Legal

Privacy Policy

How Lesso collects, uses, and protects personal information when you use our AI lesson platform.

Last updated: March 26, 2026

Overview

Lesso ("we", "us", "our") operates https://www.lesso.me and related services for teachers and students. This Privacy Policy explains what personal information we collect, why we collect it, how we use it, and the choices you have.

By creating an account or using the Service, you acknowledge this Privacy Policy. If you do not agree, please do not use the Service.

Information we collect

Account and profile

  • Name, email address, and authentication identifiers (including when you sign in with Google).
  • Profile photo if you upload one.
  • Role (teacher or student), interface language preference, and referral information.

Lesson and educational content

  • Lesson titles, prompts, block settings, AI-generated text, images, audio, and other materials you create or upload.
  • Student progress, answers, presence signals, and activity related to assigned lessons.
  • Invitations and enrollment data (for example, student emails invited to a lesson).

Usage and technical data

  • Device and browser type, IP address, approximate location derived from IP, pages viewed, and actions in the product.
  • Cookies and similar technologies (see our Cookie Policy).
  • Error logs and security events to keep the Service reliable.

Payments

When you purchase Lesso coins, payment processing is handled by Stripe. We receive transaction metadata (such as amount, currency, package, and payment status) but not your full card number.

Communications

If you contact support, report a problem, request B2B information, or receive product emails, we process the content of those messages and your contact details.

How we use information

  • Provide, operate, and improve the Service (lesson creation, publishing, student delivery, live monitoring, credits, and Explore sharing).
  • Authenticate users and enforce access controls between teachers and students.
  • Process payments, manage Lesso coin balances, promotions, and referrals.
  • Send transactional emails (for example, sign-up confirmation, invitations, and administrative notices).
  • Measure marketing performance and product usage when you consent to analytics cookies.
  • Detect abuse, fraud, and violations of our Acceptable Use Policy.
  • Comply with law and protect our rights, users, and the public.

AI and third-party processors

To generate lessons and related media, we send prompts and content to AI providers. Today this includes OpenAI (text, image, speech, and realtime conversation features). We may add or change providers over time.

We also use service providers for hosting and databases (Supabase), payments (Stripe), email (Resend), and analytics/advertising measurement (Google Analytics and Meta Pixel, where enabled and consented).

These providers process data on our instructions and under their own terms and privacy policies. Do not submit personal data about students in prompts unless you have a lawful basis and appropriate safeguards.

Cookies and analytics

We use essential cookies for authentication and security. Optional analytics and marketing cookies (Google Analytics and Meta Pixel) are used only after you accept our cookie banner, where required by law.

See our Cookie Policy for details and your choices.

When we share information

  • With service providers that help us run the Service (under confidentiality and data-processing terms).
  • With other teachers or students as directed by you (for example, published lesson links, Explore listings, or student lesson access).
  • With authorities or third parties when required by law, to protect rights and safety, or in connection with a merger or acquisition.
  • We do not sell your personal information.

Data retention

We retain account and lesson data while your account is active and as needed to provide the Service. If you delete your account, we delete or anonymize associated data within a reasonable period, except where we must retain records for legal, security, or billing purposes.

Backup copies may persist for a limited time. Aggregated or de-identified analytics may be kept longer.

Your privacy rights

Depending on where you live, you may have rights to access, correct, delete, or export your personal information, to object to or restrict certain processing, and to withdraw consent for optional cookies.

GDPR (EEA / UK)

If GDPR applies, our lawful bases typically include contract (providing the Service), legitimate interests (security, improvement, fraud prevention), and consent (analytics cookies). You may lodge a complaint with your supervisory authority.

PIPEDA (Canada)

Canadian users may contact us to access or challenge our handling of personal information. We will respond within timeframes required by applicable law.

CCPA / CPRA (California)

California residents may request access, deletion, and correction, and may opt out of certain sharing. We do not sell personal information as defined by the CCPA.

To exercise rights, email privacy@lesso.me. We may verify your identity before responding.

Children and students

Teachers are responsible for obtaining any required parental or school consent before inviting students, especially minors. Students should use the email or access method provided by their teacher.

Security

We use administrative, technical, and organizational measures appropriate to the nature of the data we process. No method of transmission or storage is completely secure.

International transfers

We and our providers may process data in Canada, the United States, and other countries. Where required, we rely on appropriate safeguards for cross-border transfers.

Changes

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the “Last updated” date. Material changes may be communicated by email or in-product notice.

Contact

Questions about privacy: privacy@lesso.me. General legal inquiries: legal@lesso.me.

← All legal documents