Privacy Policy

Day Canvas Privacy Policy

Last updated: April 24, 2026

ChronoCode (the "Operator") respects your privacy and describes how we process personal data below.

1. Data We Process Account/Auth: email, user ID, session tokens; Google sign-in identifiers if used. Profile (optional): display name, job/company, theme and calendar preferences. Service data: events, diary text, moods, stickers, photos/images and metadata, media library items, location where you provide it or EXIF permits. Technical logs: IP, user agent, device/app version, error logs. Analytics: Google Analytics 4 when configured (cookies or similar identifiers). AI: text prompts and limited context needed to fulfill AI diary/letter features. Billing: we generally do not store full card numbers; we may store subscription state, plan, expiration, and transaction/subscription references. Apple handles many payment details for IAP.

2. Purposes Provide and maintain the Service; sync and display your content; run AI features you request; secure the Service and prevent abuse; analytics; customer support; reflect paid status and coupons; comply with law.

3. Retention We delete or anonymize data when no longer needed, except where law requires retention. Backups/logs may be kept for limited periods.

4. Sharing We do not sell your personal data. We may disclose information if required by law or with your consent.

5. Processors and International Transfers Examples (may change): Supabase (auth, database, storage—region per project settings); Google (sign-in, optional Calendar integration, Generative AI APIs); Apple (IAP verification). Where data is transferred abroad, we apply appropriate safeguards as required by law.

6. Your Rights You may request access, correction, deletion, or restriction by emailing zmimi40@gmail.com.

7. Security We apply reasonable technical and organizational measures including access control and encryption where appropriate.

8. Cookies We may use cookies for login, security, and analytics. You can control cookies in your browser; some features may not work without essential cookies.

9. Automated Decisions We may apply rule-based protections against abuse. Where law requires explanations or human review for automated decisions, we will provide applicable procedures.

10. Children The Service is not directed to children under 14. If we learn we collected a child’s data without proper authority, we will delete it.

11. Privacy Contact Hyukjun Lim, Operator representative — zmimi40@gmail.com (ChronoCode)

12. Changes We may update this Policy and will post the new effective date in the Service.