Privacy Policy
Effective date: May 10, 2026
1. Information We Collect
a. At Account Creation (Required)
- Email address (for verification and as a login identifier)
b. During Service Use (Required)
- Pi Network blockchain wallet addresses (registered by you)
- Push notification token (FCM token)
- Device identifier, application version, OS information
c. Optional
- Telegram chat ID (only if you enable Telegram notifications)
d. Payment Information
- In-app purchases are processed by Apple App Store and Google Play. We only receive and store the purchase confirmation, receipt token, and subscription expiry date.
- We never collect or store credit card numbers, bank account details, or any other payment instrument data.
e. Automatically Collected
- IP address
- Service usage logs (request paths, response times, error logs)
Collection Methods
- Direct input by user within the app
- Automatic collection during app usage
- Received from Apple/Google payment systems
2. How We Use Your Information
- Identity verification and user identification (sending email OTP)
- Monitoring blockchain transactions on registered wallets and sending notifications
- Processing paid plan subscriptions and managing access permissions
- Preventing abuse and ensuring service stability
- Service improvement and statistical analysis (in non-identifiable form)
- Sending important service notices (terms changes, security incidents, etc.)
3. Data Retention
| Data Type | Retention Period | Basis |
|---|---|---|
| Account info (email, wallet addresses, push tokens) | Until account deletion | User consent |
| OTP verification code | 5 minutes after issuance | Service operation |
| Payment records | 5 years | Korean E-Commerce Act |
| Access logs | 3 months | Korean Communications Privacy Act |
| Abuse records | 1 year | Re-registration prevention |
4. Data Deletion
We delete personal information without delay once the retention period expires or the processing purpose is fulfilled.
- Electronic files: Permanently deleted using methods that prevent recovery
- Paper documents: We do not store personal information on paper
5. Disclosure to Third Parties
We do not share your personal information with external parties, except in the following cases:
- When you have given prior explicit consent
- When required by law or by legitimate request from law enforcement following legally prescribed procedures
6. Service Providers (Sub-processors)
We use the following service providers to operate Pi Alarm. These providers process data on our behalf under contractual obligations to maintain confidentiality and security.
| Provider | Purpose | Country |
|---|---|---|
| Amazon Web Services, Inc. | Infrastructure hosting, database, email delivery (Amazon SES) | South Korea (Seoul region) |
| Google LLC | Push notifications (Firebase Cloud Messaging) | United States |
| Apple Inc. / Google LLC | In-app purchase processing | United States |
| Telegram Messenger Inc. | Notification delivery (only if you enable it) | United Arab Emirates |
| Stellar Development Foundation / Pi Network | Blockchain transaction data lookup | United States |
7. Your Rights
You may exercise the following rights at any time:
- Right to access your personal information
- Right to correct inaccurate information
- Right to request deletion
- Right to request restriction of processing
You can exercise these rights through:
- The "Settings → Account" menu within the app
- Selecting "Delete Account" in the app — all personal information is immediately purged (except records subject to legal retention)
- Email request to taos@nate.com
8. Security Measures
- Technical measures:
- Passwordless authentication via email OTP — eliminates password leak risk
- All communication encrypted with TLS 1.2 or higher
- Stored data encrypted at rest with AES-256 (AWS default encryption)
- Administrative measures:
- Least-privilege access control via AWS IAM
- Access log monitoring
- Regular security audits and vulnerability assessments
9. Cookies and Tracking
The Service does not use web cookies. The mobile application uses your device's FCM token solely for push notification delivery. The token is automatically invalidated upon device change or app uninstall.
10. Children's Privacy
The Service does not knowingly accept registration from children under the age of 14. If we discover that a child under 14 has registered an account, we will delete it immediately.
11. Contact
For privacy-related inquiries, please contact our Data Protection Officer:
- Email: taos@nate.com
12. Changes to This Policy
This Privacy Policy is effective as of May 10, 2026.
We will notify users of any changes through in-app notifications or email at least 7 days before the changes take effect. For material changes affecting user rights, we will provide notice at least 30 days in advance.
Pi Alarm