Privacy Policy

Gachi App ("App", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

1. Information We Collect

1.1 Information You Provide

Category	Data Types	Purpose
Account Information	Email, password, username, tag	Account creation and authentication
Profile Information	Profile photo, bio, birth year, gender	Profile customization (optional)
User Content	Posts, comments, votes, messages	Service functionality

1.2 Information from Social Login

Provider	Data Collected
Google	Email, name, profile picture URL
Apple	Email (may be hidden), name
Kakao	Nickname, profile image, email (if consented)

1.3 Automatically Collected Information

• IP address, device information, operating system
• Country code, language code, timezone (inferred from IP)
• Usage data: posts viewed, search history, interaction patterns
• Push notification token (FCM token)

2. How We Use Your Information

1. Account Management: Create and manage your account, verify identity, maintain service security
2. Service Provision: Enable posting, voting, chatting, following, and content recommendations
3. AI-Powered Features: Automatic content classification (cool/warm/hot temperature), semantic search for related posts
4. Personalized Advertising: Display targeted ads through Google Mobile Ads
5. Communications: Send notifications about your account, posts, and service updates

3. Data Retention

• Account Data: Until account deletion
• Posts: Automatically deleted after user-selected period (1/7/14/30 days)
• Chat Messages: Until you leave the chat room or block the other party
• Access Logs: 3 months
• Transaction Records: 5 years (as required by law)

4. Information Sharing

We do not sell your personal information. We may share your information with:

4.1 Service Providers

Provider	Service	Location
Supabase Inc.	Database hosting, authentication	EU (Germany)
Cloudflare Inc.	Media storage (R2), CDN	United States, Global
Google LLC	AI analysis (Gemini), advertising	United States
Firebase (Google)	Push notifications	United States

4.2 Legal Requirements

We may disclose your information if required by law, court order, or government request.

5. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including:

• EU (Germany): Primary database storage via Supabase
• United States: Media storage, AI processing, advertising, push notifications

We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses and compliance with applicable data protection laws.

6. AI and Automated Decision-Making

We use artificial intelligence for the following automated processes:

Feature	Data Used	Decision
Temperature Classification	Post title, content, images	Automatic cool/warm/hot classification
Semantic Search	Search query, post embeddings	Related post recommendations
Ad Personalization	Usage patterns	Targeted ad display

You may request an explanation of automated decisions by contacting support@gachi.info.

7. Your Rights

Depending on your location, you may have the following rights:

• Access your personal information
• Correct inaccurate information
• Delete your information
• Restrict or object to processing
• Data portability
• Withdraw consent
• Opt-out of automated decision-making

8. California Residents (CCPA/CPRA)

8.1 Right to Know

You have the right to request disclosure of:

• Categories of personal information collected
• Categories of sources from which information is collected
• Business or commercial purpose for collecting information
• Categories of third parties with whom we share information
• Specific pieces of personal information collected about you

8.2 Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, fraud prevention).

8.3 Right to Opt-Out of Sale/Sharing

8.4 Right to Non-Discrimination

We will not discriminate against you for exercising your privacy rights.

8.5 Right to Correct

You have the right to request correction of inaccurate personal information.

8.6 Right to Limit Use of Sensitive Personal Information

We collect the following sensitive personal information:

• Precise geolocation (inferred from IP address)

This information is used only for providing location-based content recommendations.

8.7 How to Submit a Request

• Email: support@gachi.info
• Subject line: "CCPA Request - [Your Request Type]"

We will verify your identity before processing your request. You may designate an authorized agent to submit requests on your behalf.

9. Age Restrictions

10. Cookies and Tracking Technologies

Our mobile app uses:

• Authentication Tokens: Stored securely on your device (iOS Keychain, Android Keystore)
• Advertising Identifiers: Used by Google Mobile Ads for personalized advertising

Opting Out of Personalized Ads:

• iOS: Settings > Privacy & Security > Tracking > Disable Gachi App
• Android: Settings > Google > Ads > Opt out of Ads Personalization

11. Data Security

We implement appropriate security measures including:

• Password encryption (bcrypt hashing)
• JWT-based authentication with expiration
• Row Level Security (RLS) for database access control
• HTTPS/TLS encrypted communications
• AI input sanitization against prompt injection

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes at least 7 days in advance (30 days for significant changes) through in-app notifications.

Version	Effective Date	Changes
1.0	Jan 15, 2026	Initial version

13. Contact Us