Privacy Policy

This Privacy Policy (hereinafter "this Policy") defines the handling of personal information and user-related information in "MAISON.DOG" (app and related websites, hereinafter "this Service") provided by our company.

1. Information We Collect

We collect the following information to the extent necessary:

• Contact Information (Optional)
  • Email address, phone number
• Account Identifiers & Profile
  • User ID, username, display name, profile image URL, background image URL, etc.
• Device Identification (Notifications)
  • Push notification device tokens
• Purchase & Billing Information
  • Product ID, transaction ID, purchase history, credit balance
• User Generated Content (UGC)
  • Images, videos, posts, attachments, metadata
• Inquiries & Support
  • Inquiry content, attachments, support history
• Technical Information & Logs
  • Authentication, operation, error logs (may include timestamps, IP addresses, etc.)
• Device Photo Library Access Information
  • iOS permission status for image saving (Add Only)

Note:

• We do not use advertising identifiers (IDFA).

Regarding Location Information (with user permission)

• We may obtain current location based on "While Using App" permission. The obtained latitude and longitude are temporarily sent to and processed by the server for regional estimation (prefecture, etc.), but the coordinates themselves are not stored. Only the derived country/region ID and update timestamp are stored.
• Location information selected by users for event creation or location tagging in posts (including addresses, facility names, and sometimes latitude/longitude) may be stored for feature provision.

2. Collection Methods

• Direct provision from users (registration, profile editing, posting, inquiries, etc.)
• Automatic collection (push notification tokens, authentication/operation/error logs, etc.)
• Collection from linked services (Apple purchase verification information, etc.)

3. Purpose of Use

• Provision, maintenance, and improvement of this service (account management, profile display, posting/messaging features, etc.)
• Purchase processing and billing management (App Store transaction verification, credit addition/balance management)
• Notification delivery (push notifications for activities and updates)
• Security assurance and fraud prevention (access control, audit logs, vulnerability response)
• Inquiry response and quality improvement
• Legal compliance and dispute resolution

4. Access to Device Photos/Media

• We use iOS photo library permission as "Add Only."
• We do not view, edit, or delete existing photos on the device. We only use this permission to save images generated or obtained through user operations to the library.
• We only load, display, and upload images explicitly selected by users (e.g., avatars, backgrounds). We do not automatically scan or collect from the photo library.
• Saving is performed for the purpose of storing images generated by the app to the photo library.

5. Information Regarding External Transmission (SDK/External API)

We may transmit information to external services for the following purposes. We only transmit the minimum necessary information and implement appropriate security measures.

• Notification delivery: Send device tokens, etc. to APNs (Apple Push Notification service)
• Purchase verification: Send transaction information to Apple's App Store API
• Regional estimation: Only when location permission is granted, temporarily send device latitude/longitude to server to estimate region (prefecture, etc.). Coordinates are not stored; only derived region IDs are stored.
• Cloud infrastructure: Store and process data with cloud service providers selected by our company (regions are mainly Japan or nearby areas). Specific vendor names are not individually listed in this policy.

6. Third-Party Provision, Outsourcing, and Joint Use

• Third-party provision: We do not provide to third parties except when required by law, when necessary to protect life or property, or when user consent is obtained.
• Outsourcing: We may outsource operations within necessary scope for infrastructure operation, notification delivery, purchase verification, etc. We require appropriate security measures from contractors and supervise them.
• Joint use: Not currently planned.

7. International Transfer

• Data is primarily handled in data centers in Japan or nearby regions. When transferred abroad for CDN or backup purposes, it is appropriately protected based on applicable laws.

8. Retention Period (Example Policy)

We set specific retention periods as much as possible and promptly delete information that is no longer needed.

• Account & Profile: Until account deletion (complete deletion from backup within 90 days)
• UGC: Until user deletion (reflection in cache/backup within 90 days)
• Purchase information: 7 years in principle based on accounting/tax requirements
• Authentication/operation logs: 12 months in principle (may be extended for security purposes)
• Inquiries: 24 months in principle from completion of response
• Push tokens: Invalidated and deleted within 12 months in principle from last use

[Note] We review based on actual operational requirements and legal changes. When specific periods are difficult to determine, we apply the principle of minimum necessary and shortest period.

9. User Rights and Exercise Procedures

• Rights: You can request disclosure, correction, addition, deletion, suspension of use, suspension of third-party provision, etc.
• Application window: Please contact the contact information at the end of this policy.
• Identity verification: Please cooperate with reasonable identity verification procedures.
• Response deadline: We respond sincerely within 30 days in principle (we notify reasons and prospects when delays are unavoidable).

10. Security Measures

• We implement physical, technical, and organizational security measures (encryption during communication/storage, minimization of access rights, audit logs, internal regulations, etc.).
• We also require appropriate management from external services and contractors and review regularly.

11. Response to Data Breaches

• Implementation of incident containment, impact assessment, and recurrence prevention measures
• Notification to users and relevant authorities: When legally required or when significant impact is anticipated, we notify promptly through appropriate means.
• Record preservation: We record and preserve the course of incidents and response content.

12. Personal Information of Minors

• This service is only for users 17 years and older; minors (under 18) cannot use it. We comply with App Store age rating (17+).
• If we discover that we have obtained personal information of minors, we will promptly delete it or take other necessary measures.
• When parents or legal guardians request deletion or suspension, we respond appropriately.

13. Consent, Settings, and Opt-out

• Notification reception can be changed in device settings.
• Photo library permission (Add Only) can be changed anytime in device settings.
• Location permission (While Using App) can be changed anytime in device settings.

14. Policy Revision

• We revise this policy according to operational and legal changes. We notify users through the app and website when there are important changes.

15. Company Information & Contact

• Company Name: WARREN Inc.
• Address: 2F-C, Shibuya Dogenzaka Tokyu Building, 1-10-8 Dogenzaka, Shibuya-ku, Tokyo 150-0043
• Representative:
• Contact (Inquiry): https://www.maison.dog/contact_en.html