Privacy Policy
Day Canvas Privacy Policy
Last updated: May 6, 2026
ChronoCode (the "Operator") respects your privacy and describes how we process personal data below.
1. Data We Process Account/Auth: email, user ID, session tokens; Google sign-in identifiers if used. Profile (optional): display name, job/company, theme and calendar preferences. Service data: events, diary text, moods, stickers, photos/images and metadata, media library items, location where you provide it or EXIF permits. Technical logs: IP, user agent, device/app version, error logs. Analytics: Google Analytics 4 when configured (cookies or similar identifiers). AI: text prompts and limited context needed to fulfill AI diary/letter features. Billing: we generally do not store full card numbers; we may store subscription state, plan, expiration, and transaction/subscription references. Apple handles many payment details for IAP. Notifications: DayCanvas uses **mobile app push** (e.g., Expo push token) for calendar, digest, and reminder-style alerts, plus optional **promotional** and **product/operations** push channels (separate opt-ins, default off). On the web, browser notifications may be used in limited cases (e.g., AI letter ready) when you allow them; web does not replace mobile push.
2. Purposes Provide and maintain the Service; sync and display your content; run AI features you request; secure the Service and prevent abuse; analytics; customer support; reflect paid status and coupons; comply with law. If you opt in, we may send occasional messages by **app push** per channel (promotions vs. product/operations news); withdraw anytime in the app or web notification settings.
3. Retention We delete or anonymize data when no longer needed, except where law requires retention. Backups/logs may be kept for limited periods.
4. Sharing We do not sell your personal data. We may disclose information if required by law or with your consent.
5. Processors and International Transfers Examples (may change): Supabase (auth, database, storage—region per project settings); Google (sign-in, optional Calendar integration, Generative AI APIs); Apple (IAP verification). Where data is transferred abroad, we apply appropriate safeguards as required by law.
6. Your Rights You may request access, correction, deletion, or restriction by emailing zmimi40@gmail.com. You may withdraw each optional channel in the app (Settings → Notifications) or via the web settings screen; we will not use withdrawn consent for that purpose afterward.
7. Security We apply reasonable technical and organizational measures including access control and encryption where appropriate.
8. Cookies We may use cookies for login, security, and analytics. You can control cookies in your browser; some features may not work without essential cookies.
9. Automated Decisions We may apply rule-based protections against abuse. Where law requires explanations or human review for automated decisions, we will provide applicable procedures.
10. Children The Service is not directed to children under 14. If we learn we collected a child’s data without proper authority, we will delete it.
11. Privacy Contact Hyukjun Lim, Operator representative — zmimi40@gmail.com (ChronoCode)
12. Changes We may update this Policy and will post the new effective date in the Service.
13. Business Information - Trade Name: ChronoCode (크로노코드) - Representative: Hyukjun Lim (임혁준) - Business Registration No.: 352-17-02611 - Address: 314, Gwanggyo Jungang-ro, Suji-gu, Yongin-si, Gyeonggi-do, Republic of Korea, 739 - Phone: +82-70-7578-0024 - Email: zmimi40@gmail.com - Mail-Order Sales License: Exempt (Simplified Taxpayer, per Enforcement Decree of the Act on the Consumer Protection in Electronic Commerce, etc., Article 5)