PadoSori ("Company", "Service") values your privacy. This Policy explains what we collect, how we use it, and how we protect it. Effective December 1, 2025.
1. Information We Collect
A. Information you provide
- Identifiers: email address, hashed password, nickname
- Date of birth: used for recommendations and to prevent under-13 access
- User content: profile photo, posts, comments, uploaded media
- Social login: Google account email and public profile information (if you choose)
- We do not collect gender.
B. Automatically collected
- Internet activity: IP address, device information, app usage records, access logs
- Cookies and tracking technologies: used for functionality improvements and analytics
We do not collect sensitive or financial information.
2. How We Use Information
- Account creation and login authentication
- Provide the Service, recommendations, and personalization
- Community/social features
- Security hardening and abuse prevention
- Service improvements and usage analytics
- Customer support
3. Sharing
We do not sell personal information or share it for monetary consideration. If we ever change this in the future, we will update this Privacy Policy and, where required by law, provide you with notice or obtain your consent. We use the following processors to operate the Service:
| Processor | Purpose | Location |
|---|
| Supabase Pte. Ltd. | Database hosting, authentication | Singapore |
| Google Cloud | Social login, analytics | Global |
| Cloudflare, Inc. | CDN, security, performance | Global |
These providers process personal data under our instructions.
4. Your Rights (U.S. state privacy laws)
- Access your data
- Request deletion
- Request correction of inaccurate data
- Opt out of sharing (we do not sell or share)
Submit requests at dev@padosori.io.
5. Retention
We retain data for as long as needed for operations and legal requirements. Upon account deletion, we delete data within a reasonable time.
6. Children's Privacy
The Service is not directed to children under 13.
7. Security
- Password and key data encryption
- Least-privilege access controls
- External intrusion prevention
8. International Transfers
Data may be transferred to servers in Singapore and the United States; appropriate safeguards apply.
9. Regional Specific Provisions
A. Canada (PIPEDA)
- Privacy Officer: The solo developer acts as the Privacy Officer. Contact: dev@padosori.io.
- Consent: By using the Service, you imply consent to the collection and use of your data as described. You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice.
- Quebec Residents: Please note that this Service and its policies are currently available primarily in English.
B. Australia (Privacy Act 1988)
- Overseas Disclosure: Your personal information may be disclosed to recipients located outside Australia (e.g., USA, Singapore) for hosting and processing.
- Complaints: If you believe we have breached the Australian Privacy Principles, please contact us. If our response is unsatisfactory, you may contact the Office of the Australian Information Commissioner (OAIC).
C. Japan (APPI)
- Business Operator: PadoSori Solo Developer. Contact: dev@padosori.io.
- Joint Use/Third Party: We do not share your data with third parties without your consent, except for outsourced processing (e.g., cloud hosting) or as required by law.
- International Transfer: Your data is stored on servers in the United States and Singapore. By using the Service, you consent to this transfer. These countries may have different data protection laws than Japan.
10. Changes
We will notify you within the Service when this Policy changes.
11. Contact
12. Governing Law and Disputes
This Privacy Policy is intended to explain how we handle personal information and does not create any contractual rights. The governing law and dispute resolution terms that apply to your use of PadoSori are described in our Terms of Service. In the event of any conflict between this Privacy Policy and the Terms of Service, the Terms of Service will control.