Amigoo

Privacy

Privacy policy

Effective date: 1 January 2026 · Last updated: 17 May 2026

This Privacy Policy explains how Amigoo Ltd ("Amigoo", "we", "us", "our") collects, uses, discloses and protects personal data when you use www.amigoo.co.uk, amigoo.co.uk and the Amigoo applications (together, the "Service"). It applies to learners, prospective customers and website visitors.

Amigoo Ltd is the controller of your personal data under the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and, where applicable, the EU GDPR.

1. Data we collect

  • Account data: email, password hash, display name, target language(s), level, time zone.
  • Conversation data: messages you send to AI characters, voice notes, character replies, saved words, lesson and challenge progress, mistakes and confidence scores used to personalise practice.
  • Usage data: device type, browser, IP address, app version, pages visited, features used, error logs.
  • Payment data: billing email, subscription tier, transaction IDs. Card details are handled directly by Stripe — we do not store full card numbers.
  • Communications: support tickets, survey responses and emails you send us.

2. How we use your data

We process personal data for the following purposes and lawful bases under UK/EU GDPR:

  • Providing the Service — running chats, lessons, challenges and saved-word memory (contract).
  • Personalising learning — using your mistakes, level and confidence scores to adapt AI responses (contract / legitimate interests).
  • Account security and fraud prevention (legitimate interests, legal obligation).
  • Billing and tax (contract, legal obligation).
  • Improving the Service — aggregated analytics and quality reviews (legitimate interests, consent where required).
  • Marketing — product updates, tips and offers (consent; you can unsubscribe at any time).

3. AI processing

Your messages are sent to large language model providers via the Lovable AI Gateway in order to generate character replies. We instruct our AI providers not to use your content to train their foundation models and we apply technical measures to minimise the data shared with them. We retain conversation history within your account so the characters can remember you across sessions — you can delete chats at any time inside the app.

4. Sharing your data

We share personal data only with carefully selected processors and partners, including:

  • Supabase — hosting, authentication, database and file storage.
  • Stripe — payment processing and subscription management.
  • Google / OpenAI and other model providers (via Lovable AI Gateway) — generating AI responses.
  • ElevenLabs — text-to-speech for character voices, where you enable audio.
  • Analytics and error-monitoring providers — to keep the Service reliable.

We may also disclose data when required by law, to enforce our Terms, to protect rights or safety, or in connection with a corporate transaction (with appropriate safeguards).

5. International transfers

Some of our processors are located outside the UK / EEA. Where this is the case we rely on adequacy decisions or appropriate safeguards such as the UK International Data Transfer Addendum and the EU Standard Contractual Clauses, combined with technical and organisational measures.

6. Retention

  • Account and conversation data — while your account is active and for up to 24 months after closure.
  • Billing records — 7 years to meet UK tax and accounting obligations.
  • Support communications — up to 3 years.
  • Server and security logs — typically 30–90 days.

7. Your rights

Subject to applicable law you have the right to access, correct, delete, restrict or object to the processing of your personal data, to request portability of your data, and to withdraw consent at any time without affecting the lawfulness of prior processing. To exercise these rights email privacy@amigoo.co.uk. You also have the right to complain to a supervisory authority, including the UK Information Commissioner's Office (ico.org.uk).

8. Children

Amigoo is not directed at children under 13 (or under 16 in some jurisdictions). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.

9. Security

We use TLS in transit, encryption at rest, row-level access controls, least-privilege access for staff and routine security reviews. No system is perfectly secure, but we work hard to protect your data and will notify you and the relevant authorities of any qualifying breach without undue delay.

10. Changes

We may update this policy from time to time. Material changes will be notified in-app or by email. Continued use after the effective date constitutes acceptance of the updated policy.

11. Contact

Amigoo Ltd · United Kingdom · privacy@amigoo.co.uk