Privacy Policy

We use your information to:

• Provide Core Features: Analyze your saved content (GitHub Stars, YouTube videos, bookmarks) to detect learning addiction patterns
• Personalization: Generate personalized learning paths and project recommendations
• Duplicate Detection: Identify duplicate content across platforms to help you declutter
• Progress Tracking: Monitor your recovery progress and project completion
• Focus Mode: Block distracting websites during focus sessions (via Chrome Extension)
• Communication: Send important service updates and security notifications
• Improvement: Analyze aggregate usage patterns to improve our service

We implement industry-standard security measures:

• Encryption: All OAuth access tokens are encrypted at rest using AES-256
• HTTPS: All data transmission uses SSL/TLS encryption
• Database Security: Row-Level Security (RLS) ensures users can only access their own data
• Access Control: OAuth tokens are never exposed to client-side code
• Rate Limiting: API rate limits prevent abuse and unauthorized access

We do NOT sell your personal data.

We may share data only in these limited cases:

• Service Providers: Supabase (database), Vercel (hosting), Stripe (payments) - all under strict data processing agreements
• AI Processing: Anonymous, aggregated data may be sent to Anthropic Claude API for learning path generation (no personal identifiers)
• Legal Requirements: When required by law or to protect our legal rights
• With Your Consent: Any other sharing requires your explicit permission

You have the right to:

• Access: Request a copy of all your data
• Correction: Update or correct your information
• Deletion: Delete your account and all associated data (Settings → Account → Delete Account)
• Disconnect: Revoke OAuth permissions for GitHub, YouTube at any time
• Export: Download your data in JSON format
• Opt-Out: Unsubscribe from marketing emails (service emails cannot be disabled)

• Active Accounts: Data retained as long as your account is active
• Deleted Accounts: All data permanently deleted within 30 days
• OAuth Tokens: Deleted immediately when you disconnect a service
• Analysis Cache: Cached analysis results expire after 24 hours
• Logs: Server logs retained for 90 days for security purposes

We use cookies for:

• Authentication: Supabase session cookies (essential)
• Preferences: Theme, language, dashboard layout
• Analytics: Google Analytics 4 (optional, can be disabled in Settings)

You can disable non-essential cookies in your browser settings or via Settings → Privacy.

For privacy-related questions or requests:

• Email: privacy@learnless.app
• Data Requests: settings@learnless.app
• GitHub Issues: github.com/learnless/learnless

We may update this Privacy Policy from time to time. We will notify you of material changes via:

• Email notification to your registered email
• Prominent notice on our website
• In-app notification

Continued use of LearnLess after changes constitutes acceptance of the updated policy.

LearnLess is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.