Privacy Policy

four-talk (the "Service") respects your privacy and is committed to protecting personal information. This Privacy Policy (the "Policy") explains how we collect, use, share, store, transfer, and manage personal data and how users may exercise their rights.

The authoritative version of this Policy is the Japanese version. English and other translated versions are provided for convenience only. If there is any inconsistency, the Japanese version will prevail.

We may collect the following categories of information.

Account information: email address, authentication provider details, country of residence, language settings, age-verification result, and parental consent status where required.

Usage information: talk participation timestamps, number of participants, topics, anonymous display names, talk-history metadata, talk time consumption history, balance information, ratings, reports, settings, and inquiry details.

Voice and text related information: speech-to-text output, translated text, conversation-derived metadata, and analysis data only when the user has provided explicit consent.

Device and technical information: device type, operating system, browser, app version, logs, IP address, web cookie-consent status, and in-app analytics, notification, and marketing preferences.

Payment-related information: purchase platform (iOS: App Store, Android: Google Play, Web: Stripe), purchase date and time, purchased minutes, currency, amount, subscription status, subscription plan, renewal date, expiration date, transaction identifiers, purchase tokens, etc. We do not store full payment card details (e.g., card number, CVV); those are handled by payment providers.

We use collected information to provide the Service, verify identity, perform age verification, operate matching, voice communication, automatic translation, talk history, talk time consumption and balance management, expiration management, billing, purchase history management, balance expiry notifications, subscription management, billing integrity audits, support, fraud prevention, safety measures, incident response, legal compliance, audits, anonymized statistics, and analysis features that the user has explicitly opted into.

Conversation-derived data for social issue detection, trend analysis, or anonymized statistical reporting is disabled by default and used only when the user has separately provided explicit opt-in consent.

On the website, we may use essential cookies and optional tracking technologies such as analytics cookies, localStorage, and sessionStorage. Optional tracking is activated only after consent where required by applicable regional laws.

Only when optional tracking is accepted on the website, we create a Firebase Authentication anonymous user and use its UID as GA4 user_id. This identifier is used to connect behavior from www visits to app journeys and to improve conversion analysis.

When a user rejects tracking, all analytics cookies, localStorage data, and sessionStorage data used for tracking purposes are removed. Only data essential for service operation (such as the consent record itself) is retained.

When optional tracking is not accepted or consent is withdrawn, we do not run optional tracking, do not newly create Firebase Authentication anonymous users, and do not set GA4 user_id.

Our mobile apps do not rely on browser cookies. Instead, analytics, notification/functional, and marketing preferences are managed through in-app settings. The collection method, default values, and re-consent requirements may vary depending on the user's region.

Users may update optional settings at any time through website cookie and tracking controls or in-app settings.

For users signed in to the app, tracking for usage analytics and similar purposes is covered by your consent to this Privacy Policy. We do not provide a mechanism to refuse tracking alone while remaining signed in. To stop all tracking, please delete your account.

We may use the following sub-processors or service providers.

Google Cloud Platform / Firebase for authentication, storage, Cloud Functions, messaging, analytics, and monitoring; Agora for real-time voice communication; Google Cloud Speech-to-Text and Translation for speech recognition and translation; Amazon Web Services for email delivery; Stripe for web payments; Apple App Store and Google Play for in-app billing.

We share data with those providers only to the extent necessary to operate the Service, maintain security, prevent fraud, and comply with law. We may also disclose information to law enforcement, courts, regulators, or others where required by law or necessary to protect users or third parties.

Material changes to sub-processors may be announced by updating this Policy or publishing notice on the website.

We aim to store user data in a single region selected based on the user's country of residence. However, personal data may be transferred to or accessed from other countries when necessary for authentication, payment processing, email delivery, auditing, incident response, security monitoring, or legal compliance.

Where required by applicable law, including the GDPR, UK GDPR, or other privacy laws, we rely on lawful transfer mechanisms such as standard contractual clauses, data-processing agreements, statutory exceptions, or user consent.

Cross-region sharing or international access may also occur for disaster recovery, payment reconciliation, law-enforcement response, or other limited operational purposes.

Disclosure under Japan's Act on the Protection of Personal Information (APPI): The Service uses Firebase (Google Cloud) infrastructure. Personal data may be processed on servers outside Japan, primarily in the United States. If you would like information about data protection frameworks in destination countries, please contact us through the in-app support feature.

Data residency is generally determined based on the country of residence selected when the user first starts the Service. We avoid unnecessary transfers between regions.

Active account data is retained while the account remains active. After an account deletion request, data is generally retained for 90 days during which restoration may be possible. Data required for legal retention, fraud prevention, audits, dispute handling, taxation, or accounting may be retained longer or anonymized and retained.

Retention periods for talk history, purchase history, billing audit logs, billing integrity audit logs, reports, and other records are determined by service requirements and applicable law (including tax reporting obligations). Payment-related data and billing audit logs are retained for 10 years in principle to meet legal retention requirements under Japanese Commercial Code and EU accounting directives. User operation audit trails are retained for 5 years based on GDPR accountability principles and Japanese civil law statute of limitations.

We use automated processing for AI-based matching, automatic translation, speech recognition, fraud detection, report-review assistance, and quality improvement analytics. These processes support service delivery, safety, and user-experience improvement.

Inputs may include topics, language settings, conversation-derived metadata, speech-to-text output, and service-usage data. Human review or auditing may be added where appropriate for important decisions.

Conversation-derived analysis for social issue detection, trend analysis, or anonymized reporting is performed only when the user has given additional explicit consent. Once consent is withdrawn, future analysis must stop for that user.

At the input stage of AI summarization and keyword extraction, we process post-speech-to-text output (pseudonymized personal data). Aggregated and anonymized output data (statistical and trend data with UIDs removed) may be provided to or sold to third parties (on the legal basis of explicit consent under GDPR Art.6(1)(a) and Art.9(2)(a)). Data shared with third parties is limited to data meeting the true anonymization standard of GDPR Recital.26, aggregated in units of at least 100 sessions, and filtered to ensure that content relating to GDPR Art.9 special categories (health, political opinions, religion, sexual orientation, racial or ethnic origin, etc.) cannot be inferred. Users acknowledge by viewing the pre-talk disclosure that they may be subject to this processing, and may opt out of aggregated analysis at any time through the app settings.

Depending on the user's country or region, users may have rights such as access, correction, deletion, restriction, objection, portability, withdrawal of consent, and opt-out rights relating to sale or sharing. The exact scope of rights varies by jurisdiction.

Data portability requests (exports) will be fulfilled within 7 business days of receipt. Subject Access Requests (SARs) will receive a response within 30 calendar days of receipt as a global target (extended to a maximum of 60 calendar days for complex cases). For California residents under CCPA/CPRA, we will fulfill opt-out of sale or sharing requests within 15 business days. If we receive a browser Global Privacy Control (GPC) signal, we will treat the California user's analytics preference as opted out.

When we receive a request to exercise rights, we may ask for additional identity verification or proof of authority to protect users and prevent unauthorized disclosure.

Even after deletion requests, account closure, or withdrawal of consent, we may retain certain information where necessary for taxation, accounting, billing audits, fraud prevention, dispute handling, or legal compliance.

The Service is not intended for individuals below the minimum legal age in the relevant country. Depending on local law, parental or guardian consent may be required before use begins.

Children's data may be handled under additional safeguards for age verification, safety, and legal compliance. If we determine that a user does not satisfy legal age requirements, we may suspend the account and delete relevant data where appropriate.

We implement reasonable technical and organizational measures to protect personal information against unauthorized access, leakage, alteration, loss, or destruction.

Examples include TLS/SSL encrypted communications, encrypted voice sessions, Firebase App Check, Firestore Security Rules, access controls, audit logs, separation of duties, and continuous security review.

However, because the Service relies on internet communications and cloud infrastructure, absolute security cannot be guaranteed.

Our matching feature automatically forms groups based on language preferences, desired talk duration, participation timing, topic match scores, and similar data. This processing may constitute 'automated decision-making' under GDPR Art.22.

Key data inputs used in matching: preferred language, desired talk duration (27 or 57 minutes), participation timestamp, topic match score, and previous matching history. We do not use special-category data (such as race, religion, or health status) in matching.

Users have the right to request human review of matching decisions. To make such a request, please contact us through the in-app support feature.

As we offer services to individuals in the EU/EEA, we have appointed an EU representative under GDPR Art.27.

EU Representative contact: [EU Representative Name], [Address], [Country] — email: [eu-representative@example.com]

This contact is for GDPR-related matters only. For general service inquiries, please use the in-app support feature.

We may update this Policy to reflect changes in law, service features, vendors, or operations.

Where changes are material, we may provide notice through in-app messaging, website publication, email, or other reasonable means. If regional addenda or supplementary notices apply, they will take precedence for users in the relevant region.

For questions, rights requests, or privacy complaints, please contact us through the in-app support flow or the instructions published on the website.

Users may also have the right to lodge a complaint with a data protection authority or consumer protection authority in their country or region.

This section sets out supplementary provisions applicable in specific regions. For users in those regions, this section takes precedence over the general provisions.

Brazil residents (LGPD): Under Brazil's General Data Protection Law (Lei Geral de Proteção de Dados — LGPD), we have designated an Encarregado (equivalent to a Data Protection Officer). Contact: [Encarregado Name] — email: [encarregado@example.com]

India residents (DPDP Act): Under India's Digital Personal Data Protection Act (DPDP Act 2023), please direct personal data inquiries to us through the in-app support feature or the instructions on our website. We aim to respond within 30 calendar days.