Privacy Policy

1. Information We Collect

To provide a core AI-powered language learning experience, we collect the following information:

  • Account Information: When signing in via Google OAuth, we obtain your email address, name, and avatar for identification and personalization.
  • User-Generated Content: Including generated reading materials, saved translation notes, learning progress, and custom prompts.
  • Service Configuration: Third-party API keys (e.g., Gemini Key) and service account files you voluntarily provide to drive the core AI features.

2. Google API Data Policy

Over Hill strictly complies with the Google API Services User Data Policy.

Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We will never use this data for advertising, sell it to third parties, or transfer it to unrelated services without your explicit authorization.

3. How Information is Used

Your information is processed only for the following purposes:

  • Authentication: Ensuring your learning records and private keys are securely accessible only by you.
  • AI Services: Sending requests to LLMs (like Gemini) to generate content, translate, or perform text-to-speech tasks.
  • Localization: Adjusting the interface language based on your preferences.
  • Optimization: Analyzing system crashes and improving the performance of generation and playback services.

4. Data Security & Protection

We take data security seriously and have implemented multiple layers of protection:

  • Row-Level Security (RLS): Sensitive configurations like API keys are isolated and protected by Supabase RLS, accessible only by the owner.
  • Encryption: All communication with servers and third-party AI interfaces is encrypted via HTTPS/TLS.
  • Minimization: We only store data necessary for application functionality and do not record biometric or other highly sensitive personal data.

5. Cookies & Local Storage

We use necessary cookies and local storage to save your login session, cached voice settings, and interface preferences to improve response times.

6. Your Rights & Data Withdrawal

You have full control over your data:

  • Access & Correction: You can view and update your API configurations at any time in the Settings Center.
  • Deletion: If you wish to delete your account and all associated data permanently, please contact our support.

We may update this Privacy Policy from time to time. Significant changes will be announced via in-app notifications.
Last Updated: March 1, 2026