Speassy is a free language exchange app where you practice speaking with native speakers through live audio rooms and 1-on-1 messaging. It supports 80+ languages and includes smart corrections so you learn from every conversation.

Yes, Speassy is free to join and free forever. You can join live audio rooms, message native speakers, and use smart corrections at no cost.

How do I practice speaking a new language on Speassy?

Join a live audio room for your target language and start talking with native speakers immediately. Hosts manage speaking order so everyone gets a turn. You can also chat 1-on-1 with a language partner and receive inline corrections on your messages.

What languages can I learn on Speassy?

Speassy supports 80+ languages including Japanese, Korean, Spanish, French, German, Mandarin, Italian, Portuguese, Russian, Arabic, Turkish, Hindi, and many more.

What makes Speassy different from other language exchange apps?

Speassy combines live group audio rooms with smart chat corrections in one platform. Unlike other apps, you get real-time speaking practice in group settings plus written corrections that show exactly what changed and why — all completely free.

Privacy Policy

Last updated: 01 July 2026 · Effective date: 01 July 2026

Governing law: GDPR (RODO) Regulation 2016/679 · ePrivacy Directive 2002/58/EC · Polish Electronic Communications Act 2024
Data stored: VPS server, Frankfurt, Germany (home.pl S.A.) · within the EEA
Applies to: speassy.com and all Speassy mobile applications

1. Data Controller

Speassy is operated by an individual based in Poland who acts as the Data Controller within the meaning of GDPR Article 4(7).

Contact: privacy@speassy.com
Website: https://speassy.com

Full controller details including legal name, registered address, and company registration numbers will be published upon incorporation of a Polish legal entity. To exercise your rights under GDPR or contact the Data Controller directly, email privacy@speassy.com.

2. What Speassy Currently Offers

In its current version, Speassy provides two features: live audio rooms for group speaking practice, and 1-on-1 text messaging for language exchange. The Platform is entirely free. There are no teacher listings, no paid lessons, no marketplace, and no subscription plans. This Privacy Policy reflects exactly what the Platform currently does.

3. Personal Data We Collect and Why

The table below lists every category of personal data Speassy collects, the legal basis for processing, and how long we retain it.

Data Category	Examples	Legal Basis	Retention
Account data	Name, email, password hash, date of birth	Contract performance (Art. 6(1)(b)), Legal obligation for age verification (Art. 6(1)(c))	Account lifetime + 30 days
Messages	1-on-1 text messages content	Contract performance (Art. 6(1)(b))	Account lifetime, or until deleted by user
Usage analytics	Page views, feature usage (via GA4, Mixpanel)	Consent (Art. 6(1)(a))	2 years
Error monitoring data	Crash logs, error traces (via Sentry)	Legitimate interest (Art. 6(1)(f))	90 days
Server logs	IP address, access logs	Legitimate interest (Art. 6(1)(f))	90 days
Room reports	Report reason, room ID, reporter user ID	Legal obligation (Art. 6(1)(c), DSA Art. 13)	3 years
Consent records	Cookie consent, marketing opt-in timestamps	Legal obligation (Art. 6(1)(c))	Minimum 3 years

Passwords are stored using a strong one-way hashing algorithm. We never store or transmit plaintext passwords. Your date of birth is used exclusively for age verification and is never sent to Mixpanel, Google Analytics, or any other third-party service.

4. Age Verification

Speassy is restricted to users aged 16 and over under GDPR Article 8 and Polish law. We collect your full date of birth (day, month, year) at registration to enforce this.

If the date of birth you enter indicates you are under 16, registration is blocked immediately and no account or data record is created.
If you are 16 or older, your date of birth, the timestamp of verification, and your calculated age at registration are stored as compliance evidence.
Your date of birth is never transmitted to any analytics provider or used for any purpose other than age verification.
If we become aware that a user registered by providing a false date of birth and is under 16, we will delete their account and all associated data without delay.

The legal responsibility for providing an accurate date of birth lies with the user. Speassy fulfils its obligation under GDPR Art. 8 by collecting full date of birth, calculating age server-side, and blocking under-16 registrations.

5. How We Collect Your Data

Directly from you: when you register (name, email, date of birth, password), update your profile, send messages, or contact support.
Automatically: IP address, device type, browser, and usage patterns collected via server logs, Google Analytics (GA4), and Mixpanel — only after age is verified and cookie consent is given.
Error monitoring: Sentry captures technical error data automatically when the app encounters a bug, under legitimate interest. No cookie consent is required for Sentry’s core error monitoring.
Room reports: when you submit a report from an audio room, we collect the report reason, room identifier, and your user identifier. We do not store audio.

6. How We Use Your Data

To provide the Platform: account data and messages are processed under contract performance (Art. 6(1)(b)).
To verify age: your date of birth is processed under legal obligation (Art. 6(1)(c)) to comply with GDPR Art. 8.
To maintain security: error and log data are processed under legitimate interest (Art. 6(1)(f)).
To understand Platform usage: Mixpanel and GA4 analytics, processed only with your consent (Art. 6(1)(a)) and only after age is verified.
To send marketing communications: email newsletters and push notifications only if you have explicitly opted in (Art. 6(1)(a)). You can withdraw at any time.
To process room reports: report data is processed under legal obligation (Art. 6(1)(c)) to comply with DSA Article 13.

7. Analytics Blocked Until Age and Consent Are Confirmed

Mixpanel and Google Analytics (GA4) are not initialised until both of the following are true:

Your date of birth has confirmed you are 16 or older at registration, and
You have accepted analytics cookies via our cookie consent banner.

If your registration is blocked because you are under 16, no analytics data is collected about that session. Sentry error monitoring may run before consent under legitimate interest — it tracks technical errors only, not user behaviour.

8. Third-Party Data Processors

We share data with the following processors acting on our instructions. All have been assessed for GDPR compliance. There are currently no payment processors as Speassy is entirely free.

Processor	Purpose	Data Shared	Location
home.pl S.A.	VPS hosting	All primary data	Frankfurt, Germany (EEA)
Google Analytics (GA4)	Usage analytics	Anonymised usage data	US (SCCs)
Mixpanel	Product analytics	Anonymised usage data	US (SCCs)
Sentry	Error monitoring	Error logs, browser info	US (SCCs)

Mixpanel and Sentry are US-based. Transfers are covered by Standard Contractual Clauses (SCCs) under GDPR Art. 46(2)(c). Your primary data — account details, messages, and date of birth — is stored exclusively on our home.pl VPS in Frankfurt, Germany, within the EEA.

9. Marketing Communications

9.1 Email Newsletters

We send email newsletters only to users who have explicitly opted in via a separate unchecked checkbox at or after registration. Every email contains a one-click unsubscribe link. You can also withdraw consent at any time in account settings.

9.2 Push Notifications

We request push notification permission only after you have completed onboarding. You can disable push notifications at any time in your device settings or in the Speassy app under Settings > Notifications.

10. Audio Rooms and the Report Mechanism

Live audio room sessions are transmitted in real time. Speassy does not record or store any audio content. All registered users aged 16 and over have full access to audio rooms.

Every audio room contains a visible report button. When you submit a report, we collect the report reason, the room identifier, and your user identifier. No audio is stored. Report data is retained for 3 years under our DSA Article 13 legal obligation and reviewed by Speassy.

11. Your Rights Under GDPR / RODO

All requests are free of charge and will be responded to within 30 days (extendable to 90 days for complex requests with prior notice):

Right	What It Means
Access (Art. 15)	Get a copy of all personal data we hold about you.
Rectification (Art. 16)	Correct inaccurate data.
Erasure (Art. 17)	Request deletion of your data (“right to be forgotten”).
Restriction (Art. 18)	Limit how we process your data.
Data portability (Art. 20)	Receive your data in a machine-readable format.
Objection (Art. 21)	Object to processing based on legitimate interest.
Withdraw consent (Art. 7)	Withdraw consent at any time where processing is based on consent.
Lodge complaint (Art. 77)	Complain to a supervisory authority (UODO).

12. Data Security

Passwords: hashed using a strong one-way algorithm — never stored or transmitted in plaintext.
Date of birth: stored securely and excluded from all analytics payloads and third-party transmissions.
Transport encryption: all data in transit encrypted using TLS 1.2 or higher (HTTPS enforced).
Server security: home.pl VPS in Frankfurt secured with firewall rules, regular patching, and restricted access.
Error monitoring: Sentry enables rapid detection of and response to security incidents.

In the event of a personal data breach likely to result in risk to your rights, we will notify UODO within 72 hours (GDPR Art. 33) and notify affected users directly where high risk is likely (GDPR Art. 34).

13. International Data Transfers

Your core data (account details, messages, date of birth) is stored on our VPS server in Frankfurt, Germany — within the EEA. No international transfer occurs for primary data storage.

Google Analytics, Mixpanel, and Sentry are US-based and receive certain data. All transfers are covered by Standard Contractual Clauses (SCCs) under GDPR Art. 46(2)(c).

14. Data Retention

Account data (name, email, password hash): duration of account + 30 days after deletion.
Date of birth and age verification record: duration of account + 3 years after deletion.
Messages: duration of account, or until deleted by the user.
Usage analytics (Mixpanel, GA4): 2 years.
Error data (Sentry): 90 days.
Server logs (IP address, access logs): 90 days.
Consent records (cookie and marketing): minimum 3 years.
Room reports: 3 years.

When you delete your account, all personal data is deleted or irreversibly anonymised within 30 days, except where legal obligations require retention (age verification record, consent records, room reports).

15. Automated Decision-Making

Speassy does not use automated decision-making or profiling that produces legal or similarly significant effects (GDPR Art. 22). Age blocking at registration is an automated compliance check required by law — users are free to return when they reach the minimum age of 16.

16. Changes to This Policy

We will update this Privacy Policy when new features are introduced, when a company is incorporated, or when legal requirements change. Registered users will be notified by email at least 14 days before material changes take effect.

17. Contact and Supervisory Authority

17.1 Contact

Contact: privacy@speassy.com
Website: https://speassy.com

17.2 Supervisory Authority — UODO

If you believe we have not handled your personal data lawfully, you may lodge a complaint with:

Urząd Ochrony Danych Osobowych (UODO)
Address: ul. Stawki 2, 00-193 Warsaw, Poland
Website: https://uodo.gov.pl
Email: kancelaria@uodo.gov.pl
Phone: +48 22 531 03 00