Skip to main content
Neurako
Start free
Legal Framework

Privacy Policy

At Neurako, we view privacy not merely as a regulatory requirement, but as a fundamental cornerstone of human intellectual freedom. This policy explains how we handle your data.

01. Introduction

Neurako (“we”, “our”, or “us”) operates the Neurako mobile applications (iOS and Android) and the web application at app.neurako.com. This Privacy Policy describes how we collect, use, and protect information about you when you use our services.

We treat your data with the same care you give to your own intellectual work — with respect, discretion, and purpose. We collect only what we need, retain it only as long as necessary, and never sell it to third parties.

Last updated: March 2026. If we make material changes, we will notify you via email or in-app notification at least 30 days before the changes take effect.

02. Information We Collect

We collect two categories of information to provide and improve our services:

Account Identity

  • Email address
  • Display name
  • Profile avatar (optional)
  • Authentication tokens
  • Device push notification tokens

Cognitive Artifacts

  • Flashcard decks and cards you create
  • Study session logs and review history
  • Audio recordings (deleted after 30 days)
  • Images (retained until card is deleted)
  • Anonymised usage analytics

03. AI Processing & Governance

Neurako uses AI to transform your captures into flashcards. We take a privacy-first approach to every AI operation.

Local Inference (where possible)

On-device models handle basic text processing without any data leaving your phone.

Anonymized Requests

Personally identifiable information is stripped before any data is sent to cloud AI providers.

Ephemeral Sessions

AI processing logs are purged immediately after use and never stored for model training.

AI Disclosure: Your audio and images are processed by Google Gemini to generate flashcard content. Under our Data Processing Agreement with Google, this data is not used to train AI models.

04. Your Sovereign Rights

You retain full ownership of your intellectual work. We recognise the following rights:

Right of Portability

Export all your flashcard decks and study history at any time in JSON or Markdown format from your account settings.

Right to Erasure

Delete your account and all associated data permanently from your account settings. Deletion is irreversible and takes effect within 30 days.

GDPR Rights

If you are in the European Economic Area, you have the right to access, rectify, restrict, and object to processing of your personal data.

CCPA Rights

California residents have the right to know what personal information is collected, to request deletion, and to opt out of any sale (we do not sell your data).

05. Security Standards

We operate on Supabase infrastructure (SOC 2 Type II certified), with the following protections:

  • AES-256 encryption at rest for all stored data
  • TLS 1.3 in transit for all API communications
  • Row Level Security on all database tables — your data is accessible only to you
  • Regular security audits and penetration testing

06. Cookie Policy

We use a minimal set of cookies and browser storage. We do not use advertising cookies, tracking pixels, or any third-party cookies that share your data with other organisations.

Essential Cookies

Always Active

Required for the website to function. No consent needed under ePrivacy Directive Article 5(3) — strictly necessary for the service you requested.

NamePurposeDuration
neurako_cookie_consent_v1Stores your cookie consent choices365 days
neurako_consent_session_idAnonymous identifier for consent audit recordUntil cleared
Supabase sessionMaintains your authenticated sessionSession / 1 week

Analytics Cookies

Consent Required

We use Vercel Analytics — a privacy-focused tool that does not use third-party cookies, does not store personal identifiers, and uses an anonymous daily-resetting hash to count unique visitors. No personal data is collected or tracked across sites.

ProviderPurposeData Sent
Vercel AnalyticsPage views, referrers, Core Web VitalsAnonymous hash only — no IP, no user ID

Functional Cookies

Consent Required

Not currently in use. This category is reserved for future functionality such as language or display preferences. We will notify you before activating any functional cookies.

Your Privacy Choices (California Residents)

California residents may opt out of the “sale or sharing” of personal information under CCPA/CPRA. We honour Global Privacy Control (GPC) signals — if your browser sends a GPC signal, we automatically disable analytics cookies without requiring you to interact with the banner.

You can update your cookie preferences at any time using the Cookie Preferences link in the footer.

07. Contact & Support

If you have questions about this policy or want to exercise your rights, please reach out:

Neurako Privacy Team

We respond to all privacy enquiries within 72 hours.

Contact Privacy TeamHelp Center

See also: Terms of Service