← Back
Privacy Policy

Privacy Policy

Effective · May 28, 2026

Simplrun, Inc. (the "Company") takes the personal information of users of MyDay (the "Service") seriously and complies with the Personal Information Protection Act and other applicable laws.

This Privacy Policy explains how the Company uses your personal information and the measures it takes to protect it.

This Privacy Policy is effective from May 28, 2026.

1. Categories of Personal Information Collected

The Company may collect the following personal information in order to provide the Service.

1) Sign-up and sign-in

Sign in with Apple

  • Email address (when provided by the user)
  • Apple user identifier

Sign in with Google

  • Email address
  • Name
  • Profile image (optional)

2) Information generated while using the Service

  • Information entered by the user, such as Tasks, Routines, and Memos
  • Calendar Event information
  • Reminder information
  • Check-in / check-out records
  • App settings
  • Usage logs
  • Access timestamps
  • Device information (OS version, app version, device identifier, etc.)
  • Push notification token (FCM / APNs token)

3) Calendar and Reminder integrations

When the user consents to integration, the following information may be processed.

Google Calendar

  • Event title
  • Event time
  • Event notes
  • Event location (when entered by the user)

Apple Calendar / Reminders

With your consent, the Service uses Apple's EventKit framework to access Apple Calendar and Reminders data.

  • Event and reminder titles
  • Time information
  • Notes

The Company does not access Apple Calendar or Reminders data without the user's consent.

4) Location-based features

The Service may request the device's location permission in order to provide weather information for your current area.

When location permission is granted, the Service may use Apple WeatherKit to retrieve weather data (temperature, humidity, wind, precipitation, etc.), along with a reverse-geocoded locality (e.g., "Seoul") and IANA timezone, and store them on the server.

The Company does not store the user's precise GPS coordinates and does not perform continuous location tracking.

The location permission is used solely to provide weather information and related daily check-in features.

You may allow or revoke the location permission at any time in your device settings.

2. Purposes of Collection and Use

The Company processes personal information for the following purposes.

  • Identifying members and providing sign-in
  • Providing schedule and task management features
  • Providing calendar and reminder integration features
  • Providing AI-based daily planning recommendations
  • Providing location-based weather information
  • Delivering push notifications
  • Operating the Service and ensuring its stability
  • Analyzing errors and improving the Service
  • Responding to customer inquiries
  • Preventing fraudulent use

3. AI Features and Data Processing

The Service may process some user-entered data in order to provide AI features.

Examples:

  • Daily plan recommendations
  • Task suggestions based on your schedule
  • Productivity insights

The Company does not use user data for purposes other than providing AI features, and does not use it for advertising-related profiling.

The Company may transmit the minimum data necessary to third-party AI service providers (such as OpenAI and Google) to the extent required to provide AI features.

Through contracts with third-party AI service providers and API settings, the Company ensures that user data is not used for AI model training.

You may refuse automated processing performed through AI features, request an explanation of the results, or ask that the processing be carried out by a human. Such requests can be submitted via the Personal Information Protection Officer contact listed in this Privacy Policy.

4. Retention and Use Period

Once the purpose of collection and use has been achieved, the Company deletes or de-identifies the relevant personal information without delay.

However, where retention for a certain period is required by applicable laws, it is retained as set out below.

CategoryRetention periodLegal basis
Records of contracts and withdrawal of subscription5 yearsE-Commerce Act
Records of consumer complaints and dispute resolution3 yearsE-Commerce Act
Access logs3 monthsProtection of Communications Secrets Act

Upon withdrawal of membership, related personal information is deleted immediately, except for information that must be retained under applicable laws.

5. Provision to Third Parties

As a general rule, the Company does not provide users' personal information to external parties.

The following cases are exceptions.

  • When the user has given prior consent
  • When required by laws and regulations
  • When a lawful request is made by an investigative authority

6. Consignment of Personal Information Processing

For the operation of the Service, the Company may consign personal information processing tasks as set out below.

ConsigneeConsigned tasks
Google FirebaseUser authentication, push notifications, analytics
AmplitudeService usage analytics and user behavior analysis
Google Cloud PlatformServer and data storage
AppleSign in with Apple, EventKit, WeatherKit, and other platform features
OpenAIAI features
GoogleGoogle Calendar API integration and AI features

The Company manages and supervises compliance with applicable personal information protection laws when entering into consignment agreements.

7. Cross-Border Transfer of Personal Information

In the course of providing the Service, the Company may transfer personal information to service providers located outside Korea.

RecipientCountryItems transferredPurposeRetention period
OpenAIUnited StatesPortions of user-entered text and schedule informationProviding AI featuresDeleted immediately after the processing purpose is achieved
GoogleUnited StatesCalendar information and authentication informationCalendar integration and AI featuresDeleted immediately after the processing purpose is achieved
Google FirebaseUnited StatesSign-in information and device informationAuthentication and push notificationsUntil withdrawal of membership or until the processing purpose is achieved
AmplitudeUnited StatesService usage logs and device informationService analytics and quality improvementDeleted immediately after the processing purpose is achieved

The Company handles personal information safely in accordance with applicable personal information protection laws.

Cross-border transfers of personal information occur on an ongoing basis at the time the Service is used, and all data is transmitted over encrypted channels such as HTTPS.

8. User Rights and How to Exercise Them

Users may exercise the following rights regarding their personal information at any time.

  • Access to personal information
  • Correction of personal information
  • Deletion of personal information
  • Request to suspend processing
  • Withdrawal of consent

Upon a request to withdraw membership, related personal information is deleted immediately, except for information that must be retained under applicable laws.

9. Procedure and Method of Destruction

When the retention period has expired or the processing purpose has been achieved, the Company destroys the personal information without delay.

  • Electronic files — deleted using methods that prevent recovery
  • Paper documents — destroyed by shredding or incineration

10. Measures to Protect Personal Information

The Company implements the following measures to protect personal information.

  • HTTPS encrypted communication
  • Minimization of access privileges
  • Token-based access control
  • Logging of personal information access
  • Server access control
  • Regular security reviews

11. Cookies and Similar Technologies

The Service may use cookies or similar technologies to improve the user experience and for analytics.

You may refuse to store cookies through your device settings.

12. Protection of Children's Personal Information

The Service is not intended for children under 14 years of age.

The Company does not knowingly collect personal information from children under 14.

13. Personal Information Protection Officer

To handle user inquiries related to the processing of personal information, the Company operates a dedicated team as set out below.

14. Google API Services Limited Use

When you connect your Google Account, MyDay accesses Google user data — such as your Google Calendar events — solely to provide and improve the features you have requested within the app. MyDay's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, MyDay does not use Google user data for serving advertisements, does not allow humans to read this data unless we first obtain your affirmative consent for specific data, doing so is necessary for security purposes (such as investigating abuse) or to comply with applicable law, and does not transfer or sell this data to third parties for advertising, market research, or any other unrelated purpose.

15. Changes to this Privacy Policy

The Company may amend this Privacy Policy to reflect changes in applicable laws or in the Service.

Any changes will be communicated in advance through in-service announcements or in-app screens.

Effective · May 28, 2026

Simplrun, Inc.