Spinlin
Log inSign up
Spinlin
Log in
Sign up

Privacy Policy

Last updated: July 4, 2026

1. Data Controller

Data controller under the General Data Protection Regulation (GDPR) is:

DeDaBe UG (limited liability)
Fürther Str. 64b
90429 Nuremberg, Germany
[email protected]

2. General Information

This privacy policy explains the nature, scope, and purpose of processing personal data within the Spinlin platform.

Spinlin is an AI-powered language learning platform that enables users to practice conversations, receive feedback, and connect with other learners.

3. Types of Data Processed

We process the following types of data:

  • Login data (Google OAuth)
  • Profile information (name, email address, language preferences)
  • Speech and chat transcripts
  • AI-generated analysis and feedback data
  • Usage data (sessions, interactions)
  • Technical data (IP address, browser, device information)

4. Google OAuth

Login is provided via Google OAuth. We receive basic profile data provided by Google (name, email address, profile picture).

Legal basis: Art. 6(1)(b) GDPR.

5. AI Processing

The platform uses artificial intelligence to analyze spoken conversations and generate feedback (grammar, vocabulary, expression).

Processing is carried out by external providers:

  • Anthropic PBC (USA) – Claude AI (claude-haiku-4-5 API)
  • DeepL SE (EU) – translation services
  • Google Web Speech API (USA) – speech recognition (browser-based)

Only text transcripts are processed; audio files are not stored and are deleted immediately after processing.

Legal basis: Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR.

6. Hosting / Infrastructure

Hetzner Online GmbH hosts the platform in Germany.

All data is stored on servers located within the European Union.

7. Error Monitoring

We use Sentry for error monitoring. Technical data such as IP addresses and error logs may be processed.

8. Communication

The platform currently does not send emails.

9. Payment Processing (Stripe)

For paid features (subscriptions and one-time exam purchases), we use the payment provider Stripe Payments Europe Ltd., Ireland.

The following data may be processed:

  • Name
  • Email address
  • Payment details (e.g., credit card, SEPA)
  • Transaction data
  • Billing information

Stripe may transfer data to affiliated companies outside the EU (especially the United States).

Legal basis: Art. 6(1)(b) GDPR (contract performance).

More information: https://stripe.com/privacy

10. Speech Processing

Voice recordings are used exclusively for transcription into text.

  • Audio is not stored permanently
  • Audio is deleted immediately after processing
  • Only text transcripts are stored and analyzed

Processing is done via browser-based APIs (Google Web Speech API or similar services).

11. AI Analysis (Anthropic Claude)

Text transcripts are sent to the AI provider Anthropic PBC (USA) for analysis.

The AI generates:

  • Grammar corrections
  • Vocabulary feedback
  • Improvement suggestions
  • Language performance feedback

This processing is necessary for providing the core platform functionality.

12. Translation Services

For optional translations we use DeepL SE (Germany).

13. Random Partner Matching

The platform randomly connects users for language practice.

  • No manual matching is performed
  • Users cannot choose conversation partners
  • Connection data is used only for the session

14. Friend System

Users may add other users as “friends” after conversations.

  • Friend relationships are stored
  • Enables future interactions between users

15. Data Retention

Stored data includes:

  • Transcripts: stored until account deletion
  • AI feedback: stored until account deletion
  • Friend connections: stored until deletion

Not stored:

  • Audio files (deleted immediately after processing)

16. Cookies & Local Storage

The platform uses only technically necessary cookies for:

  • Login sessions
  • Security
  • User state management

No tracking or marketing cookies are used.

17. International Data Transfers

Data may be transferred to third countries outside the EU, especially:

  • United States (Anthropic, Google)
  • Safeguarded via Standard Contractual Clauses (SCCs)

18. User Rights (GDPR)

You have the following rights:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)

Contact: [email protected]

19. Data Security

We implement technical and organizational measures to protect data against loss, misuse, and unauthorized access.

20. Changes

We reserve the right to update this privacy policy.

Spinlin

Language practice with real people and AI analysis after every call.

Product
How it worksFeaturesPricing
Support
FAQContact
Legal
PrivacyTermsImpressum
Policies
WithdrawalCookiesAI Disclaimer
© 2026 Spinlin — German Learning Platform