100wish.

100wish. Privacy Policy

Last Updated: 2026-06-04

The Service Operator (the "Operator") establishes this Privacy Policy (the "Policy") regarding the handling of user information in the "100wish." service and related services (the "Service") provided by the Operator.

1. Information Collected

The Operator may collect and store the following information for Service provision and improvement:

  • Identifiers: Firebase Auth UID, friend codes
  • Profile: Display name, avatar image URL, etc. (when entered by user)
  • Content: Wish titles, tags, notes, photos (front and back), etc.
  • List/Member Information: List type (personal/shared), year, member roles (owner/editor/viewer), member limit (up to 5)
  • NextPick Information: Random selection status, next challenge decision information
  • Subscription Information: Plan type, active/inactive, validity period, payment store type (App Store, etc.), RevenueCat integration information, billing suspension restrictions (joined lists hidden, only oldest owner list displayed)
  • AI Wish Suggestion Usage: Daily usage count and date (Japan Standard Time)
  • Device/Log Information: Device information, OS, app version, access logs, crash logs, cookies/local storage similar technologies
  • Permissions: Access to camera, photo library, etc. (when user permits)

Note: We currently do not collect data for third-party advertising delivery or tracking purposes. If introduced, we will update this Policy and App Privacy display.

2. Purpose of Use

The Operator uses the collected information for the following purposes:

  • Service provision and operation
  • User authentication and account management
  • Wish list creation and management
  • Photo storage and display
  • NextPick functionality provision and status management
  • Shared list functionality (Premium feature)
  • Progress tracking and statistics
  • Service improvement and development
  • Customer support
  • AI Wish suggestion feature (generating new wish candidates based on existing wishes)
  • Security and fraud prevention
  • Legal compliance

3. Information Sharing

The Operator does not share personal information with third parties except in the following cases:

  • When user consent is obtained
  • When required by law
  • When necessary to protect life, body, or property
  • When cooperating with public institutions
  • When using external services (Firebase, RevenueCat, OpenAI, etc.)

4. External Service Usage

The Service uses the following external services:

  • Firebase: Authentication, database, storage, analytics
  • RevenueCat: Subscription management
  • Apple App Store: Payment processing
  • OpenAI API: AI Wish suggestion generation (see Section 5)

Please refer to each service's privacy policy for information handling.

5. AI Wish Suggestions & OpenAI API

The Service's "AI Wish Suggestion Feature" uses the API provided by OpenAI, LLC (the "OpenAI API") via the Operator's servers (Firebase Cloud Functions). Data is not sent directly from the app to OpenAI.

Information Transmitted

To generate suggestions, the following wish information from lists accessible to the User is sent to the OpenAI API:

  • Title
  • Genre (category)
  • Location (if provided)
  • Status (e.g., wish or completed)

If the User participates in shared lists, wish information registered by other members in those lists may also be sent as context for suggestion generation. Photos, notes, display names, etc. are not sent.

Purpose of Use

Transmitted data is used solely to generate new wish candidates through the AI Wish Suggestion Feature.

Model Training

Data sent to the OpenAI API is not used to train OpenAI models by default under OpenAI's API usage policies. The Operator does not enable opt-in sharing of data for model improvement.

Retention

OpenAI may retain API data for a limited period (up to approximately 30 days) for abuse monitoring and similar purposes. See OpenAI's API data usage policies for details.

International Transfer

Processing via the OpenAI API may occur in the United States or other countries, and the information above may be transferred outside Japan.

6. Data Security

The Operator takes appropriate security measures to protect user information:

  • Encryption of data transmission
  • Access control and authentication
  • Regular security updates
  • Employee education and training

7. Data Retention & Deletion

  1. Automatic Deletion Conditions: If 180 days or more have passed since the User last used the Service, the Operator may delete all or part of the User's information and content without prior notice.
  2. Deletion Target Data: The deletion target includes all of the following data:
    • User profile information (display name, avatar image, etc.)
    • Wish lists (titles, tags, notes, photos (front and back), etc.)
    • NextPick information (random selection status, next challenge decision information, etc.)
    • Shared list information (list settings, member information, etc.)
    • Subscription information (plan type, validity period, etc.)
    • AI Wish suggestion usage count information
    • Access logs, crash logs, and other technical information
  3. No Prior Notice: Data deletion is performed without prior notice to Users.
  4. User Responsibility for Backup: Users are responsible for backing up important data themselves.
  5. Irreversibility of Deletion: Deleted data cannot be recovered in principle.
  6. Legal Retention Obligations: Data required to be retained by law may be retained even after the deletion period.

8. User Rights

Users have the following rights regarding their personal information:

  • Right to access their personal information
  • Right to correct inaccurate information
  • Right to delete personal information
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

For requests regarding these rights, please contact: app.fumixroom@gmail.com

9. Cookies & Similar Technologies

The Service may use cookies and similar technologies to improve user experience and analyze usage. Users can disable cookies through browser settings, but this may affect Service functionality.

10. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will delete such information.

11. International Data Transfers

User information may be transferred to and processed in countries other than the user's country. The Operator ensures appropriate protection measures are in place for such transfers.

12. Policy Changes

The Operator may change this Policy as necessary. Significant changes will be communicated through Service notifications or other appropriate means.

13. Business Transfer

If the Operator changes the Service operation entity through business transfer, company split, etc., user information including personal information will be transferred to the successor.

14. Contact Information

For inquiries regarding this Policy, please contact:

Email: app.fumixroom@gmail.com