Back
This page is a translation. The Chinese version is the official legal text. In case of conflict, the Chinese version prevails.

Privacy Policy

Effective: 2026-04-30

TalkUp is a multilingual phrase helper you can use in 5 seconds before stepping out the door. This policy explains what we collect, why, how long we keep it, who can see it, and how you can delete it.

1. What we collect

  • Account: email (for login links), and optional name / avatar URL returned by third-party sign-in.
  • Preferences: native language, followed destinations, timezone, dark mode / ghost-mode settings.
  • Usage events: which phrase you opened, whether you marked ✓ understood / ✗ didn’t understand / favorited. These events drive phrase ranking and the failure-loop. Events include a de-identified grid cell ID (~100 m precision), not raw coordinates.
  • Location: the latitude / longitude reported by your browser when you open the app, snapped server-side to a ~100 m grid cell ID and discarded. Raw coordinates never enter the database or logs.
  • Error monitoring: when the app throws in the browser or on the server, we send the stack trace and minimal request context to Sentry. Coordinate fields are stripped before they reach Sentry.

2. What we don’t collect

  • Raw GPS coordinates (replaced immediately by the 100 m grid)
  • Device identifiers / advertising IDs
  • Microphone audio, camera images, photo library
  • Contacts, cross-site browsing history

3. How we use it

  • Sign-in and account management
  • Rank phrases by your native language, destination, and current grid cell
  • Aggregate nearby venues regionally — only when at least 5 distinct users have been active in that cell (the privacy threshold is enforced in a database view)
  • Debug production errors

4. Data sharing / processors

We don’t sell your data. We use the following processors to run the service:

  • Supabase (database and auth)
  • Anthropic (Claude API; for AI-generated phrases)
  • Google (Maps JavaScript API; only loaded when you open /explore)
  • Cloudflare (CDN and DDoS protection)
  • Sentry (error monitoring; enabled when configured)

These services may involve cross-border data transfer. We transmit only the minimum fields needed to fulfill each request.

5. Your rights

  • Access / export: tap “Me → Account → Export my data” to download a single JSON file with all your data.
  • Delete: tap “Me → Account → Delete account”; your account, settings, favorites, and destinations are removed immediately. Recorded usage events and phrases you contributed are retained but disassociated from you (used for public statistics).
  • Correct: change your native language / destinations / ghost mode directly under “Me”. For other fields, contact the email below.
  • Object to automated decisions: this service does not make automated decisions that significantly affect you.

Users covered by GDPR / PIPL have the rights above. We respond within 30 days (as required by PIPL Article 50 / GDPR Article 12).

6. Retention

  • Account, preferences, favorites: for the lifetime of your account.
  • Usage events: indefinitely (de-identified, used as public corpus signal).
  • Current grid cell: overwritten on each location refresh; expires after 30 days of inactivity.

7. Security

Passwords are deprecated; sign-in uses one-time email links or Google OAuth. Cookies are httpOnly + Secure + SameSite=Lax. All connections are HTTPS-only. Supabase data is backed up daily, encrypted.

8. Children

This service is not directed at children under 13. If we find an account was created in error, we will proactively delete it.

9. Changes

Material changes are announced at the top of the sign-in page and this page at least 7 days before they take effect.

10. Contact

Data protection: [email protected]