Privacy Policy
Summary
Shinya Yaginuma ("we", "our") operates yoin (internal code name: casknote), a mobile app for logging and sharing tasting notes for alcoholic beverages (whisky, sake, beer, wine, etc.). This Privacy Policy explains how we handle personal information collected through the app. We comply with Japan's Act on the Protection of Personal Information, Apple App Store review guidelines, the EU General Data Protection Regulation (GDPR), and other applicable laws.
Who the app is for
The app is intended for users who are of legal drinking age in their country of residence (20+ in Japan). We do not knowingly collect personal information from children under 13. If we learn that such data has been collected, we will delete the account and related data promptly.
Information we collect
Information you provide
- Account information: display name, email address, profile picture URL, and the sign-in provider's unique identifier (uid), obtained when you sign in with Apple, Google, or Facebook. The exact items obtained depend on the provider and your settings (e.g., with Apple's "Hide My Email" we receive a relay address).
- Profile information: bio and profile picture you upload.
- Content: tasting notes, reviews, ratings, drinks/brands you log, places you visit (name and coordinates), and photos.
- Lists: wishlist and brand list entries.
Information collected automatically
- Crash data: stack traces and exception details from crashes and non-fatal errors, device model, iOS version, app version and build number, locale, timezone, memory and storage state, and any custom logs or keys configured by the developer (collected only when a crash or non-fatal error occurs, via Firebase Crashlytics).
- Server logs: IP address, timestamps, and request data logged by Google Cloud / Firebase.
- Anonymous identifiers: Identifier for Vendors (IDFV), Firebase Installations ID, and other anonymous IDs assigned by Firebase SDK.
We do not use Firebase Analytics or any equivalent product-analytics SDK, so screen views and feature-usage events are not collected automatically. Crash data is used solely to detect and fix defects.
We do not collect the Identifier for Advertisers (IDFA) and do not share data with third-party ad networks for tracking purposes.
Device permissions
- Camera (
NSCameraUsageDescription) — to capture photos for tasting notes. - Photo Library (
NSPhotoLibraryUsageDescription) — to attach existing photos to notes and set profile pictures.
We do not request location (GPS) permission. Places are entered manually by the user.
How we use information
- Providing and operating the app (authentication, storing and displaying notes/reviews, hosting photos, rendering maps).
- Enabling social features (public display of notes, reviews, and profiles).
- Detecting and preventing abuse, fraud, and impersonation.
- Incident response, debugging, and improving the product.
- Sending service-related announcements.
- Complying with legal obligations and lawful requests.
Sharing and processors
We use the following third-party processors:
- Google LLC / Google Cloud / Firebase — authentication (Firebase Authentication / Google Sign-In), database (Firestore), file storage (Cloud Storage for Firebase), server-side processing (Cloud Functions for Firebase), crash analytics (Firebase Crashlytics), and cloud infrastructure. See Google Privacy Policy.
- Apple Inc. — Sign in with Apple (authentication), app distribution, notifications, and support on iOS. See Apple Privacy Policy.
- Meta Platforms, Inc. — Facebook Login (authentication). See Meta Privacy Policy.
Except as described above, we do not share personal information with third parties without your consent, unless required by law, to protect life or property, public health, or to cooperate with government agencies as permitted by law.
Public content
The following information is public within the app: display name, profile picture, bio, your posted notes and reviews (with ratings, text, and photos), drinks/brands you log, and places you visit. Email addresses are never shared publicly.
International data transfer
Data is stored on Google / Firebase cloud infrastructure and may be transferred outside Japan, including to the United States. For users in the EU / UK, transfers rely on Standard Contractual Clauses (SCCs) or other appropriate safeguards under GDPR Article 44 et seq.
Retention
We retain personal information for as long as you use the app and for a reasonable period thereafter for operational and legal reasons. When you delete your account, your profile and content are deleted in principle, but some information may be retained for backups, audit logs, and abuse prevention for a reasonable period.
For step-by-step instructions on deleting your account and data, see How to Delete Your Account & Data.
Security
We use TLS / HTTPS encryption in transit, Firestore and Cloud Storage security rules, Firebase Authentication for identity, least-privilege access controls, and routine vulnerability monitoring.
Your rights
You may request notification of our purposes, disclosure, correction, addition, deletion, suspension of use, erasure, or suspension of third-party provision of your data, and file complaints.
Residents of the EU / UK may exercise rights under GDPR Articles 15–22 (access, rectification, erasure, restriction, portability, objection, and protection against automated decision-making).
Legal bases (GDPR)
- Contract (Art. 6(1)(b)) — account creation and content storage/display needed to provide the app.
- Legitimate interests (Art. 6(1)(f)) — fraud prevention, security, and improvement.
- Legal obligation (Art. 6(1)(c)) — lawful disclosure.
- Consent (Art. 6(1)(a)) — camera and photo-library access.
Cookies
The app itself does not use browser cookies. Firebase SDK stores anonymous identifiers (e.g., Firebase Installations ID) on the device for authentication and crash analytics purposes.
Changes to this Policy
We may update this Policy to reflect legal or service changes. Material changes will be announced in the app or on this page. The updated Policy takes effect when posted.
Contact
- Publisher: Shinya Yaginuma
- Email: yoinsupport@gmail.com
- Response time: usually within 7 business days of receipt