Privacy Policy
The operator of Find Your Detail (the "Service") — hereinafter the "Operator" — establishes and discloses this Privacy Policy under Article 30 of the Personal Information Protection Act (PIPA) of the Republic of Korea, in order to protect the personal information of data subjects and to handle related grievances promptly. The Service is run by an individual developer, not a corporate entity, as a non-commercial information catalogue.
1. Categories of personal information processed
The Operator processes the following categories of personal information.
a. Account / authentication
•
(Required) Identifier (uid), email address, display name and profile image URL forwarded by an external Identity Provider (Apple, Google).
•
Collected when the user signs in through the external Identity Provider.
b. Information generated automatically while using the Service
•
Favourites, search history, user-defined dilution ratios, product/brand requests and correction reports.
•
Push notification device token (FCM / APNs), operating system, app version.
•
IP address, cookies, access logs, browser / device identifiers.
c. Analytics and measurement
•
Anonymous client_id, page views and event logs collected via Google Analytics 4 (GA4).
The Operator does not knowingly collect personal information from children under the age of 14.
2. Purposes of processing
Personal information is processed only for the following purposes. If the purpose changes, separate consent will be obtained as required by Article 18 of PIPA.
•
Service provision: maintaining login sessions, storing favourites and user settings, communicating the result of submitted requests / reports.
•
Operations: responding to user inquiries and reports, preventing abuse, monitoring service stability.
•
Service improvement: analysing usage patterns from anonymised / aggregated data.
•
Notifications: announcements and service updates via push notifications.
3. Retention periods
•
Account data: deleted immediately upon account withdrawal. Where retention is required by law, the data will be kept only for the period mandated by such law.
•
User requests / reports: retained for 1 year after the matter is resolved, then destroyed.
•
Access logs and IP addresses: 3 months, in accordance with Article 15-2 of the Protection of Communications Secrets Act.
•
Analytics data (GA4): the GA4 default retention window (currently 14 months).
4. Disclosure to third parties
The Operator does not disclose personal information to third parties beyond the scope described in this Policy, except in the following cases.
•
Where the data subject has given separate consent.
•
Where disclosure is specifically required by law.
•
Where requested by an investigative agency in accordance with the procedures and methods prescribed by law.
5. Outsourcing of processing tasks
To deliver the Service the Operator entrusts certain processing tasks to the providers below. Necessary safeguards are in place under applicable law. The processors below may store and process data in the United States or other regions designated by the processor.
•
Google LLC (Firebase Authentication, Firebase Cloud Messaging) — sign-in / session management, push notification delivery.
•
Apple Inc. (Sign in with Apple, APNs) — sign-in, push notification delivery.
•
Google LLC (Google Analytics 4) — anonymous usage analytics.
•
Sentry, Inc. — error and performance monitoring.
•
Amazon Web Services, Inc. — server and storage infrastructure.
If you do not agree to the above outsourcing and cross-border transfer, account creation and some Service features may be unavailable.
6. Data subject rights and how to exercise them
You may at any time exercise the following rights regarding your personal information.
•
2. Right to rectification of inaccurate data.
•
3. Right to deletion (including account withdrawal).
•
4. Right to suspension of processing.
You can exercise these rights through the in-app "Delete Account" menu, or by contacting the privacy officer in section 9 below. The Operator will act on such requests without undue delay.
7. Security safeguards
To protect personal information from loss, theft, leakage, alteration or destruction, the Operator implements the following technical and managerial measures.
•
HTTPS / TLS encryption for data in transit.
•
Authentication-based access control with the principle of least privilege.
•
Logging of access to systems that process personal information.
•
Passwords are not stored directly; authentication is delegated to external Identity Providers (Apple, Google).
8. Cookies and automatic collection tools
The Service uses cookies and similar identifiers to improve user experience and to analyse anonymous usage statistics. You may refuse cookies and limit advertising identifiers through your browser or device settings; doing so may restrict the availability of certain features.
9. Privacy officer
The Operator is overall responsible for the processing of personal information and for handling user grievances and remedies. The privacy officer is designated as follows.
•
Privacy officer: the Operator (individual developer).
•
Alternative channel: the in-app "Contact" menu.
10. Remedies for infringement
If you wish to seek remedies for personal information infringement, you may contact the following Korean authorities.
•
Personal Information Infringement Report Center (privacy.kisa.or.kr, 118 without area code).
•
Personal Information Dispute Mediation Committee (kopico.go.kr, 1833-6972).
•
Cyber Investigation Department of the Supreme Prosecutors' Office (spo.go.kr, 1301).
•
National Police Agency Cyber Investigation Bureau (ecrm.cyber.go.kr, 182).
11. Changes to this Policy
This Policy is effective as of the effective date below. Any addition, deletion or amendment will be announced inside the Service at least 7 days before the change takes effect (or 30 days in advance if the change is unfavourable to users).
•
Effective date: 2026-04-30