Kana Daily is a Japanese kana learning application operated by Lior Ben Chetrit ("we", "us", or "our"). This Privacy Policy explains how we collect, use, share, and protect personal information when you use Kana Daily at any domain or URL where the app is served (collectively, the "Service").
By using the Service you agree to the practices described in this policy. If you do not agree, please do not use the Service. For users in jurisdictions with mandatory consent requirements (e.g., the EEA under GDPR), continued use after a notice of this policy constitutes your acknowledgment, but we rely on the specific lawful bases set out in Section 4.
We collect only what we need to run the app. We never sell your personal data. You can export or delete your data at any time. The app works in guest mode with no account required.
If you use Kana Daily without an account, all progress data is stored only on your
device in localStorage. We do not collect or process any personal data
from guest users beyond what is automatically collected by our CDN and Firebase (IP address,
aggregate analytics).
| Purpose | Data Used |
|---|---|
| Providing and operating the Service | Account data, learning progress, SRS data |
| Syncing your progress across devices | Learning progress, SRS data, badges, streak |
| Displaying personalized study recommendations | SRS data, lesson completion status |
| Friend leaderboards and social features | Display name, friend connections, progress snapshots |
| Security, fraud prevention, and abuse detection | IP address, account data, timestamps |
| Service improvement and analytics | Aggregate, anonymized usage data |
| Serving advertisements (see Section 7) | Cookies set by Google AdSense |
| Responding to support requests | Email address, data you provide in your message |
We do not use your data for automated decision-making that produces legal or similarly significant effects, nor do we build individual behavioral profiles for advertising purposes ourselves - we rely on Google AdSense for ad serving (see Section 7).
For users in the European Economic Area (EEA), United Kingdom, and other jurisdictions that require a lawful basis for processing personal data, we rely on the following bases:
| Processing Activity | Lawful Basis |
|---|---|
| Creating and managing your account | Contract - necessary to provide the Service you signed up for |
| Syncing learning progress | Contract - core feature of the signed-in Service |
| Behavioral advertising via Google AdSense | Consent - opt-in via the cookie consent banner; you may withdraw at any time |
| Aggregate analytics & service improvement | Legitimate interests - understanding how the app is used to improve it, balanced against your privacy rights |
| Security, fraud prevention | Legitimate interests - protecting the Service and its users |
| Responding to support requests | Legitimate interests - fulfilling your request for assistance |
| Complying with legal obligations | Legal obligation |
Where we rely on legitimate interests, you have the right to object to that processing (see Section 10). We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
We share data with the following third-party services that act as our data processors. They are permitted to use your data only to perform services on our behalf, and are bound by appropriate data processing agreements.
We use Firebase (a Google Cloud product) for user authentication, cloud database (Firestore), and hosting. Firebase processes the account data and learning progress data described in Section 2 on our behalf. Firebase servers are located in the United States, with data potentially replicated across Google's global infrastructure.
We display advertisements served by Google AdSense. Google operates as an independent data controller for advertising purposes and may use cookies, device identifiers, and other tracking technologies to serve personalized ads based on your interests and browsing history. See Section 7 for your advertising choices.
We load web fonts from Google Fonts. Google's servers may log your IP address when fonts are requested. See Google Fonts Privacy FAQ.
Audio pronunciation is provided primarily via your browser's built-in speech synthesis (Web Speech API), which runs locally on your device and does not transmit data to us. As a fallback, the app may use a publicly accessible text-to-speech endpoint. No account data is transmitted with these requests.
We do not sell, rent, or trade your personal information to any third party for their own marketing or commercial purposes.
Kana Daily displays advertisements served by Google AdSense. Google uses cookies and similar technologies to show you ads that may be relevant to your interests based on your browsing activity across websites that partner with Google.
If you grant cookie consent in the cookie banner, Google may show you personalized ads using interest-based advertising. If you decline, we instruct Google AdSense to serve non-personalized ads only - ads are still shown, but they are not based on your browsing history.
Kana Daily Premium subscribers do not see advertisements. Advertising cookies are not loaded for users with an active Premium subscription.
We implement appropriate technical and organizational measures to protect your personal data:
No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify affected users as required by applicable law.
We retain your personal data for as long as your account is active or as needed to provide the Service. Specifically:
| Data Type | Retention Period |
|---|---|
| Account data (email, display name) | Until you delete your account |
| Learning progress & SRS data | Until you delete your account or clear local storage |
| Study streak & badges | Until you delete your account or clear local storage |
| Friend connections | Until you remove the connection or delete your account |
| Server logs (IP, timestamps) | Up to 90 days, then automatically deleted by Firebase/Google Cloud |
| Support email correspondence | Up to 2 years from last correspondence |
| Deleted account data | Permanently deleted within 30 days of account deletion request |
localStorage data from your device.If you are located in the European Economic Area, the United Kingdom, or another jurisdiction with comprehensive data protection legislation, you have the following rights regarding your personal data:
Request a copy of the personal data we hold about you.
Request correction of inaccurate or incomplete personal data.
Request deletion of your personal data ("right to be forgotten").
Receive your data in a machine-readable format and transmit it elsewhere.
Request that we limit processing of your data in certain circumstances.
Object to processing based on legitimate interests or for direct marketing.
Not be subject to solely automated decisions that produce legal effects.
Withdraw any consent you have given at any time, without affecting prior processing.
Many rights can be exercised directly in the app:
For all other requests, or if you have difficulty using in-app options, contact us at kanadailysupport@gmail.com. We will respond within 30 days (or sooner as required by law).
If you are in the EEA or UK and believe we have not handled your data lawfully, you have the right to lodge a complaint with your local data protection supervisory authority. We ask that you contact us first so we can address your concern directly.
Your data may be transferred to and processed in the United States and other countries where Google Cloud / Firebase infrastructure is located. Google provides appropriate safeguards for these transfers including Standard Contractual Clauses (SCCs) approved by the European Commission. For more details, see the Google Cloud Data Processing Addendum.
If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you the following rights:
We do not sell your personal information. However, sharing data with Google AdSense for behavioral advertising may constitute "sharing" under the CPRA. To opt out, use the "Do Not Sell My Personal Information" link in the app footer, which will instruct Google AdSense to serve non-personalized ads only and disable advertising cookies.
Over the past 12 months, we have collected the following CCPA categories of personal information:
Submit requests by emailing kanadailysupport@gmail.com with the subject line "California Privacy Request". We will respond within 45 days as required by law. We may need to verify your identity before fulfilling your request.
Kana Daily is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13 in compliance with the Children's Online Privacy Protection Act (COPPA) and similar laws.
If you are under 13 years of age, please do not create an account, use the signed-in features, or provide any personal information. If we become aware that we have inadvertently collected personal information from a child under 13, we will delete that information promptly.
If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us immediately at kanadailysupport@gmail.com and we will delete the information as soon as possible.
Users between 13 and 18 should review this policy with a parent or guardian.
Kana Daily is operated from and the Service is provided globally. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our servers are located and our service providers operate.
If you are in the EEA or UK, international transfers are covered by Section 10 (GDPR). For other jurisdictions, by using the Service you acknowledge that your data may be processed in countries whose data protection laws may differ from those in your country.
We take steps to ensure that any international transfer of personal data is subject to appropriate safeguards, including through our reliance on Google Cloud's transfer mechanisms (Standard Contractual Clauses).
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the updated policy, please stop using the Service and delete your account.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: kanadailysupport@gmail.com
Subject line: "Privacy Request" for faster routing
Response time: We aim to respond within 5 business days; data subject requests will be addressed within the timeframes required by applicable law (30 days under GDPR, 45 days under CCPA).