Privacy Policy

1. Information We Collect

• Account & Authentication: Email, name (optional), and hashed password (for direct sign-up). When using social login (e.g., Google, Apple, Kakao, Naver, GitHub, Facebook, Twitter), we may receive basic profile data (provider user ID, email, name, avatar) from the provider you choose.
• Usage & Device Data: IP address, timestamps, user-agent, request URLs, referrer, error/diagnostic logs, and general event data for security and debugging.
• Support: Information you voluntarily provide in support requests (e.g., email, message content).
• Payments (if applicable): We use a payment processor. We do not store complete card numbers on our servers. We may receive tokens and basic transaction details from the processor.

2. How We Use Information

• Provide, operate, and maintain the Service (authentication, session management, access control).
• Troubleshoot issues, improve performance, and develop new features.
• Enhance security, detect/prevent fraud and misuse.
• Send essential notices (e.g., service or security updates) and respond to your inquiries.
• Comply with legal obligations and resolve disputes.

3. Cookies & Similar Technologies

We use cookies to keep you signed in, remember preferences, and protect your account. Some cookies are essential for the Service to function. You can manage cookies in your browser settings. Cookie lifetimes may follow your configuration (e.g., SF_COOKIE_EXPIRY_TYPE), such as short/medium/long durations.

4. Data Retention

We retain personal data only as long as necessary for the purposes described above or as required by law. Account data is deleted upon request or account deletion, except where legal retention obligations apply. Operational logs are kept for a limited period for security and auditing.

5. Sharing & Processing

We do not sell your personal information. We may share data with trusted service providers (e.g., hosting, authentication providers you select, email delivery, analytics, payment processors) strictly to operate the Service. These providers are bound by confidentiality and security obligations.

6. International Transfers

Your data may be processed in countries other than your own. When we transfer personal data internationally, we implement appropriate safeguards (e.g., adequacy decisions, standard contractual clauses) where required.

7. Your Rights

Subject to applicable law, you may request access, correction, deletion, restriction, objection to processing, or data portability. To exercise rights, contact us at [contact@email]. We will respond within the timeframes required by law.

8. Security

We implement administrative, technical, and physical safeguards appropriate to the risk, including encrypted transport (HTTPS/TLS), hashed passwords, access controls, and audit logging. No method of transmission or storage is 100% secure; we continually improve our protections.

9. Children’s Privacy

Our Service is not directed to children where parental consent is required by law. We do not knowingly collect personal information from children without verifiable consent. If you believe a child has provided personal data, please contact us to delete it.

10. Marketing & Communications

You can opt out of non-essential communications at any time via unsubscribe links or account settings. Important service or security notices may still be sent.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will post the new version with an updated “Effective Date.” Material changes will be notified in advance when required.

12. Contact Us

For questions or requests regarding this Privacy Policy or our data practices, contact:

• Company: [Company Name]
• Email: [contact@email]
• Address: [Company Address]

See also our Terms of Service.