Lett Privacy Policy — v1.0.0
Effective: 2026-06-28 Version: 1.0.0
This Privacy Policy describes how Lett Inc. ("Lett", "we", "us") collects, uses, shares, and retains personal data when you use the Lett mobile app and related services. The practices below describe what the product actually does today; we do not promise data-handling we have not implemented.
This is version 1.0.0 of the Privacy Policy. The authoritative language is English.
Data we collect
We collect the following categories of personal data:
- Account data: email address, first name, last name, role (client or tutor), country, password hash for email/password sign-in (we never see or store your raw password), and provider identifiers when you sign in with Apple or Google.
- Profile data: for tutors — bio, headline, languages, disciplines, hourly rate, certifications you list, and your selected service location. For clients — onboarding answers and a home location. Profile photos and avatars are uploaded by you.
- Booking and payment metadata: booking history (session times, parties, status), quote/fee snapshots, refund history, and payment-method references. Lett never stores raw card numbers. Card data is handled and tokenized by Stripe; we keep only Stripe customer/payment-method/account references.
- Session content: session metadata (start/end, duration, status, location). Lett does not currently provide in-app chat or video session content.
- Device and diagnostic data: app version, OS, device model, language preference, crash reports, error stack traces, performance traces, and rough request/response timing. We use this to keep the app working and to diagnose problems.
Third-party processors
We share the minimum personal data needed for each processor below to do its job. App reviewers commonly look for this section, so we keep it explicit.
Payments and identity:
- Stripe + Stripe Connect + Stripe Identity — processes payments, runs tutor payouts under the Stripe Connect program, and verifies tutor identity (KYC) where Stripe Connect requires it.
- Stripe Tax — Stripe Tax is integrated, but with no Canadian tax registration in place it does not collect tax in the current release.
Email and diagnostics:
- Resend — delivers transactional email (sign-up verification, booking confirmations, refund notifications, payout status, account deletion confirmation).
- Sentry — receives diagnostics and error monitoring data (crash stack traces, performance traces, breadcrumbs). We redact request bodies for auth, payment-ops, and Stripe webhook routes; sensitive headers are stripped globally.
Location and media:
- Google Places — provides location autocomplete during onboarding and tutor search. Lett proxies these requests so your raw API usage stays behind our backend.
- Cloudflare R2 — stores media you upload (profile photos, avatars).
Authentication:
- Apple Sign-In — authenticates users who choose Sign in with Apple. We receive an Apple
subidentifier; we do not receive your Apple ID password. - Google Sign-In — authenticates users who choose Sign in with Google. We receive a Google subject identifier and your verified email; we do not receive your Google password.
Infrastructure / hosting:
- AWS — EC2 — hosts the Lett API server.
- AWS — RDS Postgres — hosts the primary application database, which holds account, profile, booking, payment metadata, consent history, and audit-log rows.
- AWS — ElastiCache Redis — provides queue and cache backing for the API.
Sale-of-data disclosure:
We do not sell or rent personal data.
Purposes and legal bases
We collect and use personal data to:
- Provide the service — create your account, run sign-in, render your profile to the people you book with, store and serve your bookings, and route messages between client and tutor when needed for support.
- Process payments and payouts — authorize and capture payments, run refunds, run tutor payouts, and run identity verification where Stripe Connect requires it.
- Prevent fraud and abuse — detect duplicate or fraudulent accounts, flag suspicious payment activity, and act on chargebacks.
- Provide support — respond to support@lettnet.com inquiries, investigate issues, and reach out about a booking, refund, dispute, or account problem.
- Comply with legal and regulatory obligations — keep records we are required to keep, respond to lawful requests, and meet platform requirements (Apple App Store, Google Play, Stripe).
The legal basis for these uses is the contract you enter when you accept the Terms of Service, our legitimate interests in operating a safe and reliable platform, and where applicable, your consent (for example, when granting permissions on your device).
Retention
We retain personal data for the period needed to operate the service and to meet legal, accounting, dispute-resolution, and platform-payment requirements.
- Account, profile, and contact data: retained while your account is active.
- Account deletion: You can delete your account yourself in the app (Profile → Help & Support → Danger Zone). When the deletion is processed, we scrub directly identifying profile data — we set name, profile photo, home location, and phone fields to null and replace your email with an internal tombstone (so the address can be used by a new signup) — and we soft-delete your sign-in identities and password credential. Tutor profiles release the public slug.
- Records retained for legal, accounting, and dispute reasons: payments, refunds, transfers, disputes, ledger entries, bookings (including who participated, when, where, for how much, and the outcome), consent history (which Terms and Privacy versions you accepted and when), and audit logs are retained as part of the financial and audit record. These rows are not deleted by an account deletion. After your account is deleted, other people who participated in a past booking with you see "Deleted account" instead of your name on those historical records.
- Diagnostic and crash data: retained on our diagnostics platform for the period that platform retains it; not used to recover deleted accounts.
- Media you uploaded: scheduled for cleanup from object storage after the account is deleted, on a best-effort basis.
You can delete your account in the app (Profile → Help & Support → Danger Zone); if you need help, contact fatih@lettnet.com. We send a confirmation when the deletion is complete. Where the law (for example, accounting and tax record-keeping rules) requires us to retain certain records longer, we retain those records for the legally required period and then dispose of them.
Data subject rights
Depending on where you live, you may have the right to:
- Access the personal data we hold about you.
- Correction of inaccurate personal data — most fields can be updated directly in the app; for fields that are not editable in the app, contact us.
- Deletion of your account and the personal data we are not required to retain — see the Retention section above for what we retain and why.
- Complaint to a regulator — in Canada, the Office of the Privacy Commissioner of Canada; in the EU/UK if applicable, your local data-protection authority.
To exercise these rights, email fatih@lettnet.com from the email associated with your account. We may need to verify your identity before acting on a request.
Developer entity and contact
- Legal entity: Lett Inc.
- Registered office: in Ontario, Canada; full address available on request.
- Support contact: support@lettnet.com
- Privacy contact: fatih@lettnet.com
- Privacy Officer: Fatih Ermetin (fatih@lettnet.com) — accountable for Lett's compliance with applicable privacy law; the contact for privacy questions, access/correction requests, and complaints.
These addresses are monitored. We respond to privacy and support inquiries from the email account associated with the user's Lett account where possible.
Children
Lett is intended for users 18 years of age or older. The Terms of Service eligibility clause (Section 1, "Eligibility") states the 18+ requirement. We do not knowingly collect personal data from anyone under 18. If we learn that an account belongs to someone under 18, we will close the account and delete the associated data per the Retention section.
Changes
We may update this Privacy Policy. When we do, we publish a new version with a later effective date. Material changes that affect the bargain we make with you may trigger a re-acceptance prompt before you continue to use the service.