Privacy Policy
Last updated: April 2026
What Lyngo does
Lyngo connects to your GitHub repositories, scans source code for hardcoded strings, replaces them with internationalization calls, translates them into your target languages, and opens pull requests with the changes. To do this, we process some of your data.
Account data
When you sign in via WorkOS (Google, GitHub, or email), we store your name, email address, and avatar. This is used to identify your account and display your profile.
Repository access
Lyngo connects to GitHub via a GitHub App installation. We read your repository file tree, source files, and branch information to perform scans. We write to your repository only to create branches and pull requests with localization changes. We do not store your full source code β only the extracted string literals and their surrounding context are kept for processing.
What we send to AI providers
During a scan, extracted string literals from your code (e.g. button labels, error messages, headings) are sent to an AI provider to determine which strings are user-facing and should be translated. The AI receives:
- The string value itself
- Surrounding code context (variable names, method names, class names)
- File path and code patterns
Strings are sent to OpenRouter, which routes them to a model (currently Claude Haiku 4.5) for classification β i.e. deciding which strings are user-facing. We do not send full source files β only extracted string contexts.
What we send to translation services
Strings confirmed as user-facing are sent to OpenRouter (currently Gemini 2.5 Flash Lite) to be translated into your target languages. Only the UI strings (with optional project context for tone and glossary) are sent β no code, no file paths, no metadata.
Data stored on our servers
- Your account info (name, email, avatar)
- Project metadata (repo name, branch, language settings)
- Extracted translation keys and their translations
- Scan history (timestamps, string counts, status)
- API usage logs (token/character counts per provider β no content)
Data stored in your browser
- lyngo_activities \u2014 tracks active scans/translations so they survive page refreshes. Auto-deleted after 4 hours.
- appearance \u2014 your theme preference (light/dark/system).
- cookie-consent \u2014 whether you accepted or denied cookies.
- sidebar_state \u2014 whether the sidebar is open or collapsed.
- A session cookie for authentication (expires after 2 hours of inactivity).
Analytics
We use PostHog (EU servers) for basic product analytics. We track two events: when someone subscribes from the landing page (email + IP) and when a new account is created (user ID only). No page tracking, no session replays, no third-party ad trackers.
Cloudflare Turnstile
The landing page subscription form uses Cloudflare Turnstile to prevent spam. This sends your IP address and browser signals to Cloudflare for verification. No CAPTCHA is shown β it runs invisibly.
Data retention
- Server logs: 14 days
- Sessions: cleared after 2 hours of inactivity
- Scan data and translations: kept as long as your project exists
- Account data: kept until you delete your account
Your rights
You can delete your projects and their associated data at any time from the dashboard. To delete your account entirely, contact us. We do not sell your data to anyone.
Contact
Questions about your data? Reach out at privacy@lyngo.app