Back to Home

Space Todo Privacy Policy

Effective Date: December 1, 2025 (Last Updated: March 31, 2026)

1. Purpose of Processing Personal Information

Space Todo processes personal information for the following purposes. Processed personal information will not be used for purposes other than those listed below, and prior consent will be obtained if the purpose of use changes.

A. Service Provision

  • Account registration and sign-in (Apple/Google social login)
  • Provide space layout creation and editing features
  • Provide equipment and item placement management features
  • Provide inspection/maintenance todo management features
  • Manage regular inspection schedules through routine automation
  • Provide handover memo creation and sharing features
  • Provide real-time collaboration and space sharing features
  • Provide schedule reminders through push notifications
  • Data synchronization and backup via server
  • Provide personalized user experience

2. Personal Information Collection List

A. Required Collection Items

  • Social login information (name, email, profile image)
  • Basic user settings (language, etc.)
  • Space layout data (item position, size, shape, color)
  • Zone data (zone position, size, name)
  • Wall data (wall position, direction)
  • Todo data (title, description, completion status, due date, completer info)
  • Routine data (title, description, repeat cycle)
  • Memo data (content, priority, author info)
  • Push notification token (Expo Push Token)
  • Sharing and invite information (roles, invite codes)

B. Automatically Collected Items

  • Device information and device identifier
  • Session information (IP address, User Agent)
  • App usage logs
  • Error logs

C. When Using AI Canvas Generation Feature (Optional)

  • Space images uploaded by user
  • AI generation request content

D. Retention Period

  • Non-logged-in users: stored in local storage until app is deleted
  • Logged-in users: stored on server until account deletion (deleted immediately upon withdrawal)
  • Images uploaded for AI features are deleted immediately after processing

3. Storage and Destruction of Personal Information

  • Non-logged-in users' data is stored only in the device's local storage (AsyncStorage).
  • Logged-in users' data is synchronized and stored on the server (Cloudflare D1) through encrypted connections.
  • Shared space data is stored on the server for collaboration; access is revoked upon leaving the shared space.
  • Handover memos are accessible only to members of the relevant space and are deleted when the space is deleted.
  • All locally stored data is automatically destroyed when the app is deleted.
  • All server-stored data is immediately deleted upon account withdrawal.
  • Images uploaded when using the AI canvas generation feature are deleted immediately after server processing.

4. Provision of Personal Information to Third Parties

Space Todo does not, in principle, provide user personal information externally.

However, limited integration with external services occurs in the following cases: (1) Authentication information during Apple/Google social login, (2) Image transmission to server when using AI canvas generation (deleted immediately after processing), (3) Integration with Expo Push service for push notification delivery.

When a user shares a space, the space data (layouts, todos, routines, memos) is shared only with invited members and is not provided to external third parties.

5. Measures to Ensure Personal Information Security

1. Local Data Security

  • Ensure data integrity through secure AsyncStorage usage
  • Authentication tokens are securely stored in Expo SecureStore (native encrypted storage)
  • Safe storage and management of user space layout and todo information

2. Data Protection

  • Server data is securely protected on Cloudflare infrastructure
  • Authentication information protected via session-based auth (HTTP-Only Cookies)
  • Shared spaces enforce role-based access control (Admin/Worker/Viewer)
  • No passwords stored; only social login supported

3. Network Security

  • All server communication is encrypted via HTTPS
  • Real-time collaboration connects through secure WebSocket (WSS)
  • Minimize server-transmitted data and delete immediately after processing

6. User Rights and How to Exercise Them

Users can exercise the following rights:

  • Request destruction of personal information by deleting the app or withdrawing account
  • View and modify stored settings and data
  • Manage and delete space layout, todo, and memo data
  • Change routine and notification settings
  • Manage shared space members and leave shared spaces
  • Change language settings
  • Manage content through space layout save and load

7. Personal Information Department

  • Personal Information Department: Space Todo Development Team
  • Email: support@snap-tool.com

8. Changes to Privacy Policy

This privacy policy is effective from December 1, 2025. If there are additions, deletions, or modifications to reflect changes in laws or services, we will notify you through announcements at least 7 days before the changes take effect.