
Account DataUntil account deletion + 30 days
Learning ProgressUntil account deletion
Voice Recordings24-48 hours (processing only)
Conversation Transcripts2 years or until account deletion

6. Your Rights (GDPR)

EU Residents: You have the following rights under GDPR:

  • Right to Access: Request a copy of your data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data
  • Right to Portability: Receive data in a portable format
  • Right to Object: Object to certain processing
  • Right to Restrict: Limit how we use your data

To exercise these rights, contact connect+privacy@kielo.app

7. Data Security

Security Measures:

  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • Multi-factor authentication
  • Regular security audits
  • 24/7 monitoring

8. Third-Party Services

We use the following service providers:

  • Google Cloud Platform (EU region) for hosting
  • AI speech processing services for voice recognition
  • Email service providers for communications

All third-party providers are GDPR-compliant and have Data Processing Agreements in place.

9. International Data Transfers

Your data is primarily stored in the EU. When transferred outside the EEA, we ensure adequate protection through Standard Contractual Clauses or other approved mechanisms.

10. Contact Us

Privacy inquiries: connect+privacy@kielo.app

General support: connect+support@kielo.app

Response time: Within 30 days for GDPR requests

← Back to Home