Privacy Policy

Mirri Privacy Policy Effective Date: January 1, 2025 Mirri (the "Service") is committed to protecting your personal information. This policy explains what information we collect and how it is processed. 1. Personal Information Collected The Service collects the following personal information: (1) Google login information: email address, profile picture (2) Facial photos for skin analysis (3) AI skin analysis results (4) Service usage records: number of analyses, access dates and times (5) When using the Toss mini-app: a user identifier issued by Toss (toss_user_key) 2. Purpose of Collection and Use (1) User identification and service delivery (2) Performing AI skin analysis and providing results (3) Service improvement and quality enhancement (4) Managing usage of credit packs purchased through the Toss mini-app 3. Data Processing and Retention (1) User information and analysis results are stored with encryption in Supabase cloud databases. (2) Facial photos are not retained on our servers after AI analysis; only the analysis results are stored. (3) Personal information is promptly destroyed upon account deletion. However, where required by applicable law, data is retained for the following periods: - E-commerce transaction records: 5 years - Access logs: 3 months 4. Disclosure to Third Parties The Service provides personal information to third parties only in the following cases: (1) Anthropic (Claude AI): Facial photos are transmitted for skin analysis. Photos are not retained after analysis. (2) Google: Integrated for login authentication. (3) Toss: When using the Toss mini-app, information required for user identification and payment processing is exchanged with Toss systems. Payment method details such as card information are processed directly by Toss and are not stored by Mirri. (4) When required by law 5. Your Rights You may exercise the following rights at any time: (1) Request to view, correct, or delete your personal information (2) Request to delete analysis records (3) Request to delete your account and all associated data (4) Withdraw consent to personal information processing These rights can be exercised through the app settings or customer support. 6. Data Protection Measures (1) SSL/TLS encryption is applied to all data transmissions. (2) Database access is restricted to the minimum necessary. (3) Regular security audits are conducted. 7. Cookies and Automatically Collected Information The Service may use cookies to maintain login sessions and may collect basic usage statistics for service improvement. 8. Policy Changes Any changes to this policy will be communicated through in-app notices. Significant changes will be separately announced. 9. Contact For privacy-related inquiries or to exercise your rights, please reach out through in-app customer support or email.