Privacy Policy
Arasaco ("we", "the company") respects your privacy. This policy explains what information Buddy Run ("the app"), the mobile application operated by the company, collects, how it is used, where it is stored, and how it is protected.
1. Information We Collect or Process
1.1 Information Stored on Your Device
- Lock session data: lock start/end time, duration, success/failure, virtual marathon distance, and user-entered notes. The virtual distance is only a visualization metric. The app does not use GPS, motion sensors, or actual location data.
- Lock schedules: recurring lock plans you create, including name, weekdays, start/end time, and enabled state.
- Allowed and blocked app settings: app names and package names from Android launcher apps are shown so you can choose apps allowed during a lock, selected app lock targets, and app-specific usage limit rules. Allowed app lists, blocked app lists, and app-specific rules are stored on-device and are not transmitted off-device.
- App usage access: Android Usage Stats API is used to detect blocked apps during a lock, apply app-specific usage limit rules, and support strict-mode bypass detection. Raw app usage history is not transmitted off-device.
- App settings: nickname, theme, language, character, hat, shoes, palette, onboarding-completed state, and similar app preferences.
- Buddy Mile and reward data: BM balance, earning/spending history, owned hats, equipped items, and similar in-app reward records.
1.2 Information Processed When You Sign In or Back Up Data
- Google sign-in information: if you choose to sign in with Google, Supabase Auth processes account information required to keep you signed in, such as your Google account identifier, email address, and authentication session.
- Account backup data: if you sign in from the beginning, app usage data may be saved automatically to Supabase. If you first use the app without signing in and later sign in, local data from that device is backed up to Supabase only after you agree to "Back up this device's data".
- Backup consent record: when you back up local data to your account, Supabase may store the consent time and a summary of the backed-up local snapshot.
1.3 Payment and Subscription Information
- Google Play subscription verification data: when you subscribe to Buddy Plus or request subscription restoration, Supabase may store product ID, purchase token, subscription status, auto-renewal state, entitlement expiry time, and purchase-verification responses returned by Google Play.
- Server entitlement records: Buddy Plus activation state, ad-free entitlement, allowed-app limit extension, AI insight entitlement, buddy-change entitlement, and one-time 3000 BM grant state may be stored so the app can apply benefits quickly.
- Periodic subscription verification: to keep subscription status accurate, our server may periodically verify purchase status through the Google Play Developer API and reflect expiration, cancellation, or refund status.
- Payment method information: we do not collect or store card numbers, bank account numbers, payment passwords, or similar payment method details. They are processed by Google Play.
1.4 AI Feature Information
- AI consent record: before you first use AI recommendations or AI insights, we ask for separate consent. Supabase may store the consent time, consent version, locale, and source.
- AI input context: if you consent, recent lock records, stats, lock duration, virtual distance, and saved notes may be processed to generate AI insights, weekly digital detox feedback, activity recommendations for the next lock, and memo-based personalized suggestions.
- AI usage events: to provide AI features and prevent abuse, Supabase may store request type, model name, token counts, input summary, output summary, and creation time.
1.5 Crash, Diagnostics, and Ads
- Crash diagnostics: in release builds, if the app crashes, Firebase Crashlytics may receive crash logs, device/OS information, app version, crash time, and related diagnostic information.
- Advertising identifier and ad interaction data: when in-app ads are shown, Google AdMob may process the advertising identifier, ad impression/click information, device information, and network-related information to provide ads, manage frequency, and prevent abuse.
1.6 Information We Do Not Collect
- Legal name, phone number, address, resident registration number, or other government identifiers
- GPS location or IP-based location tracking information
- Contacts, call logs, or messages
- Microphone, camera, or photo files
- Financial or payment method information
- Health diagnosis, treatment, medical, or similar sensitive health information
2. Purpose of Use
- Provide and maintain the lock-challenge feature
- Show past lock history, notes, and reward records on the stats page
- Trigger scheduled locks at the configured time
- Maintain optional account sign-in through Google
- Provide account backup and future restore support when you agree to sync local data
- Verify Google Play subscription purchases, provide Buddy Plus benefits, check subscription status, and restore subscriptions
- Compare server entitlements with Google Play status periodically and respond to payment errors or abuse
- Provide AI insights, weekly feedback, activity recommendations for the next lock, and memo-based personalized suggestions
- Monitor AI usage, manage costs, prevent abuse, and improve service quality
- Process account-deletion requests, delete account data, and request cancellation of active subscription renewals
- Respond to refund requests, payment disputes, fraudulent payments, or abuse prevention needs
- Diagnose crashes and improve app stability
- Show in-app ads, manage ad frequency, and prevent abuse
3. Storage Location and Retention
The app can be used without signing in. In that case, primary usage data is stored on your device. If you use Google sign-in or agree to back up local data, some data may be stored in Supabase.
| Data | Storage Location | Retention |
|---|---|---|
| Lock session records (time, duration, success, virtual distance, notes) | On-device SQLite / Supabase if you sign in or agree to backup | Until you delete the app or clear data. Supabase data is retained until deletion is requested or the service purpose is fulfilled |
| Lock schedules, allowed/blocked app lists, and app-specific usage limit rules | On-device SQLite | Until you delete the app or clear data |
| App settings (nickname, theme, language, character, hat, etc.) | On-device SharedPreferences / Supabase if you sign in or agree to backup | Until you delete the app or clear data. Supabase data is retained until deletion is requested or the service purpose is fulfilled |
| BM balance, earning/spending history, owned items | On-device SQLite / Supabase if you sign in or agree to backup | Until you delete the app or clear data. Supabase data is retained until deletion is requested or the service purpose is fulfilled |
| Google sign-in account information | Supabase Auth | Until account deletion, disconnection, deletion request, or fulfillment of the service purpose |
| Backup consent record | Supabase | Retained as needed to manage consent records and respond to disputes |
| AI consent and AI usage events | Supabase / OpenRouter API processing | Retained as needed to provide AI features, manage costs, prevent abuse, and respond to disputes. Deleted upon account deletion, except for minimum records that must be retained under applicable law |
| Google Play subscription verification data and Buddy Plus entitlement records | Supabase / Google Play Developer API | Retained as needed to provide subscription benefits, respond to payment disputes, and prevent abuse. Deleted upon account deletion, except for minimum records that must be retained under applicable law |
| Account-deletion processing record | Supabase admin audit log | Retained in minimum scope as needed to confirm deletion processing, respond to disputes, and perform security audits |
| Crash diagnostics | Firebase Crashlytics | Handled under Firebase retention policies and used only for app stability analysis |
| Advertising identifier and ad interaction data | Google AdMob | Handled under Google's advertising service retention policies |
4. Third-Party Sharing and Processors
We do not sell your personal data. We may use the following external services to provide the app and improve stability.
- Supabase: optional Google sign-in, account authentication, user-approved app data backup, sync, subscription entitlement, AI consent, and AI usage event storage
- Google OAuth: sign-in with the Google account you choose
- Google Play Billing and Google Play Developer API: in-app subscription payments, purchase verification, subscription-state checks, subscription restoration, and cancellation of active subscription renewals during account deletion
- OpenRouter: if you consent to AI features, generation of AI insights and activity recommendations using summaries of lock records, stats, and notes
- Google Firebase Crashlytics: crash logs and diagnostic processing
- Google AdMob: in-app ad display, ad measurement, frequency capping, and abuse prevention
5. Permissions Used
- Display over other apps (SYSTEM_ALERT_WINDOW): Show the lock screen during lock challenges, selected app lock, and app-specific usage limits
- Usage access (PACKAGE_USAGE_STATS): Detect blocked app launches, apply app-specific usage limit rules, and support strict-mode bypass detection
- Exact alarms (SCHEDULE_EXACT_ALARM): Start scheduled locks precisely at the configured time
- Foreground service (FOREGROUND_SERVICE_SPECIAL_USE): Maintain the lock until the user-set end time
- Notifications (POST_NOTIFICATIONS): Show lock progress notifications
- Boot completed (RECEIVE_BOOT_COMPLETED): Restore scheduled locks after a reboot
- Internet (INTERNET): Google sign-in, Supabase backup, Google Play subscription verification, AI features, and Crashlytics diagnostic transmission
- Advertising ID (AD_ID): Google AdMob ad display, ad measurement, frequency capping, and abuse prevention
6. Your Rights
- Delete on-device data by uninstalling the app or clearing app data
- Sign out from the Settings screen
- Request deletion of your account and Supabase-backed-up data from the account deletion feature in Settings
- Choose whether to consent before using AI features
- Request account deletion or personal-data deletion outside the app by emailing us at the address below
- Use the app without Google sign-in if you do not want account backup
- Request access, correction, or deletion of account data stored in Supabase
When account deletion is completed, account-based data stored in Supabase, including nickname, BM, owned items, lock sessions, notes, stats, AI consent and usage events, and subscription-benefit records, is deleted, and the app also clears on-device data. If an active Google Play subscription is found, we attempt to stop its automatic renewal. Account deletion does not automatically issue a refund. Refunds are handled separately through Google Play's refund process or our customer-support review.
7. Children's Privacy
This app is not directed at children under 14, and we do not knowingly collect data from children. Parents who become aware of such use should contact us at the email below for immediate deletion.
8. Changes to This Policy
If we change this policy, we will notify users at least 7 days before the effective date via in-app notice or this page. Material changes will be announced 30 days in advance.
9. Business Details & Contact
- Business name: Arasaco
- Representative: Kim Sangwoo
- Business registration number: 505-52-01124 (Republic of Korea)
- Email: doveclicorp@gmail.com