Privacy Policy

Who runs Parshn

Parshn is a small product made by a small team. If you want to reach a human about anything in this policy, write to parshnapp@gmail.com.

What stays on your computer

The Parshn desktop app stores your data in a local SQLite database file (parshn.db) on your machine. That file holds:

• The words and meanings you save
• The topics you organize them under
• How often notifications appear and whether they are turned on

We do not sync this file. We do not upload it. We do not back it up. If you uninstall Parshn or delete the file, that data is gone from our point of view too, because it was never with us in the first place.

Parshn does not encrypt the local database file on disk on its own. Its protection comes from your operating system: your user account permissions, and any disk encryption you have on (such as FileVault on macOS or BitLocker on Windows). If you share a computer or run without disk encryption, treat the file the way you treat any other personal file you keep on that machine.

What we store on our server

When you create a Parshn account, we keep the following in a database we control:

• Your email address
• A hashed version of your password, generated with bcrypt and a salt. We can't read your password and we can't recover it. If you forget it, you reset it.
• Whether your email has been verified
• Whether your account has an active license
• Short one-time codes used for email verification and password reset. They expire roughly thirty minutes after they are issued and are erased once used.
• The dates your account row was created and last updated

We do not store your IP address, browser fingerprint, or device identifiers next to your account.

What we don't collect

• Your vocabulary. Anything you type into the desktop app stays on your machine.
• Usage analytics. The desktop app does not phone home with telemetry. The website does not run analytics scripts.
• Behavioral tracking. No third-party trackers, no advertising pixels, no session replay tools on this site.

How your data is protected

Connections between your browser, the desktop app, and our server use HTTPS. Anything you type into the sign-in or sign-up forms travels over an encrypted channel.

Passwords are hashed with bcrypt before they reach the database. A database leak would not expose your password in a form anyone could use to sign in.

Sessions are managed with signed JSON Web Tokens. The access token is short-lived. Refresh tokens are stateless, which means we can't revoke a single one on demand. If you think your account has been used by someone else, change your password right away. That invalidates future sign-ins from anyone who does not know the new one.

Our database is not exposed to the public internet. It is reachable only by the application server.

We can't promise an unbreakable system. No one can. We try to keep the amount of data we hold small, so that there is less to lose if anything goes wrong.

Email

We use email for two things:

• Sending you a one-time code to verify your address
• Sending you a one-time code to reset your password

Outbound mail is delivered through a standard SMTP provider. Your email address is visible to that provider during delivery, the same way any email passes through mail servers. We do not add you to a newsletter and we do not share your address for marketing.

License and payments

Parshn is in early access. The purchase flow is not yet wired up on this site. When it goes live, payments will be handled by a third-party payment provider that processes card details on their own systems. We will not see or store your full card number. This page will be updated when that ships.

Today, license status is a flag on your account. We toggle it when an account is granted access.

Browser storage

This website uses your browser's localStorage to remember that you are signed in. Three values are written there: an access token, a refresh token, and a small object that holds your email, your verification status, and your license status. Nothing else. It is not a tracking cookie and it is not shared with anyone outside Parshn. Clearing your browser storage signs you out.

How long we keep things

• Account fields are kept while your account exists.
• One-time verification and password-reset codes are kept only until they are used or expire, around thirty minutes.
• When you delete your account, we remove the account row. If your data is part of a routine database backup, it rolls out on the normal backup rotation.

Where the data lives

Our backend runs on infrastructure we operate. Your account data may be stored on servers located outside your country. By using Parshn you accept that your account data may cross borders for the technical reasons above.

Your rights

You can ask us to:

• Show you what we store about your account
• Correct your email if it is wrong
• Send you a copy of your account data
• Delete your account

Email parshnapp@gmail.com from the address on your account and we'll handle it. If you are in the EU, the UK, or another region with a similar law, your rights under that law (access, rectification, erasure, restriction, portability, objection) go through the same address.

Children

Parshn is not aimed at children under 13. If you believe a child has signed up, contact us and we'll remove the account.

Changes to this policy

If we change this page, we update the date at the top. If the change matters in practice, for example if we start working with a new vendor or change what we store, we mention it on the changelog or surface a note when you sign in.

Contact

For anything related to your data or this policy, write to parshnapp@gmail.com.