Privacy Policy

1. Information We Collect

1.1 Account Information

• Name or nickname • Profile photo • Bio/self-introduction • Gender • Date of birth (for age verification and service improvement) • Occupation • MBTI personality type • Interest/hobby tags • Area (prefecture/city)

1.2 Plan Information

• Content of created Plans (title, description, date/time, location, etc.) • Location information when creating Plans (including latitude/longitude) • Plans you applied to join • Approval/rejection history

1.3 Community Information

• Communities created or joined • Location information when creating Communities (including latitude/longitude) • Posts in Communities (Hitokoto, etc.) and images • Replies • Emoji reactions

1.4 Chat Information

• Message content in group chats (including text and images) • Message timestamps

1.5 Profile View History (Footprints)

• History of viewing other users' profiles * Note: Profile view history is notified to the viewed user

1.6 Device Information

• Push notification token • Device platform information • App version • Device language settings • Time zone

1.7 Usage Information

• Last active timestamp • Online status, presence state, avatar position, mood, and typing state in Plaza or similar features • Error logs and crash reports

1.8 Report and Inquiry Information

• Content of reports submitted about other users • History of inquiries made to the Operator

2. Purpose of Use

We use collected information for the following purposes: • Providing, operating, and maintaining the Service • User authentication • Providing Plan discovery features • Sending push notifications • Enabling communication between users • Providing customer support • Improving the Service and developing new features • Analyzing usage patterns • Detecting and preventing fraudulent use • Responding to Terms of Service violations • Complying with legal requirements

3. Information Storage

Collected information is stored in: • User's device (AsyncStorage) • Cloud servers • Third-party service servers (described below) We implement appropriate security measures to protect this information.

4. Information Sharing

4.1 Sharing with Other Users

The following information may be shared with other users depending on the Service design, participation status, and information you choose to provide: • Profile information (name, photo, bio, gender, age, etc.) • Area information (based on privacy settings) • Interest/hobby tags • Plans you created • Plan participants can view basic information of other participants • Messages in group chats • Online status, presence state, avatar display, mood, and short status messages in Plaza or similar features • Community posts (Hitokoto, etc.), replies, and emoji reactions • Profile view history (footprints): When you view another user's profile, that user will be notified

4.2 Sharing with Third-Party Services

The Service uses the following third-party services and shares information as necessary: • Backend and authentication (Supabase) • Authentication service (Apple Sign In) • Push notification service (Expo Push Notifications) • Error monitoring (Sentry) • Location search and map-related services (Apple MapKit, Google Places API) • Website delivery and display-related services (Vercel, Google Fonts, Apple Media Services) These third-party services handle information according to their own privacy policies.

4.3 Legal Requests

We may disclose personal information in accordance with law when: • Required by court order • Required by legal disclosure requests • Necessary to protect life, body, or property

5. Information Protection

We implement the following measures to protect personal information: • Encrypted communications (HTTPS/TLS) • Access restrictions • Regular security reviews However, we cannot guarantee complete security for communications over the internet.

6. User Rights

6.1 Right of Access

Users can view their profile information, Plan information, and chat history within the Service.

6.2 Right to Rectification

Users can edit and update their information within the Service. Please correct any inaccurate information promptly.

6.3 Right to Deletion

Users can request account deletion through the Service settings. Active account data such as profile information, participation records, created Plans, community-related records, and footprints will become subject to deletion. However, the following may not be erased immediately or completely: • Chat messages and other communication records, which may remain after sender identifiers are removed or anonymized • Information retained as required by law • Logs reasonably necessary for security, fraud prevention, or abuse response • Backup or disaster recovery data

6.4 Right to Control

Users can change notification settings, profile display items, location display granularity, and other settings to the extent those controls are currently offered in the Service. Some online or presence-based displays depend on use of particular features and may not be individually hidden in all cases.

7. Cookies and Tracking

The Service may use local storage, cookies, or similar technologies for session management, saving settings, error monitoring, and normal website delivery. At this time, the app does not implement a third-party advertising tracking SDK for persistent ad tracking.

8. Children's Privacy

The Service prohibits use by individuals under 15 years of age. If we unintentionally collect information from someone under 15, we will promptly delete it. Users aged 15 to 17 must obtain parental consent before using the Service. Parental consent is confirmed during account registration.

9. Data Retention Period

We retain various data using the following general guidelines: • Account information: Until account deletion • Plan information: The active state ends after the scheduled end time, but history and related records may remain until account deletion, operational cleanup, or feature retirement • Chat messages: Chats may be closed when an associated Plan ends, but message records may remain until deletion or anonymization • Community feed posts: Non-pinned feed posts may be automatically deleted after about 30 days • Hitokoto, replies, reactions, and other community records: May remain until account deletion, operational cleanup, or related feature cleanup • Profile view history (footprints): 30 days • Error logs: Up to 90 days • Fraud prevention logs: Up to 1 year Deleted data may remain in backups or recovery systems for up to about 30 days before complete removal.

10. International Data Transfer

We store information on cloud servers. Depending on the processing locations of our service providers, information may be transferred to or stored outside Japan or your country of residence.

11. Policy Changes

We may update this Policy from time to time. We will notify users through the Service of any significant changes. Updated policies become effective when posted on the Service.

12. Contact

For questions about this Policy or requests to access, correct, or delete personal information, please contact: Email: locon.cs@gmail.com Languages: Japanese, English

13. EEA and UK Users (GDPR)

For users in the EEA and the UK, we provide the following additional information under applicable law: 1. Main legal bases: • Performance of a contract: providing the Service, account management, chat, and community features • Consent: push notifications, location access, and other device-permission-based processing • Legitimate interests: security, fraud prevention, service improvement, and support operations 2. Data transfers: Your data may be transferred to Japan or to countries where our service providers operate. Where required by applicable law, we rely on a lawful transfer mechanism or appropriate safeguards. 3. Rights: You may have rights such as access, correction, deletion, restriction, objection, or portability under applicable law. Requests can be sent to the contact address below and will be handled subject to identity verification and applicable law.

14. California Residents (CCPA/CPRA)

For California residents, we provide the following additional information under applicable law: 1. Selling/Sharing: Under the current implementation of the Service, we do not sell personal information or share it for cross-context behavioral advertising. 2. Categories of information collected: Identifiers, profile information, usage information, location information, user-generated content, and device or notification-related information. 3. Rights requests: Requests for access, correction, or deletion can be submitted using the contact address below, subject to identity verification and applicable law.