Privacy Policy — 복붙태그 (CopyTag)
Effective date: 13 May 2026
This Privacy Policy describes how personal data is processed in the mobile application “복붙태그 (CopyTag)” (the “App”), developed by Jitae Kim (“we”, “us”). It is written to satisfy the requirements of the EU General Data Protection Regulation (GDPR) as a global baseline, with a dedicated section for California residents (CCPA/CPRA).
1. Data Controller
Jitae Kim Email: wlxo0401@gmail.com
(No Data Protection Officer is appointed; the controller may be contacted directly at the email above.)
2. Categories of Personal Data
The App does not require an account.
2-1. Data you enter into the App (stored on-device only)
- Hashtag text, tag group names, descriptions and memos
- Post text you create or copy, together with any attached tag bundles
- Local usage history of your tags and posts (creation/copy timestamps)
This data is stored only in on-device Realm and SwiftData. It is never transmitted to any server we operate. iCloud (CloudKit) synchronization is not used, so the tag and post data you enter never leaves your device.
2-2. Data collected automatically
| Category | Examples |
|---|---|
| Device identifiers | IDFV; IDFA (only when you consent via App Tracking Transparency) |
| Device & environment | OS version, device model, app version, locale |
| Approximate location | Country/region derived from IP address |
| Usage data | In-app events, screens viewed, feature interactions |
| Advertising data | Ad impressions, clicks, SKAdNetwork attribution |
| Diagnostic / crash data | System-level crash logs and performance metrics provided via Apple App Store Connect, only when you have enabled iOS Settings → Privacy & Security → Analytics & Improvements → “Share with App Developers” |
3. Purposes and Legal Bases (Art. 6 GDPR)
| Purpose | Legal basis |
|---|---|
| Providing core features (managing tags, tag groups, posts) | Art. 6(1)(b) — performance of a contract |
| In-app statistics (charts) generated from your local usage | Art. 6(1)(b) — performance of a contract |
| Analytics & service improvement (Firebase Analytics) | Art. 6(1)(f) — legitimate interest |
| Personalized advertising (AdMob, IDFA) | Art. 6(1)(a) — consent (via ATT and Google UMP) |
| Non-personalized advertising | Art. 6(1)(f) — legitimate interest |
| Consent management for advertising (Google UMP) | Art. 6(1)(c) — legal obligation |
| Crash/diagnostic reporting (Apple system level, opt-in) | Art. 6(1)(a) — consent |
| Legal compliance | Art. 6(1)(c) — legal obligation |
4. Recipients / Processors
We do not share the data you enter into the App with any third party. Only the automatically collected data above is processed by the following providers:
| Processor | Purpose | Country |
|---|---|---|
| Google LLC (Firebase Analytics) | Analytics | United States |
| Google LLC (AdMob) | Advertising | United States |
| Google LLC (User Messaging Platform) | Advertising consent management (EU/EEA, UK and similar regions) | United States |
| Apple Inc. | App distribution, SKAdNetwork attribution, system crash reporting | United States |
Provider privacy practices:
- Google: https://policies.google.com/privacy
- Google Ads: https://policies.google.com/technologies/ads
- Apple: https://www.apple.com/legal/privacy/
5. International Transfers
Personal data may be transferred to the United States via our processors. Such transfers rely on the EU-US Data Privacy Framework where applicable, and/or Standard Contractual Clauses (SCCs).
6. Retention
| Item | Retention |
|---|---|
| Data you entered into the App | On-device only — retained until you delete it in the App or uninstall the App |
| Analytics data | up to 14 months |
| Advertising identifiers / data | per Google AdMob and Apple SKAdNetwork policies |
| Crash / diagnostic data | per Apple App Store Connect policies |
7. Your Rights under GDPR (Arts. 15–22)
You have the right to:
- Access (Art. 15)
- Rectification (Art. 16) — you can directly edit or delete entries within the App
- Erasure (Art. 17) — deleting the App removes all on-device data
- Restriction of processing (Art. 18)
- Data portability (Art. 20)
- Object to processing based on legitimate interests (Art. 21)
- Withdraw consent at any time (without affecting prior lawful processing) — for advertising consent, you can re-open the Google UMP dialog from within the App’s settings, or change tracking permission in iOS Settings
- Lodge a complaint with your local supervisory authority
To exercise any right, contact wlxo0401@gmail.com.
8. California Residents (CCPA / CPRA)
If you are a California resident, you have the right to:
- Know what personal information is collected and how it is used
- Delete personal information collected from you
- Correct inaccurate personal information
- Opt out of “sharing” of personal information for cross-context behavioral advertising (under CPRA, advertising identifiers passed to AdMob may qualify as “sharing”)
- Limit the use of sensitive personal information (we do not collect sensitive PI as defined by CPRA)
- Non-discrimination for exercising your rights
We do not “sell” personal information for monetary consideration. To opt out of tracking-based advertising, decline the ATT prompt or disable tracking in iOS Settings.
To submit a CCPA/CPRA request, email wlxo0401@gmail.com.
9. Withdrawing Tracking / Diagnostic Consent
- iOS Settings → Privacy & Security → Tracking → CopyTag (toggle off)
- iOS Settings → Privacy & Security → Apple Advertising → reset advertising identifier
- iOS Settings → Privacy & Security → Analytics & Improvements → Share with App Developers (toggle off)
10. In-App Feedback Email
The App includes a feedback feature that opens the Apple Mail app for you to compose a message. The email is sent directly through the Apple Mail app and does not pass through any server we operate. The content of the email and any personal information it contains are determined entirely by you; once sent, it is handled by Apple’s mail infrastructure and your email provider.
11. Automated Decision-Making
The App does not perform automated decision-making or profiling that produces legal or similarly significant effects under Art. 22 GDPR.
12. Children
The App is not directed to children under 16, and we do not knowingly collect personal data from children under 16 (under 13 in jurisdictions where COPPA applies). If you believe a child has provided us with personal data, contact us and we will delete it.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be announced in-app or at the published URL. All prior versions are retained in the same repository, organized by effective date.
14. Contact
Jitae Kim — wlxo0401@gmail.com