Privacy Policy — 복붙태그 (CopyTag)
Effective date: 30 May 2026
This Privacy Policy describes how personal data is processed in the mobile application “복붙태그 (CopyTag)” (the “App”), developed by Jitae Kim (“we”, “us”). It is written to satisfy the requirements of the EU General Data Protection Regulation (GDPR) as a global baseline, with a dedicated section for California residents (CCPA/CPRA).
1. Data Controller
Jitae Kim Email: wlxo0401@gmail.com
(No Data Protection Officer is appointed; the controller may be contacted directly at the email above.)
2. Categories of Personal Data
The App does not require an account.
2-1. Data you enter into the App (stored on-device only)
- Hashtag text, tag group names, descriptions and memos
- Post text you create or copy, together with any attached tag bundles
- Local usage history of your tags and posts (creation/copy timestamps)
This data is stored only in on-device Realm and SwiftData. It is never transmitted to any server we operate. iCloud (CloudKit) synchronization is not used, so the tag and post data you enter never leaves your device.
2-2. Data collected automatically (by third-party SDKs)
This data is not collected or stored directly by us; it is collected and processed automatically by the third-party SDKs integrated into the App, each for its own purpose. We do not store this data in a directly identifiable form and only see aggregated/anonymized results.
| Category | Examples | Collected by |
|---|---|---|
| Device identifiers | IDFV | Firebase Analytics, Firebase Crashlytics, Google AdMob |
| Advertising identifier | IDFA (only when you consent via App Tracking Transparency) | Google AdMob |
| Device & environment | OS version, device model, app version, locale | Firebase Analytics, Firebase Crashlytics, Google AdMob |
| Approximate location | Country/region derived from IP address | Firebase Analytics, Google AdMob |
| Usage data | In-app events, screens viewed, feature interactions | Firebase Analytics |
| Diagnostic / crash data | Crash logs, error records, performance metrics | Firebase Crashlytics |
| Advertising data | Ad impressions, clicks | Google AdMob |
| Advertising attribution | App install/conversion attribution | Apple SKAdNetwork |
Analytics (Firebase Analytics) and crash diagnostics (Firebase Crashlytics) data is not collected in development (debug) builds — only in the release build distributed via the App Store.
3. Purposes and Legal Bases (Art. 6 GDPR)
| Purpose | Legal basis |
|---|---|
| Providing core features (managing tags, tag groups, posts) | Art. 6(1)(b) — performance of a contract |
| In-app statistics (charts) generated from your local usage | Art. 6(1)(b) — performance of a contract |
| Analytics & service improvement (Firebase Analytics) | Art. 6(1)(f) — legitimate interest |
| Crash diagnostics (Firebase Crashlytics) | Art. 6(1)(f) — legitimate interest |
| Personalized advertising (AdMob, IDFA) | Art. 6(1)(a) — consent (via ATT and Google UMP) |
| Non-personalized advertising | Art. 6(1)(f) — legitimate interest |
| Consent management for advertising/tracking (Google UMP) | Art. 6(1)(c) — legal obligation |
| Legal compliance | Art. 6(1)(c) — legal obligation |
4. Recipients / Processors
We do not share the data you enter into the App with any third party. Only the automatically collected data above is processed by the following providers:
| Processor | Purpose | Country |
|---|---|---|
| Google LLC (Firebase Analytics, Crashlytics) | Analytics, crash diagnostics | United States |
| Google LLC (AdMob) | Advertising | United States |
| Google LLC (User Messaging Platform) | Advertising/tracking consent management (EU/EEA, UK and similar regions) | United States |
| Apple Inc. | App distribution, SKAdNetwork attribution | United States |
Provider privacy practices:
- Google: https://policies.google.com/privacy
- Google Ads: https://policies.google.com/technologies/ads
- Apple: https://www.apple.com/legal/privacy/
5. International Transfers
Personal data may be transferred to the United States via our processors. Such transfers rely on the EU-US Data Privacy Framework where applicable, and/or Standard Contractual Clauses (SCCs).
6. Retention
| Item | Retention |
|---|---|
| Data you entered into the App | On-device only — retained until you delete it in the App or uninstall the App |
| Analytics data | up to 14 months |
| Crash / diagnostic data | per Google Firebase Crashlytics policies (typically up to 90 days) |
| Advertising identifiers / data | per Google AdMob and Apple SKAdNetwork policies |
7. Your Rights under GDPR (Arts. 15–22)
You have the right to:
- Access (Art. 15)
- Rectification (Art. 16) — you can directly edit or delete entries within the App
- Erasure (Art. 17) — deleting the App removes all on-device data
- Restriction of processing (Art. 18)
- Data portability (Art. 20)
- Object to processing based on legitimate interests (Art. 21)
- Withdraw consent at any time (without affecting prior lawful processing) — for advertising consent, you can re-open the Google UMP dialog from within the App’s settings, or change tracking permission in iOS Settings
- Lodge a complaint with your local supervisory authority
To exercise any right, contact wlxo0401@gmail.com.
8. California Residents (CCPA / CPRA)
If you are a California resident, you have the right to:
- Know what personal information is collected and how it is used
- Delete personal information collected from you
- Correct inaccurate personal information
- Opt out of “sharing” of personal information for cross-context behavioral advertising (under CPRA, advertising identifiers passed to AdMob may qualify as “sharing”)
- Limit the use of sensitive personal information (we do not collect sensitive PI as defined by CPRA)
- Non-discrimination for exercising your rights
We do not “sell” personal information for monetary consideration. To opt out of tracking-based advertising, decline the ATT prompt or disable tracking in iOS Settings.
To submit a CCPA/CPRA request, email wlxo0401@gmail.com.
9. Withdrawing Tracking / Advertising Consent
- iOS Settings → Privacy & Security → Tracking → CopyTag (toggle off)
- In-app Google UMP consent dialog — re-open it from the App’s settings to change your advertising/tracking consent choices
- iOS Settings → Privacy & Security → Apple Advertising → reset advertising identifier
10. In-App Feedback Email
The App includes a feedback feature that opens the Apple Mail app for you to compose a message. The email is sent directly through the Apple Mail app and does not pass through any server we operate. The content of the email and any personal information it contains are determined entirely by you; once sent, it is handled by Apple’s mail infrastructure and your email provider.
11. Automated Decision-Making
The App does not perform automated decision-making or profiling that produces legal or similarly significant effects under Art. 22 GDPR.
12. Children
The App is not directed to children under 16, and we do not knowingly collect personal data from children under 16 (under 13 in jurisdictions where COPPA applies). If you believe a child has provided us with personal data, contact us and we will delete it.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be announced in-app or at the published URL. All prior versions are retained in the same repository, organized by effective date.
14. Contact
Jitae Kim — wlxo0401@gmail.com