Lexora — Privacy Policy
Effective date: 2026-05-20 · Last updated: 2026-05-20
This privacy policy explains what information Lexora and the Lexora Companion browser extension collect, how it is used, and what choices you have. By using the service or the extension, you agree to the terms below.
If you have any questions or want to exercise your rights, write to contact.yuriidorosh@gmail.com.
1. Who we are
Lexora is a personal language-learning platform operated by
Yurii Dorosh (trading as Avantgarde Systems),
based in Ukraine. The platform is reachable at
https://lexora.avantgarde.systems. The Lexora Companion
browser extension is distributed via the Chrome Web Store and talks
to that same instance by default.
For data-protection purposes, the operator listed above is the data controller of any personal data described in this policy.
2. What this policy covers
This single policy covers:
- The Lexora web platform at
https://lexora.avantgarde.systems(portal pages under/my/*, public landing pages, and the API at/lexora_api/*). - The Lexora Companion browser extension (Chrome / Chromium-based browsers), version 1.0.0 and later.
- The four backend worker services that the platform calls on your behalf (translation, LLM enrichment, audio, Anki import).
It does not cover third-party websites you visit while the extension is installed — Lexora does not log, track, or sell your general browsing activity.
3. Information we collect
3.1 Information you provide directly
| Data | Where it comes from | Why we have it |
|---|---|---|
| Email address, password (hashed) | You enter it at signup | Authenticate you, send security notifications |
| Display name, avatar | Your profile page | Show you in leaderboards, comments, posts |
| Native language, learning languages | Your profile page | Personalise translations, PvP duels, dashboard |
| Vocabulary entries (words, phrases, sentences) | You add them via portal, extension, or Anki import | Core feature — your personal vocabulary list |
| Translations, enrichment results | Generated by the platform when you request them | Show on vocabulary entry pages |
| Posts, articles, comments | You write them | Display on the community pages after moderation |
| Chat messages (public channels and DMs) | You send them | Deliver to recipients |
| PvP duel results, XP, streak | Computed from your activity | Gamification, leaderboards |
| Audio recordings (Audio / Speaking Coach / Shadowing) | You record them in-browser | Pronunciation practice, speaking coach |
3.2 Information collected automatically
| Data | When | Retention |
|---|---|---|
Session cookie (session_id) | When you log in | Browser session + up to 7 days persistent |
| Server-side access logs (IP, user agent, URL, timestamp) | Every HTTPS request | 30 days, then deleted |
| Nginx error logs | On request errors | 30 days |
| Postgres query stats (anonymous, aggregate) | Continuous | Reset on container restart |
3.3 Information sent by the Lexora Companion extension
Each feature only sends data to your configured Lexora instance
(default: https://lexora.avantgarde.systems). The extension
talks to no other server. The Lexora server may forward
parts of your request to third parties as described in §5.
| Feature | What is sent | When |
|---|---|---|
| Add Word | The word/phrase you typed, optional translation/context/source URL | When you click Save in the popup or context menu |
| Contextual Capture | The selected text + the surrounding sentence + the page URL | When you choose "Add to Lexora" in the right-click menu |
| Quick Look | The selected text + a language hint | When you select text and click the floating L icon |
| YouTube Overlay | The clicked subtitle word + the cue text | When you click a word in a YouTube caption |
| Known-word Highlighting | Nothing (the vocab list is fetched once, matching happens entirely in your browser) | On page load |
| Grammar Explainer | The selected phrase + language code | When you click "Explain Grammar" |
| Lexora Writer | The full text in the focused textarea/contenteditable + an optional context label | When you click the floating L FAB on a text field |
| Slang Explainer | The selected phrase + source/native language | When you click "Explain Slang/Idiom" |
| Pronunciation Practice | A short audio recording (WebM/Opus, capped at ~30 s) + the reference text | When you click "Stop Recording" |
| YouTube Vocab Radar | Nothing (vocab list fetched once; matching happens entirely in your browser) | On YouTube page load |
| New Tab | A request for one random vocabulary entry to display | When you open a new browser tab |
The extension also reads your Lexora session cookie via
chrome.cookies and forwards it as the
X-Lexora-Session-Id header so the server can identify you
across browsers that block third-party cookies. This cookie is read
only for the configured Lexora URL — never from any other site.
3.4 Information stored locally in your browser
The extension persists the following inside Chrome's local storage. None of this leaves your computer.
| Key | Storage area | Purpose |
|---|---|---|
lexoraBaseUrl | chrome.storage.sync | Your Lexora instance URL |
lexora_writer_enabled | chrome.storage.sync | Writer assistant toggle |
lexora_native_language | chrome.storage.sync | Slang-explainer language preference |
lexora_radar_* | chrome.storage.sync | YouTube radar preferences |
lx_word_cache | chrome.storage.local | Vocabulary list, refreshed every 15 min |
lx_radar_vocab_cache | chrome.storage.local | Vocabulary list for the radar, refreshed every 15 min |
pendingCapture | chrome.storage.session | Most recent right-click capture, transient |
You can clear all of this at any time by removing the extension or via Chrome → Settings → Privacy & Security → Site settings → View permissions and data stored across sites.
3.5 What the extension does NOT collect
- Your general browsing history. The extension does not record which pages you visit.
- Analytics or telemetry. No Google Analytics, no Mixpanel, no Sentry, no Segment.
- Cookies from other sites. Scoped to your Lexora URL only.
- Microphone access in the background. The mic is requested only when you explicitly click Start Recording.
- Form-field contents on pages other than where you click the L FAB. The Writer only reads the field after you explicitly click the floating L button.
4. How we use your information
We process the data described in §3 only for these purposes:
- Provide the service. Translate vocabulary, generate enrichments, transcribe audio, run PvP duels, show your dashboard.
- Authenticate you. Verify your session cookie on every API call.
- Improve reliability. Read server logs to debug crashes and slow endpoints.
- Respond to your requests. When you write to the contact email above.
- Comply with the law. Respond to lawful requests from authorities.
We do not:
- Sell, rent, or trade your personal data to anyone.
- Run ad networks, retargeting, or behavioural advertising.
- Use your vocabulary entries, audio recordings, or chat messages to train ML models.
- Share your data with other Lexora users beyond what you explicitly choose to share (see §6).
5. Third parties that process your data on our behalf
The Lexora platform calls a small number of external services to provide specific features. These calls are made from the Lexora server, not from your browser.
| Provider | What is sent | Purpose | Their policy |
|---|---|---|---|
| Google Translate (free public endpoint) | Text snippets, source/target language codes | Default translation backend | policies.google.com/privacy |
| MyMemory (free API) | Same as above | Fallback translation backend | mymemory.translated.net |
| Microsoft Edge TTS (free public endpoint) | Text + language code | Generate pronunciation audio | privacy.microsoft.com |
| Hugging Face | None at runtime; the Lexora server downloads the Qwen LLM model file once on first start | Initial model download | huggingface.co/privacy |
| Let's Encrypt | Domain name only, no user data | TLS certificate issuance | letsencrypt.org/privacy |
The LLM enrichment service (Qwen2.5) runs entirely on the Lexora server's own CPU. No text leaves the Lexora server for enrichment, grammar explanation, slang lookup, writing analysis, roleplay, or speaking-coach feedback.
The platform does not use any analytics provider (Google Analytics, Plausible, Matomo, etc.), error-tracking provider (Sentry, Rollbar), CDN with logging, or marketing/email automation system at this time.
6. Privacy inside the platform
| Object | Default | Sharing |
|---|---|---|
| Vocabulary entries | Private to you | You can mark individual entries or your whole list as shared |
| Translations, enrichments, audio | Private to you | Same visibility as the parent entry |
| Profile, level, streak | Public to other Language Users | Visible on leaderboards |
| Posts and articles | Draft until you submit; public after moderator approval | Public when published |
| Public chat messages | Visible to all Language Users in the channel | N/A |
| Private DMs | Visible to the two participants only | N/A |
| PvP battle history | Public stats; the vocabulary used is NOT exposed to your opponent | N/A |
| Speaking coach sessions | Private to you (owner-only record rule) | N/A |
| Pronunciation practice recordings | Not stored on the server by default | N/A |
7. Cookies
Lexora sets exactly one cookie: session_id. It is:
- Strictly necessary — without it you cannot log in.
- HTTPS-only in production (the
Secureflag is set). - HttpOnly — JavaScript on the page cannot read it.
- SameSite=Lax — sent with top-level navigation only.
We do not set any analytics, advertising, or social-media cookies. We do not embed third-party scripts from analytics or ad networks.
8. Data retention
| Data | Retention |
|---|---|
| Account, vocabulary, posts, chat, leaderboard stats | For the lifetime of your account |
| Server access logs | 30 days |
| Pronunciation practice audio | Discarded immediately after transcription + scoring |
| Speaking coach audio | Private attachment, deleted when you delete the session row |
| Nginx error logs | 30 days |
| Translation / LLM requests | Not logged (only stats counters) |
When you delete your account, we apply the policy in our SPEC §6: private vocabulary, audio, import logs, and private DMs are hard-deleted; public posts, comments, public chat messages, PvP battle records, and leaderboard standings are anonymised (author becomes "Deleted User") to preserve thread integrity.
9. Your rights
If you are in the European Economic Area, the United Kingdom, Ukraine, or any other jurisdiction with similar data-protection laws, you have:
- Access — request a copy of the personal data we hold about you.
- Rectification — correct inaccurate data.
- Erasure — delete your account and the data tied to it as described in §8.
- Restriction — ask us to stop processing your data in specific ways.
- Portability — receive your vocabulary and posts in a machine-readable format.
- Objection — object to processing based on our legitimate interests.
- Withdraw consent — at any time without affecting the lawfulness of past processing.
To exercise any of these rights, write to contact.yuriidorosh@gmail.com. We will respond within 30 days.
You also have the right to complain to your local data-protection authority if you believe we have mishandled your data.
10. Security
- All connections to
https://lexora.avantgarde.systemsuse TLS 1.2 or 1.3. - HSTS is set with
max-age=31536000; includeSubDomains; preload. - Passwords are stored using Odoo's standard salted hashes (
pbkdf2_sha512). - The session cookie is
HttpOnly,Secure,SameSite=Lax. - Strict response headers (
X-Frame-Options,X-Content-Type-Options,Referrer-Policy,Permissions-Policy). - Postgres, Redis, and RabbitMQ are not reachable from the public Internet.
- The master password is stored encrypted on disk inside the running container only.
If you believe you have found a vulnerability, please write to contact.yuriidorosh@gmail.com before public disclosure.
11. Children
Lexora is not directed at children under 13 (or under 16 in the EU and UK). We do not knowingly collect personal data from children.
12. International transfers
Lexora is hosted on a single VPS located in the United States. If you access the service from outside the United States, your data will cross borders. We rely on the legitimate-interests basis under the GDPR and on the standard contractual clauses of the third-party providers listed in §5 to provide an adequate level of protection.
13. Changes to this policy
We may update this policy as Lexora evolves. The Last updated
date at the top of this page changes whenever we make a substantive change.
If the change is material, we will also notify logged-in users via a banner
on their dashboard or by email. Older versions are tracked in the project's
public git history at docs/PRIVACY_POLICY.md.
14. Contact
| Privacy questions, data-subject requests | contact.yuriidorosh@gmail.com |
| Security vulnerability reports | contact.yuriidorosh@gmail.com |
| Operator (data controller) | Yurii Dorosh (Avantgarde Systems), Ukraine |
This policy is provided under the same proprietary licence as the Lexora source code. It is not a substitute for legal advice; if you operate a fork of Lexora at a different URL, you must publish your own policy.