Privacy Policy

The Operator collects the following information:

• Account information: Name, email address, and profile image URL obtained via Google authentication
• Authentication and session data: Session tokens, authentication logs (login timestamps, IP address, browser type, device information), and linked Google account ID and OAuth tokens

Account information and authentication/session data are processed and managed by Clerk, the authentication infrastructure service used by the Operator. For Clerk's privacy policy, see Article 5.

Regarding BalanceNavi Data: "BalanceNavi Data" refers to all income, expense, and asset data created or recorded in the Service (including transaction history, balances, budgets, category settings, CSV import data, etc.). This data is not stored on the Operator's servers. It is saved to an app-specific folder in the user's own Google Drive (BYOS model). Note that BalanceNavi Data passes through the Operator's server when communicating with the Google Drive API; however, the Operator does not store this data on the server, and does not read or use its contents.

Regarding Google scopes used: To sync BalanceNavi Data across multiple devices, the Service uses the "drive.appdata" scope provided by Google (https://www.googleapis.com/auth/drive.appdata). This scope grants access only to a hidden, app-specific folder and does not access the user's regular Google Drive files.

BalanceNavi's use of information obtained from Google APIs complies with the Google API Services User Data Policy, including its Limited Use requirements. Google API Services User Data Policy

Specifically, handling of user data obtained from Google ("Google User Data") is restricted as follows:

• Limited use: Google User Data is used only to provide and improve the core functionality of the Service (syncing data across multiple devices). It is not used for any purpose beyond what the user has consented to.
• No use for advertising: Google User Data is not used for serving ads or ad targeting.
• No transfer to third parties: Google User Data is not provided or sold to third parties beyond what is necessary to provide the Service.
• No human review: Google User Data will not be read or processed by humans except for security purposes, legal obligations, or support purposes (when the user has explicitly consented).
• Data minimization: Only the scopes necessary for the Service are requested; no additional data access is performed.

Collected information is used for the following purposes:

• Providing, operating, and improving the Service
• Responding to inquiries
• Identifying and handling violations of the Terms of Service
• Analyzing usage in statistical and anonymized form
• Notifying users of maintenance and important announcements

The Operator will not provide personal information to third parties except in the following cases: with the user's consent; as required by law; or when necessary to protect life, body, or property and obtaining consent is not feasible.

The Operator will not sell users' personal information to third parties under any circumstances (including activities that constitute a "sale" of personal information as defined under the California Consumer Privacy Act (CCPA)).

The following third-party services are used:

These third-party service providers may process information related to users to the extent necessary for providing the Service, authentication, data sync, access analysis, behavioral analytics, CDN delivery, and security measures. The handling of information, storage locations, international transfers, and security measures by each provider are governed by that provider's privacy policy and related terms.

The Service uses cookies, localStorage, and similar technologies to provide the Service, maintain login state, and improve the Service. For analytics and related purposes, usage-related information may be transmitted to the following external services.

• Maintaining login state: Used to manage authentication sessions.
• Usage analysis: Google Analytics is used from the first visit to analyze access for service improvement purposes. You may also disable it using the Google Analytics Opt-out Browser Add-on.
• Behavioral analytics: We use Microsoft Clarity to analyze how users interact with the Service through heatmaps and session recordings. Microsoft Clarity is loaded from the first visit. Data collected is used solely for service improvement and is processed in accordance with the Microsoft Privacy Statement.
• Guest mode usage tracking: When using Guest Mode, a date value (balancenavi:guest_daily_active_date) is stored in the browser's localStorage to record whether the Service has been used on a given day. In addition, actions such as starting Guest Mode, exiting Guest Mode, and migrating data to an account are sent to Google Analytics as anonymous events. None of this information contains personally identifiable data.

Cookies and localStorage can be disabled in your browser settings, but some features may become unavailable.

The Operator endeavors to implement reasonable and appropriate security measures to protect users' information. As a general rule, BalanceNavi Data is not stored on the Operator's servers and is stored in an app-specific folder in the user's own Google Drive.

However, internet transmission, electronic storage, use of external services, and each user's usage environment involve inherent risks, and technical or operational measures cannot eliminate every risk completely. The Operator does not guarantee the absolute security of users' information.

BalanceNavi Data is stored in an app-specific folder in the user's own Google Drive. The Operator does not hold this data. If you use the account deletion feature in the settings screen, BalanceNavi Data in the app-specific folder will be deleted. The Service also revokes the Google OAuth token so that disconnection from the Service is reflected on the Google Account app permissions page. You may also revoke the Service's access yourself from that page.

If an account is deleted, the user account on Clerk is deleted, and account information held by the Operator (email address, etc.) is deleted immediately.

Authentication logs managed by Clerk (login timestamps, IP addresses, device information, etc.) are managed in accordance with Clerk's data retention policy. For details, please refer to Clerk's Privacy Policy. To request deletion of authentication logs, please contact us through the in-service inquiry form.

Users have the right to request disclosure, correction, deletion, or suspension of use of their personal information held by the Operator. Data deletion is available through the account deletion feature in the settings screen. For other requests, please contact us through the in-service inquiry form.

This policy may be revised in response to changes in laws or other circumstances. For significant changes, the Operator will endeavor to notify users in advance through the Service. Revised policies take effect 7 days after being posted on this page.

This Service is currently intended for users residing in Japan and the United States. Coverage may expand to additional regions in the future.

For Users in Japan

The Service complies with Japan's Act on the Protection of Personal Information (APPI).

For Users in the United States

There is no unified federal privacy law in the US. However, we do not sell users' personal information to third parties. California residents may have rights under CCPA, but as we do not sell or share personal information, the primary applicable right is the ability to delete your data at any time via the account deletion feature in settings.

For Users Outside Japan and the United States

This Service is currently outside our supported scope for regions other than Japan and the US. Coverage may expand in the future. If you choose to use the Service at this time, please be aware that compliance with the laws of your country or region (such as GDPR) is not guaranteed. Use of the Service from unsupported regions is at your own discretion and risk.

Governing Law, Jurisdiction, and Language

By using this Service, you agree that Japanese law governs your use of the Service and that Japanese courts have exclusive jurisdiction over any disputes arising from your use of the Service. Under Japanese civil procedure law, all court proceedings are conducted in Japanese. Accordingly, all communications related to this Service — including litigation and other dispute resolution proceedings — will be conducted in Japanese.

Our Privacy Commitments

We are committed to the following:

• Your BalanceNavi financial data is stored in your own Google Drive — not on our servers
• You can delete all your data at any time using the account deletion feature in settings (this deletes your BalanceNavi data from Google Drive, and your account information held by Clerk such as email address and session data)
• Because your BalanceNavi data lives in your own Google Drive, data portability is guaranteed by design — you already have direct access to your data
• We do not sell your personal information to third parties
• Analytics tools are used solely for service improvement purposes

For any privacy-related questions, please contact us via the in-service inquiry form.