Privacy Policy
Last updated: March 14, 2026
Shareal Inc. ("we", "us", "our") respects the privacy of our users and is committed to protecting personal information. This policy explains what information we collect, how we use it, and your rights regarding your data.
1Information We Collect
1-1. Information You Provide
| Data | When Collected |
|---|---|
| Email address | Account registration |
| Username and display name | Profile setup |
| Profile picture | Profile setup |
| User content (text, images, videos) | Post creation |
| Location data | Post creation and map usage |
| Direct messages | Message sending |
1-2. Automatically Collected Information
| Data | Purpose |
|---|---|
| Device ID and device information | Security and fraud prevention |
| IP address | Security and regional settings |
| App usage and activity logs | Service improvement and analytics |
| Crash data and error logs | Stability improvement |
| Push notification tokens | Notification delivery |
1-3. Information from Third Parties
- Authentication information provided through Apple ID or Google Account social login
2How We Use Your Information
- Service provision: Account management, content display, map features, and messaging
- Service improvement: Usage analysis, new feature development, and user experience enhancement
- Safety: Detection and prevention of fraud, monitoring of Community Guidelines violations
- Notifications: Important service announcements and push notifications
- Customer support: Responding to inquiries
- Legal compliance: Fulfilling obligations under applicable laws
3Information Sharing
We do not sell your personal information. We share information only in the following circumstances:
3-1. Service Providers
| Provider | Purpose | Data Shared |
|---|---|---|
| Amazon Web Services (AWS) | Data storage and server operations | All service data |
| Firebase (Google) | Authentication, analytics, crash reports, push notifications | Auth data, analytics, crash data |
| CloudFront (AWS) | Content delivery | Image and video files |
3-2. Legal Requests
- When required by law (court orders, law enforcement requests)
- When necessary to protect life, safety, or property
- Reports to law enforcement and NCMEC when child sexual exploitation (CSAM) is suspected
3-3. With Your Consent
- When you have given explicit consent
4Data Storage and Retention
| Data | Retention Period |
|---|---|
| Account information | Deleted within 30 days of account deletion |
| User content | Until deleted by user, or within 30 days of account deletion |
| Direct messages | Until deleted by sender or recipient |
| Usage logs and analytics | Up to 24 months from collection |
| Crash data | Up to 12 months from collection |
| Report records | Up to 3 years as required by law |
Data is stored in the AWS ap-northeast-1 (Tokyo) region.
5Data Security
- Encryption in transit (TLS 1.2 and above)
- Encryption at rest (AES-256)
- Access control and authentication (Firebase Authentication, JWT)
- Regular security reviews
- Principle of least privilege for employee access
6Your Rights
You have the following rights regarding your personal information:
- Right of access: Request disclosure of your personal information held by us
- Right to rectification: Request correction of inaccurate personal information
- Right to deletion: Delete all your personal information through the in-app account deletion feature
- Data portability: Request your data in a structured, commonly used format
- Right to restrict processing: Request restriction of data processing in certain circumstances
- Withdraw consent: Withdraw tracking consent through ATT (App Tracking Transparency) settings
To exercise your rights, use the in-app settings or contact us at the address below.
7Cookies and Tracking Technologies
- Shareal is a native app and does not use web browser cookies
- We collect anonymized usage statistics through Firebase Analytics
- On iOS 14 and later, we request tracking permission through ATT (App Tracking Transparency). If denied, analytics data collection is disabled
8Children's Privacy
- Shareal is not intended for children under 13 years of age
- If we learn that personal information has been provided by a child under 13, we will promptly delete such information
- Parents or guardians may request deletion of their child's account by contacting us
9International Data Transfers
- Your data is primarily stored in Japan (AWS Tokyo region)
- Data may be transferred outside Japan through services such as Firebase
- Appropriate safeguards are applied for international transfers
- EEA/UK residents: Transfers comply with Standard Contractual Clauses (SCCs) under GDPR Article 46
10Regional Legal Compliance
Japan (Act on the Protection of Personal Information)
- We manage personal information in compliance with Japan's APPI as a personal information handling business operator
- We comply with requirements for purpose disclosure, security measures, and restrictions on third-party provision
EU/EEA (GDPR)
- Legal basis for processing: Performance of contract, legitimate interests, consent
- Data Protection Officer (DPO) contact: info@shareal.inc
- You have the right to lodge a complaint with a supervisory authority
California, USA (CCPA/CPRA)
- We do not sell personal information ("Do Not Sell My Personal Information")
- California residents may request disclosure of categories of personal information collected
- Rights may be exercised without discrimination
11Changes to This Policy
This policy may be updated from time to time to reflect changes in law or our services. Significant changes will be communicated through in-app notifications or email. Your continued use of the service after changes constitutes acceptance of the updated policy.