Privacy Policy
Simplrun, Inc. (the "Company") takes the personal information of users of MyDay (the "Service") seriously and complies with the Personal Information Protection Act and other applicable laws.
This Privacy Policy explains how the Company uses your personal information and the measures it takes to protect it.
This Privacy Policy is effective from May 28, 2026.
1. Categories of Personal Information Collected
The Company may collect the following personal information in order to provide the Service.
1) Sign-up and sign-in
Sign in with Apple
- Email address (when provided by the user)
- Apple user identifier
Sign in with Google
- Email address
- Name
- Profile image (optional)
2) Information generated while using the Service
- Information entered by the user, such as Tasks, Routines, and Memos
- Calendar Event information
- Reminder information
- Check-in / check-out records
- App settings
- Usage logs
- Access timestamps
- Device information (OS version, app version, device identifier, etc.)
- Push notification token (FCM / APNs token)
3) Calendar and Reminder integrations
When the user consents to integration, the following information may be processed.
Google Calendar
- Event title
- Event time
- Event notes
- Event location (when entered by the user)
Apple Calendar / Reminders
With your consent, the Service uses Apple's EventKit framework to access Apple Calendar and Reminders data.
- Event and reminder titles
- Time information
- Notes
The Company does not access Apple Calendar or Reminders data without the user's consent.
4) Location-based features
The Service may request the device's location permission in order to provide weather information for your current area.
When location permission is granted, the Service may use Apple WeatherKit to retrieve weather data (temperature, humidity, wind, precipitation, etc.), along with a reverse-geocoded locality (e.g., "Seoul") and IANA timezone, and store them on the server.
The Company does not store the user's precise GPS coordinates and does not perform continuous location tracking.
The location permission is used solely to provide weather information and related daily check-in features.
You may allow or revoke the location permission at any time in your device settings.
2. Purposes of Collection and Use
The Company processes personal information for the following purposes.
- Identifying members and providing sign-in
- Providing schedule and task management features
- Providing calendar and reminder integration features
- Providing AI-based daily planning recommendations
- Providing location-based weather information
- Delivering push notifications
- Operating the Service and ensuring its stability
- Analyzing errors and improving the Service
- Responding to customer inquiries
- Preventing fraudulent use
3. AI Features and Data Processing
The Service may process some user-entered data in order to provide AI features.
Examples:
- Daily plan recommendations
- Task suggestions based on your schedule
- Productivity insights
The Company does not use user data for purposes other than providing AI features, and does not use it for advertising-related profiling.
The Company may transmit the minimum data necessary to third-party AI service providers (such as OpenAI and Google) to the extent required to provide AI features.
Through contracts with third-party AI service providers and API settings, the Company ensures that user data is not used for AI model training.
You may refuse automated processing performed through AI features, request an explanation of the results, or ask that the processing be carried out by a human. Such requests can be submitted via the Personal Information Protection Officer contact listed in this Privacy Policy.
4. Retention and Use Period
Once the purpose of collection and use has been achieved, the Company deletes or de-identifies the relevant personal information without delay.
However, where retention for a certain period is required by applicable laws, it is retained as set out below.
| Category | Retention period | Legal basis |
|---|---|---|
| Records of contracts and withdrawal of subscription | 5 years | E-Commerce Act |
| Records of consumer complaints and dispute resolution | 3 years | E-Commerce Act |
| Access logs | 3 months | Protection of Communications Secrets Act |
Upon withdrawal of membership, related personal information is deleted immediately, except for information that must be retained under applicable laws.
5. Provision to Third Parties
As a general rule, the Company does not provide users' personal information to external parties.
The following cases are exceptions.
- When the user has given prior consent
- When required by laws and regulations
- When a lawful request is made by an investigative authority
6. Consignment of Personal Information Processing
For the operation of the Service, the Company may consign personal information processing tasks as set out below.
| Consignee | Consigned tasks |
|---|---|
| Google Firebase | User authentication, push notifications, analytics |
| Amplitude | Service usage analytics and user behavior analysis |
| Google Cloud Platform | Server and data storage |
| Apple | Sign in with Apple, EventKit, WeatherKit, and other platform features |
| OpenAI | AI features |
| Google Calendar API integration and AI features |
The Company manages and supervises compliance with applicable personal information protection laws when entering into consignment agreements.
7. Cross-Border Transfer of Personal Information
In the course of providing the Service, the Company may transfer personal information to service providers located outside Korea.
| Recipient | Country | Items transferred | Purpose | Retention period |
|---|---|---|---|---|
| OpenAI | United States | Portions of user-entered text and schedule information | Providing AI features | Deleted immediately after the processing purpose is achieved |
| United States | Calendar information and authentication information | Calendar integration and AI features | Deleted immediately after the processing purpose is achieved | |
| Google Firebase | United States | Sign-in information and device information | Authentication and push notifications | Until withdrawal of membership or until the processing purpose is achieved |
| Amplitude | United States | Service usage logs and device information | Service analytics and quality improvement | Deleted immediately after the processing purpose is achieved |
The Company handles personal information safely in accordance with applicable personal information protection laws.
Cross-border transfers of personal information occur on an ongoing basis at the time the Service is used, and all data is transmitted over encrypted channels such as HTTPS.
8. User Rights and How to Exercise Them
Users may exercise the following rights regarding their personal information at any time.
- Access to personal information
- Correction of personal information
- Deletion of personal information
- Request to suspend processing
- Withdrawal of consent
Upon a request to withdraw membership, related personal information is deleted immediately, except for information that must be retained under applicable laws.
9. Procedure and Method of Destruction
When the retention period has expired or the processing purpose has been achieved, the Company destroys the personal information without delay.
- Electronic files — deleted using methods that prevent recovery
- Paper documents — destroyed by shredding or incineration
10. Measures to Protect Personal Information
The Company implements the following measures to protect personal information.
- HTTPS encrypted communication
- Minimization of access privileges
- Token-based access control
- Logging of personal information access
- Server access control
- Regular security reviews
11. Cookies and Similar Technologies
The Service may use cookies or similar technologies to improve the user experience and for analytics.
You may refuse to store cookies through your device settings.
12. Protection of Children's Personal Information
The Service is not intended for children under 14 years of age.
The Company does not knowingly collect personal information from children under 14.
13. Personal Information Protection Officer
To handle user inquiries related to the processing of personal information, the Company operates a dedicated team as set out below.
- Team — Simplrun Privacy Team
- Email — privacy@simplrun.com
14. Google API Services Limited Use
When you connect your Google Account, MyDay accesses Google user data — such as your Google Calendar events — solely to provide and improve the features you have requested within the app. MyDay's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically, MyDay does not use Google user data for serving advertisements, does not allow humans to read this data unless we first obtain your affirmative consent for specific data, doing so is necessary for security purposes (such as investigating abuse) or to comply with applicable law, and does not transfer or sell this data to third parties for advertising, market research, or any other unrelated purpose.
15. Changes to this Privacy Policy
The Company may amend this Privacy Policy to reflect changes in applicable laws or in the Service.
Any changes will be communicated in advance through in-service announcements or in-app screens.