Privacy Policy

Introduction

Lurest Inc. (the "Company") establishes this Privacy Policy as follows regarding the handling of user information in "X Follow Checkup" (the "Service") provided by the Company.

Article 1 (Information We Collect)

The Company may collect or handle the following information in providing the Service.

1. User identifiers, display names, usernames, profile images, and other X account information acquired through X OAuth authentication
2. Following accounts, followers, public profile information, authentication status, public metrics, and other information necessary for Service features acquired through the X API
3. Check conditions, exclusion settings, display conditions, and other operation details selected or entered by users on the Service
4. Payment status, payment IDs, billing records, and other information necessary for payment management when payments occur
5. Names, email addresses, inquiry details, and other contact information provided by users when making inquiries
6. Access date and time, browser, device, IP address, cookies, log information, error information, and other technical information regarding Service usage

Article 2 (Purposes of Use)

The Company uses collected information for the following purposes.

1. To provide the Service, perform authentication and identity verification, and manage login status
2. To acquire, display, organize, and assist analysis of following account or follower information using the X API
3. To display and manage check results, acquisition jobs, payment records, and usage history
4. To respond to inquiries, verify identity, and send important notices
5. To investigate bugs, respond to incidents, ensure security, and prevent unauthorized use
6. To improve Service quality and features, and analyze usage status
7. To comply with laws, terms, X Developer Agreement / Policy, and other applicable rules

Article 3 (Handling of X API and X Data)

The Service acquires information using the X API based on the user's explicit authentication and consent.

The Company handles information acquired from the X API to the extent necessary to provide Service features. Acquired information is handled in accordance with X's terms of service, developer policies, and other conditions set by X.

The Company does not use information acquired from the X API for purposes that violate laws or X's terms. The Company also does not sell or provide acquired X data to third parties outside the purpose of the Service without user consent.

Article 4 (Handling of Access Tokens and Similar Information)

The Service may handle access tokens, refresh tokens, and other information necessary for authentication issued through X OAuth authentication.

The Company uses this information to the extent necessary to maintain login status for the Service, access the X API, refresh tokens, and otherwise provide the Service.

The Company handles authentication information under appropriate security measures, and deletes or invalidates it by reasonable methods when it is no longer necessary.

Article 5 (Third-Party Provision)

The Company does not provide users' personal information to third parties except in the following cases.

1. When the user has given consent
2. When required by law
3. When necessary to protect a person's life, body, or property and it is difficult to obtain the user's consent
4. When particularly necessary to improve public health or promote the sound growth of children and it is difficult to obtain the user's consent
5. When cooperation with a national agency, local government, or its contractor is necessary, and obtaining the user's consent may interfere with execution of the relevant affairs
6. When handling is entrusted to service providers to the extent necessary for payment, infrastructure, analytics, inquiry management, or other provision of the Service

Article 6 (External Services)

The Service may use the following external services.

Handling of information by external services is governed by the terms and privacy policies established by each service provider.

1. X API and X OAuth authentication
2. Payment services such as Stripe
3. Hosting and infrastructure services such as Vercel
4. Services for access analytics, error monitoring, inquiry management, and similar purposes

Article 7 (Use of Cookies and Similar Technologies)

The Company may use cookies, local storage, and other similar technologies to maintain login status, ensure security, analyze usage, and improve the Service.

Users may disable cookies through browser settings. However, if cookies are disabled, some Service features may not be available.

Article 8 (Retention Period)

The Company retains acquired information for the period necessary to achieve the purposes of use or for the period required by law.

Information no longer necessary for providing the Service will be deleted, anonymized, or processed in a manner that makes restoration difficult within a reasonable period.

Article 9 (Security Measures)

The Company takes necessary and appropriate security measures to prevent leakage, loss, damage, unauthorized access, and similar incidents involving acquired information.

However, due to the nature of internet communications and external services, the Company does not guarantee complete security.

Article 10 (Disclosure, Correction, Deletion, and Similar Requests)

Users may request disclosure, correction, suspension of use, deletion, and similar handling of their personal information held by the Company in accordance with laws.

Users who wish to make such requests should contact the Service inquiry window. After verifying identity, the Company will respond within a reasonable scope in accordance with laws.

Article 11 (Use by Minors)

If a minor uses the Service, the minor shall use it after obtaining consent from a parent, guardian, or other legal representative.

Article 12 (Changes to this Policy)

The Company may change this Policy as necessary. The revised Policy becomes effective when displayed on the Service or at the time specified by the Company.

Article 13 (Inquiries)

Inquiries regarding this Policy should be made through the inquiry page or inquiry window separately designated by the Company.