Good Words Privacy Policy

Last updated: 2025-01-04

Glonaris (Legal Business Name: Glonaris, the "Company") protects users' personal information in accordance with applicable laws and app marketplace policies (Apple App Store, Google Play) when providing the mobile application Good Words (the "App"). This policy explains what information we collect, use, store, and share, as well as your rights.

Business Information: Legal Business Name — Glonaris / D-U-N-S Number — 696250960

1. Personal Information We Collect

The App may process the following information to provide services:

  • Account Information (Optional): Basic profile information when signing in with Google (name, email address, Google account ID)
  • Device Information: Device model, OS version, app version, language/region settings, device identifiers (e.g., advertising ID or installation ID)
  • Usage Information: App feature usage records, screen views/clicks and other usage events, crash logs and performance data
  • Notification Tokens: Device push tokens (FCM/APNs) for sending push notifications
  • Media/Content (Optional): Images/screenshots that users voluntarily upload or share
  • Audio Playback Information (Optional): Content audio playback status (position, duration, etc.) — may be aggregated in non-identifiable form
  • Local Storage: App preferences, cache data (stored encrypted in secure device storage)

Note: We do not collect microphone or precise location data. Notification and photo access permissions are only requested when using related features.

2. Purpose of Using Personal Information

  • User authentication and account linking (when Google sign-in is selected)
  • Providing core features (text/content display, audio playback, sharing)
  • Service quality improvement (error analysis, performance improvement, usability analysis)
  • Notices and service-related notifications (optional)
  • Legal compliance and dispute resolution

3. Third-Party Sharing and Processing

The Company may process data with the following service providers:

  • Firebase (Analytics, Auth, Cloud Messaging): Usage analysis, authentication, push token management — Provider: Google LLC
  • Google Sign-In: Social login — Provider: Google LLC
  • Sentry: App crash/performance monitoring — Provider: Sentry, Inc.
  • Mixpanel: User behavior analysis and event analytics for service improvement — Provider: Mixpanel, Inc.
  • Google AdMob: Personalized advertising and ad performance measurement — Provider: Google LLC
  • RevenueCat: In-app payment management and subscription analytics — Provider: RevenueCat, Inc.

Only the minimum information necessary for service operation is transmitted to these providers, and data is protected with industry-standard security during transmission and storage. The Company does not sell personal information except as required by law or with user consent.

4. Advertising Identifier and Tracking Transparency (ATT)

On iOS 14.5 and later, the App requests explicit user consent before using the advertising identifier (IDFA) in accordance with Apple's App Tracking Transparency (ATT) policy.

  • If you consent: We use the advertising identifier to provide personalized ads based on your interests. This allows us to show you more relevant advertisements.
  • If you decline: Non-personalized general ads will be displayed. The advertising identifier will not be collected or shared with third-party ad networks.
  • Changing settings: You can change tracking permissions at any time in iOS Settings > Privacy > Tracking.

On Android, the Google Advertising ID may be used for advertising purposes, and you can disable ad personalization in device settings.

5. Retention Period

  • Account Information: Until account deletion or purpose fulfillment, in accordance with applicable laws
  • Usage/Analytics Data: Retained after aggregation/de-identification for statistical and analytical purposes
  • Crash/Log Data: Deleted within a reasonable period after problem analysis is complete
  • Push Tokens: Updated or deleted upon unsubscription, reinstallation, or token rotation
  • Local Storage Data: Users can manually reset/delete data in the app

6. User Rights

Users may exercise the following rights:

  • Access/Portability: Request to view and receive copies of personal data
  • Correction/Deletion: Request correction of inaccurate information or deletion of unnecessary information
  • Processing Restriction/Objection: Object to or restrict specific processing purposes
  • Consent Withdrawal: Withdraw optional consents such as marketing/notifications

You can exercise these rights through app settings or by contacting us at the address below. We may request additional information for identity verification.

7. Security Measures

  • Transmission encryption (HTTPS/TLS) and storage encryption applied
  • Access control and principle of least privilege observed
  • Regular updates and vulnerability checks for key libraries

8. Children's Personal Information

This App is not intended for children under 13 (or the applicable age in your region), and we do not knowingly collect personal information from children. If you believe children's data has been collected, please contact us and we will take prompt action.

9. International Transfer

The Company may use global infrastructure (Firebase, Sentry, etc.), which may result in personal information being transferred abroad. In such cases, we implement appropriate protective measures in accordance with applicable laws.

10. Data Retention and Deletion Methods (Summary)

  • You can reset cache and local data in app settings.
  • Account deletion and data deletion requests are processed through our contact channels.
  • Analytics data is aggregated and stored in non-identifiable form.

11. Policy Changes

This policy may be updated due to changes in applicable laws or services. Important changes will be communicated through in-app notices and this page.

12. GDPR and CCPA Compliance

The Company respects the EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), and guarantees the following rights to users subject to these laws:

GDPR (EU/EEA Residents)

  • Right of Access: Request a copy of personal data being processed
  • Right to Rectification: Request correction of inaccurate information
  • Right to Erasure (Right to be Forgotten): Request deletion of personal data in certain circumstances
  • Right to Restriction of Processing: Request restriction of processing
  • Right to Data Portability: Receive data in a structured format
  • Right to Object: Object to processing based on legitimate interests

CCPA (California Residents)

  • Right to Know: Know the categories of personal information collected, used, and disclosed
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: No service discrimination for exercising rights

To exercise these rights, please contact us at the address below. Processing requests may take up to 30 days (GDPR) or 45 days (CCPA).

13. Contact

  • Email: hello@glonaris.com
  • Address: 123 Innovation Street, Gangnam-gu, Seoul 06234, South Korea