Privacy Policy

Effective Date: June 2, 2026 · Version 2026-06-02

This policy explains what data Lectogram collects, why we collect it, who we share it with, and the choices you have. Lectogram is in beta and we will update this policy as the product evolves.

Contents

1. Who we are
2. What this policy covers
3. Information we collect
4. How we use information
5. Third-party sub-processors
6. Data retention
7. Your rights
8. Cookies and local storage
9. Security
10. Children’s privacy
11. International transfers
12. Changes to this policy
13. Contact

1.Who We Are

Lectogram is operated by Atmeto, Inc., a Delaware corporation (“Lectogram,” “we,” or “us”). You can reach us at support@lectogram.com.

2.What This Policy Covers

This Privacy Policy applies to the Lectogram website at lectogram.com, the application at app.lectogram.com, transactional emails we send you, and related features (collectively, the “Service”).

3.Information We Collect

We collect the following categories of information:

Account data. Your email address and password (passwords are stored hashed by our authentication provider, not in plain text), plus a unique account identifier we use internally to associate your data with your account.
Profile data. An optional display name, an optional learning-background context you may share to personalize lectures, and your email-notifications preference.
Content you submit. Lecture topics and instructions, uploaded PDF source material, chat messages, and optional images you attach to chat.
Generated content. Lectures and chat responses produced by AI from your inputs, stored under your account.
Sharing data. When you make a lecture publicly accessible, we generate an opaque share token associated with that lecture. When a recipient saves a reference to a shared lecture into their library, we record a pointer to the source lecture.
Credit and billing data. Your credit balance and a per-charge record of what was generated and what it cost. When you purchase credits, Stripe acts as the merchant of record: it processes your payment and, to calculate tax, collects your billing name and address (and may collect a phone number) directly. We store a payment-processor customer identifier and transaction records that Stripe shares back with us (such as amount, tax, date, and status), but we do not collect or store your payment-card details — card information is entered directly with Stripe and never passes through our servers.
Usage and analytics data. Event records describing your interactions with the Service — for example, sign-in, lecture generation, sharing actions, chat sends, and billing actions — together with timing information and event-specific attributes. All analytics are operated in-house; we do not embed third-party analytics, advertising, or cross-site tracking SDKs (no Segment, Mixpanel, Google Analytics, Meta pixel, or similar).
Technical data. IP addresses (used for rate-limiting and abuse-prevention; hashed with a salt before long-term storage); browser user-agent strings; cookies that keep you signed in; and small amounts of browser-local storage for UI preferences (for example, your home-page sort order).
Communications. If you contact us by email, we keep your messages and our replies to provide support and improve the Service.

4.How We Use Information

We use the information described above to:

provide and operate the Service — generate lectures, deliver chat responses, send transactional email, gate billing, and process credit purchases;
send transactional emails (lecture-ready, lecture-failed, partial-lecture notifications); you can opt out of non-essential emails via Profile → Settings, except for security and account-management emails which we always send;
detect, prevent, and respond to abuse, fraud, and security threats; enforce rate limits;
understand product usage in aggregate to improve the Service;
comply with applicable law and legal process.

We do not use your content to train AI models. Our AI processing runs through commercial API calls that do not contribute inputs to model training. We do not sell or rent personal information to third parties for their own commercial purposes.

5.Third-Party Sub-Processors

We rely on the following sub-processors to operate the Service:

Sub-processor	Purpose	Categories of data shared
Anthropic (Claude API)	AI lecture generation and chat responses	Prompts, lecture context, uploaded PDFs, chat messages, lecture text being discussed
Amazon Web Services	Cloud infrastructure: account authentication, content storage, application hosting, transactional email delivery, content delivery	Account data, your content, transactional email contents, request logs
Stripe (merchant of record)	Sells and processes credit purchases as merchant of record: card processing, sales-tax/VAT/GST calculation, collection, and remittance, fraud prevention, dispute handling, and customer receipts	Email address, internal account identifier, billing name and address and any tax ID you provide (used to calculate and remit tax), and purchase amount, tax, and transaction metadata. Payment-card details are entered directly with Stripe and never pass through our servers.

We do not share personal information with any other third parties for their own commercial purposes. We may disclose information when required by law, valid legal process, or to protect the rights, property, or safety of Lectogram, our users, or others.

6.Data Retention

Account, profile, lectures, chat archives. Retained until you delete your account or the individual lecture.
Uploaded PDFs. Deleted automatically once the lecture has successfully finished generating. PDFs from failed or partial generations are kept temporarily to support retries, then cleared.
Analytics records. Retained on an indefinite basis under our internal data-lifecycle policy. Analytics records are operated in aggregate to improve the Service.
Invite records, payment records, and credit-grant audit records. Retained for fraud-prevention, accounting, and tax integrity; not deleted on account deletion.

7.Your Rights

Access. You can request a copy of personal data we hold about you by emailing support@lectogram.com.
Deletion. You can delete your account at any time via Profile → Settings → Delete Account. Some derived data (aggregated analytics, audit and grant records for accounting integrity) may be retained as described in Section 6.
Correction. You can edit your profile in Profile → Learning Profile; for other corrections, contact us.
Email preferences. Toggle non-essential emails in Profile → Settings.
Jurisdiction-specific rights. If you are in the EU/UK (GDPR), California (CCPA/CPRA), or another jurisdiction with consumer-privacy rights, you may have additional rights including objection, restriction, portability, and the right not to be subject to certain automated decision-making. Exercise any of these by emailing support@lectogram.com; we will respond within the timeframe required by your jurisdiction’s law.

8.Cookies and Local Storage

We use a single secure session cookie to keep you signed in, plus a small amount of browser-local storage to remember UI preferences (for example, your preferred sort order on the home page). We do not use advertising cookies, cross-site trackers, or third-party analytics cookies. Because we do not use non-essential cookies, we do not display a cookie-consent banner.

9.Security

We protect data using industry-standard measures: TLS encryption in transit, encryption at rest, hashed passwords managed by our authentication provider, rate-limiting on sensitive endpoints, and salted hashing for abuse-signal storage. No security program is perfect; if you believe your account has been compromised, contact us immediately at support@lectogram.com.

10.Children’s Privacy

The Service is intended for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided personal information through the Service, please contact us and we will delete it.

11.International Transfers

The Service is operated from the United States. If you use the Service from outside the United States, you understand and consent to the transfer of your information to, and processing of your information in, the United States. By using the Service you accept that U.S. laws may differ from those of your country.

12.Changes to This Policy

We may update this Privacy Policy from time to time. The Effective Date and Version stamp at the top of this page reflect the current version. For material changes, we will notify you by email and surface an in-app notice. Your continued use of the Service after the Effective Date of an updated version constitutes acceptance of the changes.

13.Contact

If you have questions or requests regarding this Privacy Policy or our handling of your information, contact us at support@lectogram.com.