Legal
Privacy Policy
Effective Date: June 1, 2026
Welcome to Levio. We take your privacy seriously. This Privacy Policy explains how we collect, use, process, and protect your personal data when you use our website and web application (the "Service"). We process your data in compliance with the General Data Protection Regulation (GDPR).
1. Data Controller
Responsible for data processing on this website is:
Paul Schmid
Römerstraße 50
4850 Timelkam
Austria
Email: paul@leviocast.com
2. What Data We Collect and Why
We only collect data that is strictly necessary to provide our Service to you.
Account and Authentication Data
To create and manage your Levio account, we collect your email address and a password. If you choose to log in via Google SSO (Single Sign-On), Google will share your basic profile information (name and email address) with us to authenticate you.
Legal basis: Performance of a contract (Art. 6(1)(b) GDPR).
User Input and App Data
To generate your custom podcast, you provide us with specific inputs: your personal goals, your motivation, your current knowledge baseline, and your commute schedule.
Legal basis: Performance of a contract (Art. 6(1)(b) GDPR).
Payment Data
When you start a free trial or a paid subscription, your payment details are processed directly by our payment provider, Stripe. We do not store your credit card information on our servers.
Legal basis: Performance of a contract (Art. 6(1)(b) GDPR).
3. Hosting, Infrastructure, and Analytics
Our backend infrastructure, database, email communications, and basic website analytics are entirely hosted and managed through Lovable Cloud.
- Server Location: The servers provided by Lovable Cloud are located in Frankfurt, Germany (EU), ensuring high data protection standards.
- Analytics: We only use basic, privacy-friendly analytics provided by Lovable to count page visits and monitor server health. We do not use invasive tracking cookies or third-party marketing trackers (like Meta Pixel).
4. Artificial Intelligence and Audio Generation
Levio's core feature is generating custom audio curriculums based on your inputs. To achieve this securely and efficiently, we use a workflow automation tool to route your data to specialized external AI providers via their APIs (Application Programming Interfaces).
We use the following services and providers:
- n8n (Data Orchestration): We use n8n in our backend to securely automate and orchestrate the data flow between our servers and the AI models. n8n processes the requests in real-time and routes your inputs to the respective APIs.
- Cerebras Systems: Used during onboarding to process your initial goal, establish your baseline, and create the first curriculum and milestones.
- Google Gemini: Used to dynamically extend your curriculum and generate future milestones as you progress.
- Autocontent API: Used for the final podcast audio generation. We send your formulated goal, your motivation, and your milestones to this API to generate the audio episode.
Important notice on AI Training: We utilize the commercial APIs of these AI providers. We do not allow our providers to use your personal goals or inputs to train their public AI models. Your data is processed strictly for the purpose of generating your personal Levio episodes and is deleted by the providers after a short retention period (usually 30 days for trust & safety monitoring).
5. International Data Transfers
While our main servers are located in the EU (Frankfurt), some of our service providers (like Stripe, Google, Cerebras, and Autocontent API) are based in the United States. When data is transferred outside the European Economic Area (EEA), we ensure it is protected by appropriate safeguards, such as the EU-US Data Privacy Framework or Standard Contractual Clauses (SCCs) approved by the European Commission.
6. Data Retention
We retain your personal data only for as long as your account is active or as needed to provide you with the Service. If you delete your account, we will erase your personal data, including your generated curriculums and goals, unless we are legally required to retain certain information (e.g., invoices for tax purposes).
7. Your GDPR Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of Access: You can request a copy of the data we hold about you.
- Right to Rectification: You can ask us to correct inaccurate or incomplete data.
- Right to Erasure ("Right to be Forgotten"): You can ask us to delete your account and personal data.
- Right to Restriction of Processing: You can ask us to suspend the processing of your data.
- Right to Data Portability: You can request your data in a structured, machine-readable format.
- Right to Object: You can object to our processing of your data.
To exercise any of these rights, simply contact us at the email address provided in Section 1. You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde) if you believe we are processing your data unlawfully.
