Lyrio

Privacy Policy

‘Lyrio’ (hereinafter, the ‘Service’) establishes and discloses this Privacy Policy to protect users’ personal information and to handle related grievances promptly and smoothly.

Article 1 (Purpose of Processing Personal Information)

The Service processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and if the purpose of use is changed, necessary measures such as obtaining separate consent will be implemented.

  1. Membership Registration and Management: Identification of the user through SNS linkage (Google, Apple, etc.), confirmation of intent to register, prevention of fraudulent use of the Service.
  2. Service Provision: Timeline sharing (server storage), provision of personal backup and recovery services.
  3. Marketing and Advertising: Provision of rewarded advertisements and ad targeting, analysis of Service usage statistics.
  4. Community Activities: Disclosure and sharing of content created by the user through Community (Lounge, Box) features to other users.

Article 2 (Items of Personal Information Processed)

The Service may collect the following information with the user’s consent.

Local-First Storage Principle: The user’s timeline data and quiz records are primarily stored in the device’s local storage. They are only transmitted to and stored on the server when the user activates the server synchronization function or posts to the community.

  1. Upon SNS Login: Email address, nickname, profile picture, unique identifier (ID) assigned by the SNS service provider.
  2. Automatically Collected during Service Use: Device information (model name, OS version), Service usage records, advertising identifier (ADID/IDFA), IP address.
  3. User-Generated Data (Server Storage): Timeline content (event title, summary, characters, etc.) that the user shares or backs up to the server.
  4. AI Feature-Related Data: Natural language text (questions or requests) entered by the user during AI registration.
  5. Quiz and Learning Records: History of solving AI quizzes and general quizzes (for providing learning statistics).
  6. Payment and Subscription Information: Payment status information when using a subscription (Basic/Pro). (Actual payments are processed through Apple/Google’s systems.)
  7. Optional Device Access Permission Information: Access record to the photo library selected by the user for profile settings. (The app does not access files other than the selected photos.)

Article 3 (Processing and Retention Period of Personal Information)

  1. The Service processes and retains personal information within the period of retention and use agreed upon by the user at the time of collection.
  2. Retention Period: Until the user withdraws from membership. However, if an investigation or inquiry related to a violation of relevant laws and regulations is in progress, retention shall continue until the investigation or inquiry is completed.
  3. Long-term Non-users: Information of members who have not used the Service for one year may be separately stored, managed, or destroyed.

Article 4 (Provision of Personal Information to Third Parties and Outsourcing)

The Service, in principle, does not provide users’ personal information to third parties. However, exceptions are made in the following cases:

  1. Where the user has consented in advance to the provision and disclosure to third parties.
  2. Where required by law, or where requested by investigative agencies according to procedures and methods prescribed by law for investigation purposes.
  3. Notice on the Use of Generative AI Services: The Service may transmit and process text or timeline data entered by the user to external AI services (such as Google Gemini) to provide AI functions (Smart Fill, AI Registration, AI Quiz, etc.). The transmitted data is not used for training the AI model and is processed solely for the purpose of performing the functions.
  4. Outsourcing: To provide the Service smoothly, the following tasks may be outsourced to external companies:
    • Google (Firebase/AdMob/Gemini AI): App usage analysis, advertisement provision, and Generative AI function processing.
    • Supabase: Provision of server (Database, Auth, Storage) and data management for Service operation.
    • Apple: SNS login, iCloud backup/synchronization (if used), and in-app payment processing.

Article 5 (Procedure and Method of Personal Information Destruction)

  1. When personal information becomes unnecessary due to the expiration of the retention period or achievement of the purpose of processing, the Service shall destroy the personal information without delay.
  2. Information in the form of electronic files shall be deleted using technical methods that prevent the reproduction of records.

Article 6 (Rights and Obligations of Users and Method of Exercise)

  1. Users may, at any time, view or correct their registered personal information or request withdrawal from membership.
  2. Local data stored on the device, such as quiz records, can be directly destroyed by the user through in-app settings or by deleting the app. The Service stipulates that users have control (self-determination right) over their local data.

Article 7 (Measures to Ensure the Safety of Personal Information)

The Service takes the following measures to ensure the safety of personal information:

  1. Technical Countermeasures against Hacking, etc.: Encryption of personal information and use of secure communication.
  2. Restriction of Access to Personal Information: Management and restriction of server access rights.

Article 8 (Chief Privacy Officer)

The Service is responsible for overseeing personal information processing operations and designates the following Chief Privacy Officer for handling user complaints and damage relief:

Article 9 (Changes to the Privacy Policy)

This Privacy Policy is effective from the date of implementation, and in the event of addition, deletion, or correction of content due to laws and policies, the changes will be notified through the announcement board 7 days prior to the enforcement date of the changes.