Privacy Policy
Hebrew Hero ("we," "our," or "us") is a Hebrew language-learning app built for individual learners. This Privacy Policy explains what information we collect, how we use it, and the choices you have.
If you have any questions, email us at support@hebrew-hero.com.
1. Who we are
Hebrew Hero is operated by Charles Scheibler, an individual developer. We are not a corporation. We do not have an advertising business. We do not sell user data to third parties. We do not have employees, contractors, or partners with access to your personal data beyond what is strictly required to run the service.
The app is distributed worldwide through the Apple App Store (iOS) and the Google Play Store (Android, when available).
2. Information we collect
2.1 Information you provide directly
- Account email address. If you create an account (rather than using Guest mode), we store the email address you sign up with so you can sign back in across devices and recover your progress. We use Firebase Authentication, provided by Google, to handle sign-in. Your password is hashed by Firebase and we never see or store the plain-text version.
- Apple Sign-in token. If you choose Sign in with Apple, Apple shares a unique identifier and (optionally) your email with us. We use that identifier the same way we use email-based identifiers — to sync your progress across devices.
2.2 Information you generate while using the app
- Learning progress. We store the words you've practiced, the lessons you've completed, your daily streak, your daily-goal preferences, and your speaking-drill history. This information is essential to delivering the personalized lesson path the app exists to provide.
- Pronunciation audio. When you use the speaking- drill feature, we send your voice recording to our server for pronunciation analysis. The audio is processed in real-time and is not stored after analysis completes. We retain only the resulting score and any words flagged as missed, not the recording itself.
- AI-generated content. When the app generates personalized stories using your vocabulary, the prompt (including your known-words list) and the generated story are sent to Google Gemini. Gemini may retain the prompt and response per Google's own retention policy (see Section 4). We store the generated story locally and in your account so you can re-read it.
2.3 Information collected automatically
- Device information. Your operating system version, app version, and a randomly-generated device identifier are included with crash reports and API requests so we can correlate issues across deployments.
- Subscription status. If you purchase a Premium subscription, we use RevenueCat to verify your subscription with the App Store / Play Store. RevenueCat receives an anonymized user ID — not your email or any personal identifier — and your subscription state.
We do not collect your contacts, photos, calendar, location, or any other on-device data outside the app.
3. How we use information
We use the information described above only to:
- Provide the Hebrew Hero service (deliver lessons, track progress, voice playback, pronunciation feedback, AI story generation).
- Sync your progress across devices so signing in on a new phone restores your streak and lesson history.
- Verify and process Premium subscriptions.
- Diagnose and fix crashes and API errors.
- Respond to support requests sent to support@hebrew-hero.com.
We do not:
- Sell or rent your data to third parties.
- Use your data for advertising or behavioural profiling.
- Track you across other apps or websites.
- Share your learning progress with other users.
4. Third-party services we use
Hebrew Hero relies on a small set of infrastructure providers to deliver the service. Each provider has its own privacy policy that governs how they handle the data we send them:
| Provider | Purpose | What they receive |
|---|---|---|
| Google Firebase | Authentication + cloud sync of your progress | Email, hashed password, your progress data |
| Google Gemini | AI-generated story, lesson, and conversation content | Vocabulary + the prompt for each request |
| Microsoft Azure Speech | Text-to-speech for native Hebrew voice playback | The text to be spoken (no personal data) |
| Upstash Redis | Caching of daily slang content | Slang IDs and dates (no personal data) |
| RevenueCat | Subscription verification | Anonymized user ID + subscription status |
| Railway | Hosting our backend API | Whatever is in API requests (text, voice for analysis) |
If any of these providers materially change their terms or are replaced by an equivalent service, we will update this policy.
5. Data retention
- Account data and progress: retained for as long as you have an account. When you delete your account from within the app (Settings → Account → Delete Account), we erase all server-side data associated with your account within 30 days.
- Pronunciation audio: not retained beyond the seconds needed to analyze it.
- Generated content cache: held in Upstash with a 36-hour expiry per item.
- Crash reports and API logs: retained for 90 days for debugging.
- Local on-device data: removed when you delete the app or use the Reset Progress option in Settings.
6. Your rights
You can, at any time:
- Export your data: contact support@hebrew-hero.com and we will provide a JSON export of your account data within 30 days.
- Delete your account: tap Settings → Account → Delete Account. This is permanent.
- Disable notifications, reduce data collection: most permissions can be toggled in Settings (notifications, audio playback, optional tracks).
- Withdraw consent: stop using the app and delete your account. You can also continue using the app in Guest mode, which stores data only on your device and does not sync to our servers.
Residents of the EU/EEA have additional rights under GDPR (access, rectification, erasure, restriction, portability, objection). Email support@hebrew-hero.com to exercise any of these.
California residents have similar rights under the CCPA. We do not sell personal information as defined by the CCPA.
7. Children's privacy
Hebrew Hero is not designed for children under 13 and is rated 4+ on the App Store because the content (Hebrew vocabulary, cultural notes) is age-neutral, not because it's specifically targeted at young children. We do not knowingly collect personal information from children under 13. If you are a parent and believe your child under 13 has provided us with personal information, please email support@hebrew-hero.com and we will delete the account.
8. Data security
We use HTTPS for all API communication. Authentication tokens are stored using the platform's secure storage (iOS Keychain, Android KeyStore). Server-side, secrets and API keys are stored in our hosting provider's encrypted environment-variable store and are never written to logs.
We are a small operation and do not claim to be invulnerable to breaches. If we become aware of a security incident affecting your data, we will notify you within 72 hours via email.
9. International transfers
Our servers and the third-party services we use are hosted primarily in the United States and the European Union. By using Hebrew Hero, you understand your data may be transferred to and processed in these locations.
10. Changes to this policy
When we materially change this policy, we will update the "Last updated" date at the top and (for material changes) notify you in-app. Continued use of the app after a change means you accept the updated policy.
11. Contact
For any privacy-related question or request, please contact: support@hebrew-hero.com
We aim to respond within 5 business days.