Privacy Policy

Article 1 — Personal Data We Collect and How

The Company collects the following personal data to provide its services.

Article 2 — Purposes of Collection and Use

• User identification and account management
• Providing AI fact-checking services and storing/delivering verification results
• Service usage analytics and quality improvement
• Prevention of illegal or unauthorized use and security maintenance
• Responding to user inquiries and providing customer support
• Sending service-related notices and announcements

Article 3 — Retention and Use Period

1. The Company retains personal data for as long as the user maintains an active account. Upon account deletion, personal data is destroyed without delay.
2. Where required by applicable law, certain data may be retained for specified periods:
   • Records relating to contracts or withdrawal of offers: 5 years (Consumer Protection Act in E-Commerce)
   • Access logs: 3 months (Protection of Communications Secrets Act)

Article 4 — Disclosure to Third Parties

1. The Company does not, as a rule, provide personal data to third parties.
2. Exceptions apply in the following cases:
   • The user has given prior consent
   • Disclosure is required by law or requested by a law-enforcement authority following lawful procedures

Article 5 — Processing Entrusted to Third Parties

To facilitate service delivery, the Company entrusts certain data-processing tasks to the following processors.

Article 6 — Destruction of Personal Data

1. The Company destroys personal data without delay once the retention period has elapsed or the processing purpose has been fulfilled.
2. Personal data stored in electronic form is deleted using technical methods that render recovery impossible.
3. Upon account deletion, Firebase Authentication credentials and Firestore data are permanently removed immediately.

Article 7 — User Rights and How to Exercise Them

1. Users have the right to access, correct, and delete their personal data at any time.
2. Requests for access, correction, or deletion can be submitted through the Profile menu within the service or by email at api-support@ann-verify.io.
3. The Company will notify users of the outcome within 10 business days of receiving a request.
4. The Company does not knowingly collect personal data from children under the age of 14. If such data is identified, it will be deleted immediately.

Article 8 — Cookies and Local Storage

1. The Company uses cookies and local storage to operate its service.
2. Cookies are used to maintain login sessions and save user preferences (e.g., dark mode).
3. Users may refuse cookies via browser settings; however, certain service features may be restricted as a result.

Article 9 — Security Measures

The Company implements the following technical and administrative measures to protect personal data.

• Encrypted password storage (handled by Firebase Authentication)
• HTTPS encryption for all communications
• Access control via Firebase Security Rules
• Minimum necessary data collection
• Limiting internal access to personal data to essential personnel only

Article 10 — Privacy Officer

The Company has designated a Privacy Officer responsible for overseeing personal data handling.

• Operator: The Monster Lab
• Service: ANN Verify
• Email: api-support@ann-verify.io