Privacy policy

Kanjido is a free, non-commercial tool for learning kanji meanings via James W. Heisig's Remembering the Kanji. What follows: what data the product touches, who processes it, how long it stays, and the rights you have.

Controller

Giacomo De Marchi, Italy. Contact: contact@kanjido.app. Kanjido is operated by an individual; no business entity is registered behind it.

What we collect

Sign-in identity. Whichever you use to sign in — Google OAuth, Discord OAuth, or an email magic-link — Kanjido stores the email address linked to that identity, your display name and profile image (only when provided by OAuth), and a record of which provider you used. Your password is never seen, transmitted, or stored: sign-in is handled by the provider you chose or by a one-time link sent to your email.

Authentication metadata. When you sign in, Kanjido stores a session token, its expiration date, and (for security audit) the IP address and which browser/device made the request. These are scoped to your account.

Learning progress. Everything you do inside the product produces data: which kanji you've seen, how mastery has progressed (the 0–10 levels of the SRS algorithm), session-by-session results, daily activity counters, current and longest streaks, and any community-story selections or your own mnemonic writings. This is the substance of the product — without it, Kanjido couldn't remember where you are between visits.

Why we collect it

Sign-in identity, authentication metadata, and learning progress are processed on the basis of contract performance under Article 6(1)(b) of the EU GDPR — without them, Kanjido cannot remember your study between visits, which is what the product offers. The IP-address and browser/device fields kept against session records are processed on the basis of legitimate interests under Article 6(1)(f) — specifically, the maintainer's interest in noticing unusual access; the data is minimal, not used for any other purpose, and balanced against your reasonable expectation that a logged-in session can detect anomalies.

None of this data is used for advertising. None is sold or licensed to third parties. None is used for profiling beyond serving your own learning trajectory back to you.

Anonymous performance and traffic telemetry processed via Vercel Speed Insights and Web Analytics is processed on the basis of legitimate interests under Article 6(1)(f) — the maintainer's interest in monitoring service quality and understanding traffic patterns. Because no personal data is collected by these products, the balancing test against your rights resolves cleanly: there is no individual data to balance.

Kanjido does not engage in automated decision-making that produces legal or similarly significant effects (Article 22 GDPR). The SRS algorithm schedules your own reviews; it makes no decisions about you.

Where processing relies on consent (no current uses, reserved for future features), you may withdraw consent at any time without affecting the lawfulness of prior processing.

Who processes it

Vercel hosts the application. Supabase stores the database. Both are processors acting on the maintainer's instructions, not for their own purposes.

Vercel additionally processes anonymous performance telemetry (Speed Insights — Core Web Vitals: LCP, INP, CLS, FCP, TTFB) and aggregate traffic patterns (Web Analytics — page views, referrers, browser and OS categories, country derived from IP but not stored). No individual visitor tracking, no cookies, no personal data passes through these.

Google and Discord are involved only when you choose to sign in with them. The provider sees the fact that you're authenticating to Kanjido (per their own privacy policies); Kanjido sees only the identity payload they return — email, name, image.

Resend delivers magic-link emails. It sees the recipient address and the link contents during delivery and retains them according to its own policy.

Infisical manages server-side secrets (API keys, database credentials) and never touches user data.

PostHog (EU region) captures application errors so the maintainer can find and fix faults. It receives the error and the diagnostic context attached to it; it is configured for error tracking only — no product analytics, no session replays, and no cookies. Data is retained according to its own policy.

Each processor relies on its own infrastructure providers (their sub-processors). For complete chains, consult each processor's published sub-processor list.

How long we keep it

Account and learning-progress data are kept until you delete your account. Account deletion is on your account page (a one-click delete behind a confirmation) and is irreversible: all per-user records cascade from the user record.

Session tokens last seven days by default, refreshable on activity. Magic-link tokens expire ten minutes after they are sent, whether they have been clicked or not. IP-address and browser/device fields on session records share the session's lifetime.

Server logs are retained by Vercel per its own infrastructure policy; the maintainer keeps no separate application-level logs.

Cookies and local storage

Kanjido uses no third-party tracking cookies, no advertising trackers, and no cross-site analytics. The only client-side state stored on your device:

  • A session cookie (HttpOnly, managed by the authentication system) that keeps you signed in.
  • A single localStorage flag (hasAlreadySignedIn) that the sign-in page uses to choose between “welcome” and “welcome back” wording — a one-bit UX hint, not cross-device tracking.
  • Transient sessionStorage used during a study session to remember which kanji you have seen mid-batch. Cleared when the session completes.

Your rights

Under EU GDPR (your equivalents under UK GDPR, CCPA, and LGPD), you have the rights to:

  • Access — request a copy of the data Kanjido has about you.
  • Deletion — remove your account and all associated data. Available without contact on your account page (one-click delete).
  • Rectification — correct inaccurate personal data. Most user-facing fields (name, email) are managed by the OAuth provider you signed in with; correct them there. Reach out for anything else.
  • Portability — receive your learning progress in a machine-readable format. Not currently self-serve; reach out to request it.
  • Restriction or objection — limit specific uses of your data or object to processing. Reach out to discuss.
  • Withdraw consent — where processing relies on consent (no current uses, reserved for future features), withdraw at any time.
  • Complaint— lodge a complaint with your country's data protection authority. (Italian users: the Garante per la protezione dei dati personali, garanteprivacy.it; other EU/EEA visitors can find their authority via the European Data Protection Board.)

How to exercise them

Email contact@kanjido.app describing what you'd like. Most requests are answered within a week; the most complex (data-export builds) within thirty days.

For deletion you don't need to email — your account page has a self-serve delete.

International transfers

Your database is hosted by Supabase in Stockholm, Sweden — account and learning-progress data are stored in the EU. The application's serverless functions run on Vercel in Washington, D.C., USA, and access the Stockholm database for each request. Under EU GDPR, this access constitutes a transfer to the United States; Vercel operates under standard contractual clauses and the EU-US Data Privacy Framework (the EU's adequacy mechanism for transfers to the US). Sign-in providers (Google, Discord) and the email-delivery processor (Resend) operate globally per their own policies.

Children

Kanjido is for users 13 and older (14 for users in Italy, per Italy's privacy code). If you are between that floor and the age of online consent in your country, local law may require parental or guardian consent. Personal data is not knowingly collected from anyone below the applicable age.

Changes to this policy

Material updates — new processors, new data categories, new sharing arrangements — are reflected here when they happen. The effective date below shifts with each change. Where a material change adversely affects your rights, the maintainer will use reasonable efforts to notify registered users by email before the change takes effect. Significant updates sit at the top of this page for a while.

Effective: 14 May 2026.