KORENANI Privacy Policy

1. Introduction

KORENANI ('Service') provider (referred to as 'we,' 'us,' or 'our') respects the privacy of our customers ('you' or 'User') and recognizes the importance of properly protecting personal information.

This Privacy Policy explains the types of information we collect from users, how we use it, and how we protect it. Please read this carefully before using the Service.

2. Information We Collect

2.1 Information You Provide Directly

Account Information

• Parent/guardian email address
• Password (stored encrypted)
• Display name
• Billing information (processed through App Store, not directly held by us)

Child Profile Information

• Child's nickname (real name not required)
• Age or date of birth
• Avatar image (optional)
• UI mode setting (Simple/Standard/Advanced)

Learning Data

• Uploaded images
• Image recognition results (GENERAL, INSECT, PLANT modes)
• Manual annotations (user-added names and notes)
• Multilingual album information (album names in up to 9 languages)
• Learning history (dates, frequency, etc.)
• Achievement & gamification data (experience points, levels, daily streaks, unlocked achievements)
• Public data usage history (records of browsed and copied public items and albums)

2.2 Information Collected Automatically

Device Information

• Device identifier (e.g., IDFV; we do not collect IDFA)
• Device type and model
• OS version
• App version
• Language settings
• Time zone

Usage Data

• App usage frequency and duration
• Feature usage (GENERAL/INSECT/PLANT Recognition, manual annotations, 9-language audio playback, etc.)
• Achievement unlock patterns and learning streak continuity
• Album creation and organization activities, public data usage
• Performance data

Location Information

• The Service does not collect location information

2.3 Information from Third-Party Services

• Authentication information from social login (when implemented)
• Payment information (via App Store)

3. How We Use Information

We use collected information for the following purposes:

3.1 Service Provision and Improvement

• Account creation and management (up to 4 child profiles)
• Providing image recognition and 9-language voice playback features
• Saving and syncing learning data (all plans)
• Providing multilingual album features
• Providing achievement & gamification features (experience points, levels, streak management)
• Providing public data features (browsing and copying other users' content)
• Providing detailed explanations for recognized objects (Premium plan)
• Service improvement and new feature development

3.2 Communication

• Important service announcements
• Technical issue notifications
• Customer support
• New feature and update notifications (opt-in)

3.3 Analysis and Research

• Service improvement through usage analysis
• Machine learning model accuracy improvement (images used anonymously)
• Statistical analysis using aggregated data

3.4 Legal Compliance

• Compliance with laws and regulations
• Enforcement of Terms of Service
• Protection of legal rights

4. Information Sharing and Disclosure

4.1 Third-Party Sharing

We do not share personal information with third parties except in the following cases:

• With user consent
• Legal requirements
• Service providers necessary for operations (see below)
• Business transfers

4.2 Service Providers

We use the following third-party services:

• Supabase: Database, authentication, storage
• RevenueCat: Payment management
• Google Gemini 2.0 Flash API: General object image recognition (GENERAL Recognition)
• Kindwise Kindwise API: Specialized plant recognition (PLANT mode)
• Kindwise Insect Recognition API: Specialized insect recognition (INSECT mode)
• CDN/Hosting: Content delivery

These service providers access information only as necessary for Service operations and handle information according to their own privacy policies. To provide image recognition features, uploaded images or derived data may be sent to the above recognition APIs strictly for recognition purposes only.

4.3 Anonymized Data

Data processed to prevent individual identification may be used or disclosed for research and statistical purposes.

5. Data Storage and Deletion

5.1 Data Storage Location

• Primary data: Japan data centers (via Supabase)
• Cache data: User's device

5.2 Data Retention Period

• Account information: 30 days after account deletion
• Learning data: 1 year from last use
• Image data:
  • Free plan: Device only (no cloud storage)
  • Standard/Premium plan: 30 days after plan cancellation
• Analytics data: 2 years from collection

5.3 Data Deletion

• Users can delete their data anytime from in-app settings
• All related personal data is deleted upon account deletion
• Deletion requests are processed within 30 days, except where legally required

6. Data Security

6.1 Security Measures

We implement the following security measures:

• Data encryption (in transit and at rest)
• Access control (authentication and authorization)
• Regular security audits
• Vulnerability testing
• Employee security training

6.2 Data Breach Response

In the event of a data breach:

• Notification to affected users within 72 hours
• Report to appropriate supervisory authorities
• Investigation and implementation of preventive measures

7. Children's Privacy

7.1 Child Privacy Protection

• The Service is intended for children under 13
• We collect children's personal information only with parental consent
• We do not directly collect personal information from children

7.2 Parental Rights

Parents have the following rights:

• Access to child's personal information
• Request correction or deletion of information
• Request to stop information collection
• Manage child profiles

7.3 COPPA Compliance (US Launch)

When providing services in the US, we comply with the Children's Online Privacy Protection Act (COPPA).

8. User Rights

8.1 Access Rights

• Access to your personal information
• Obtain copies of your data

8.2 Correction Rights

• Request correction of inaccurate information

8.3 Deletion Rights

• Request deletion of personal information (right to be forgotten)

8.4 Data Portability

• Obtain data in machine-readable format

8.5 Processing Restrictions and Objections

• Object to specific processing
• Request temporary suspension of processing

9. Cookies and Tracking

9.1 Cookie Usage

• The app does not use cookies
• Web version (future implementation) will use minimal necessary cookies

9.2 Analytics Tools

• We do not use third-party analytics SDKs
• No analytics data is collected on our servers (Kids Category compliance)

10. International Data Transfers

• The Service primarily processes data within Japan
• Some services (image recognition APIs, etc.) may involve international data transfers
• Appropriate safeguards (standard contractual clauses, etc.) are implemented

11. Privacy Policy Changes

11.1 Change Notifications

• Significant changes will be notified 30 days in advance
• Notification methods: In-app notifications, email

11.2 Consent Through Continued Use

• Continued use after changes constitutes acceptance of the revised policy

12. Contact Information

For privacy-related questions or requests, please contact:

Email: [email protected]

13. Additional Provisions

13.1 California Resident Rights (CCPA)

California residents have additional rights under the CCPA.

13.2 EU Resident Rights (GDPR)

EU residents have additional rights under the GDPR.