DiaryLetter processes personal information for the following purposes:
- Member registration and user identification/authentication
- Diary writing and storage service provision
- AI letter generation service provision
- Personalized user experience provision
- Service improvement and customer support
- Customized services such as diary writing notifications
DiaryLetter processes the following categories of personal information:
📧 Member Information
- Email address (required)
- Encrypted password (for email registration)
- Social login identifier (for social login)
📝 Diary-related Information
- Diary title and content
- Emotional states (happy, sad, angry, anxious, excited, etc.)
- Weather information (sunny, cloudy, rainy, snowy)
- Social situations (alone, family, friends, romantic partner)
- Activity types (work, leisure, rest, exercise, self-development, travel, daily life)
- Diary creation date and time
🤖 AI Service Related
- AI-generated letter content
- Letter generation history
📱 App Usage Information
- Theme and font settings
- Notification settings
- App usage statistics (in non-personally identifiable form)
DiaryLetter processes and retains personal information as follows:
- Member information: Until membership withdrawal
- Diary and letter content: Until user deletion or membership withdrawal
- App usage settings: Until membership withdrawal
However, information will be retained until the following periods in these cases:
- When investigation or inquiry related to legal violations is in progress: Until completion of such investigation or inquiry
DiaryLetter
does not provide personal information to third parties in principle.
However, exceptions are made in the following cases:
- When users have given prior consent
- When required by law or when requested by investigative agencies according to procedures and methods defined by law for investigative purposes
DiaryLetter outsources personal information processing tasks as follows for smooth service provision:
☁️ Supabase Inc.
- Outsourced tasks: Data storage and user authentication
- Personal information retention period: Until termination of outsourcing contract or achievement of outsourcing purpose
🤖 Google LLC
- Outsourced tasks: AI letter generation service
- Personal information retention period: Immediately deleted after letter generation (not stored)
Outsourcing companies comply with personal information protection laws and are prohibited from processing personal information for purposes other than the outsourcing purpose.
Users may exercise the following personal information protection rights at any time:
- Request access to personal information
- Request correction or deletion of personal information
- Request suspension of personal information processing
Rights can be exercised through the following methods:
- Direct modification/deletion through the app's settings menu
- Request via email (hpil331@gmail.com)
Identity verification procedures will be conducted upon request, and processing will be completed within the period prescribed by law.
DiaryLetter takes the following measures to protect personal information:
🔧 Technical Measures
- Encrypted storage of personal information
- SSL/TLS application for secure data transmission
- Installation and inspection of security programs to prevent hacking
📋 Administrative Measures
- Minimization of personal information access rights
- Regular security inspections and updates
- Establishment and implementation of personal information protection policies
🏢 Physical Measures
- Use of secure cloud infrastructure (Supabase)
- Physical security facilities at data centers
This privacy policy applies from August 6, 2025.
When the privacy policy is changed, changes will be announced in advance through in-app notifications.