Privacy Policy

1. Information we collect

We collect account information such as email address, authentication identifiers, profile name, avatar, language, and user tier; content and metadata you provide such as photos, videos, captions, tags, content dates, group selections, and optional location; and technical data such as device identifiers for push notifications, app version, platform, IP address, logs, crash reports, analytics events, and subscription entitlement information.

When you select media, the app may read file metadata such as creation date and embedded GPS information to help prefill optional fields. On-device image labeling and translation may generate descriptive keywords about your media (such as general objects or scenes); these keywords are stored as searchable metadata linked to that media so you can search and organize your own content later. Face detection runs on your device and stores only normalized face position (bounding-box coordinates) as content metadata for layout and framing; it does not include facial feature data such as face templates or embeddings, and is not used to identify or recognize specific individuals.

2. How we use information

We use information to create and authenticate accounts, provide media upload and playback, generate thumbnails and previews, enforce plan limits, sync content across devices, show content according to visibility settings, enable content search and organization, process subscriptions, send service notifications, respond to inquiries, improve reliability and security, detect abuse, and comply with legal obligations.

3. Sharing and processors

We do not sell personal information. We share information only as needed to operate the Service, follow your visibility choices, comply with law, or protect rights and safety.

Service providers may process information for authentication, database hosting, media storage, image/video delivery, push notifications, analytics, crash reporting, subscriptions, maps, email delivery, and customer support. Current infrastructure may include Supabase, Cloudflare, Firebase/Google services, RevenueCat, Sentry, Apple, Google Play, and App Store systems, depending on platform and feature use.

4. Content visibility

Photos, videos, captions, tags, dates, location names, and related metadata may be visible to users who have access under the visibility scope you choose, such as selected group members or private access rules. Removing a member from a group or changing a post may affect future access, but previously viewed, cached, or saved information may not be fully recoverable.

5. Location data

Location is optional. You may add a location manually, use device location permission, or allow the app to read embedded GPS metadata from selected media. Location may include coordinates, place names, and map display data. See the Location-Based Services Terms for details.

6. Notifications

If you allow push notifications, we store device tokens and platform information to deliver service messages such as friend requests, shared post notices, account notices, and other app-related alerts.

7. Retention and deletion

We retain information while your account is active and as needed for the purposes described in this policy. You can delete posts or request account deletion in the app. Account deletion requests hide content where technically supported and schedule permanent deletion after the grace period shown in the app, unless you cancel within that period.

Some information may remain for a limited time in backups, logs, security records, payment records, or legal compliance records. Store purchase history may be retained by Apple, Google, or subscription processors under their own policies.

8. Your rights

Subject to applicable law, you may request access, correction, deletion, portability, restriction, objection, or withdrawal of consent. You may also manage device permissions, notification permissions, and subscription settings through your device or store account.

9. Security

We use technical and organizational measures such as authentication, access control, row-level permissions where applicable, encrypted transport, token-based access, and operational monitoring. No system is perfectly secure, so you should protect your account credentials and device access.

10. International processing

The Service and its providers may process and store information in countries other than where you live, including the United States. Infrastructure and processors such as Supabase, Cloudflare, Google/Firebase, RevenueCat, and Sentry are located primarily in the United States. The transferred information may include the account, content, and technical data described in this policy, processed for the purposes and retention periods stated herein. We take steps intended to protect information according to applicable requirements.

11. Children

The Service is intended for users aged 14 and older. We do not knowingly collect personal information from children under 14, or under the minimum age of digital consent in their jurisdiction (for example, 13 under the U.S. Children’s Online Privacy Protection Act), without verifiable consent from a parent or legal guardian.

If we learn that we have collected personal information from a child below the applicable age without the required consent, we will delete it without undue delay. If you believe a child has provided personal information, contact us using the details below.

12. Chief Privacy Officer & Contact

To secure your privacy and resolve any concerns or complaints, we maintain a Chief Privacy Officer (CPO) and support team:

■ Chief Privacy Officer (CPO) - Name / Role: Song-yi Han / Director - Address: Okjeong-ro 7-gil, Yangju-si, Gyeonggi-do, Republic of Korea - Phone: +82-10-2479-3204 - Email: support@turnpoint-labs.com

■ Service General Support - Email: support@turnpoint-labs.com