Privacy Policy for Door to Isekai

Last Updated: December 12, 2025
Effective Date: January 16, 2025

1. Introduction

This Privacy Policy explains how Isekai Travel ("we," "our," or "the App") collects, uses, shares, and protects information when you use our mobile application "Door to Isekai". This App provides MCP (Model Context Protocol) server activation services for Unreal Engine development.

By using our App, you agree to the collection and use of information in accordance with this policy.

2. Age Restrictions

Our App is intended for users who are 13 years of age or older. We do not knowingly collect personal information from children under 13.

3. Information We Collect

3.1 Information You Provide

Session ID: A unique identifier you enter to connect with the Unreal Engine editor (not stored permanently)
Device Identifier: Randomly generated temporary ID for session management (not linked to your actual device)
App Usage Data: Activation status, session duration, and feature usage (aggregated statistics only)

3.2 Information Collected Automatically

Device Information: Device type, operating system version, app version
Network Information: IP address (for session routing only), connection status
Performance Data: App crashes, errors, and performance metrics
Advertising ID: Device advertising identifier for personalized ads (can be reset by users)

3.3 Information from Third Parties

Advertising Networks: AdMob (Google) collects data for ad serving
Analytics Services: Usage patterns and app performance metrics
Backend Services: Session validation and activation status from our servers

4. How We Use Your Information

We use the collected information for:

Service Provision: Managing MCP server activation and session connections
Advertisement Display: Showing personalized or non-personalized ads based on your consent
Service Improvement: Analyzing usage patterns to improve app functionality
Security: Preventing fraud and ensuring secure connections
Legal Compliance: Meeting legal obligations and enforcing our terms

5. Advertising and Third-Party Services

5.1 Advertising Partners

Our App displays advertisements through:

Google AdMob: AdMob Privacy Policy

5.2 Personalized Advertising

With your consent, we may show personalized ads based on:

Your advertising ID
General location (city-level)
App usage patterns
Device information

You can opt out of personalized advertising through your device settings or within the app.

5.3 Ad Verification

We verify ad completion through server-side verification (SSV/S2S) to prevent fraud. This process:

Uses cryptographic signatures to verify ad authenticity
Validates completion with the ad network's servers
Does not collect additional personal information beyond what's necessary for verification

6. Data Sharing and Disclosure

We share your information only in the following circumstances:

6.1 Service Providers

Backend infrastructure providers (AWS)
Analytics services
Crash reporting services

6.2 Legal Requirements

When required by law, court order, or governmental authority.

6.3 Business Transfers

In connection with any merger, sale of assets, or acquisition.

6.4 With Your Consent

When you explicitly agree to sharing for specific purposes.

We do NOT sell your personal information to third parties.

7. Data Retention

Session Data: Automatically deleted after session expires (maximum retention: 7 days)
Activation Tokens: Expire after 30 minutes (can be extended by watching ads)
Advertising Data: Retained according to advertising partner policies (typically 13 months)
Analytics Data: Aggregated and anonymized after 90 days
Crash Reports: Retained for 90 days for debugging purposes

8. Data Security

We implement appropriate technical and organizational measures to protect your information:

Encryption: TLS/HTTPS for all network communications
Token Security: JWT tokens with short expiration times (1 hour)
Hardware Signature: Device-based cryptographic signatures for authentication
Certificate Pinning: Protection against man-in-the-middle attacks
Access Control: Limited access to personal data on a need-to-know basis
Regular Security Reviews: Periodic security assessments and updates

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

9. Your Rights and Choices

9.1 General Rights

Access: Request a copy of your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your personal data
Opt-out: Opt out of personalized advertising
Data Portability: Receive your data in a structured format

9.2 GDPR Rights (EU Users)

If you are in the European Union, you additionally have the right to:

Object to processing
Restrict processing
Withdraw consent at any time
Lodge a complaint with supervisory authorities

9.3 CCPA Rights (California Users)

California residents have additional rights under CCPA including:

Right to know what personal information is collected
Right to delete personal information
Right to opt-out of the sale of personal information (we do not sell personal information)
Right to non-discrimination

10. Cookies and Tracking Technologies

Our mobile app does not use cookies directly. However, third-party services (advertising networks) may use similar technologies:

Advertising ID: Used for ad targeting (can be reset in device settings)
Analytics Identifiers: Used for app improvement
Session Storage: Temporary data stored locally on your device

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers in compliance with applicable laws.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Posting the new Privacy Policy in the app
Updating the "Last Updated" date
Sending in-app notifications for material changes

13. Contact Information

For questions about this Privacy Policy or to exercise your rights, please contact us:

Data Controller: Isekai Travel
Email: pathfinder@door-to-isekai.world
GitHub Issues: https://github.com/LSG7/UnrealEngine-AI-Bridge-Door-to-isekai/issues

For GDPR-specific inquiries (EU users):
EU Representative: To be appointed if legally required

14. Consent Management

When you first launch the app, you will be presented with a consent dialog where you can:

Accept or reject personalized advertising
Review this privacy policy
Manage your privacy preferences

You can change your consent preferences at any time through the app settings.

15. Developer Practices

We follow platform-specific guidelines:

Google Play: Compliant with Google Play Developer policies
Apple App Store: Compliant with Apple's App Store Review Guidelines
AdMob: Compliant with Google AdMob policies

16. Data Processing Basis

We process your personal data based on:

Consent: For personalized advertising and analytics
Legitimate Interest: For app functionality and security
Legal Obligation: When required by law
Contract Performance: To provide the MCP activation service

17. Automated Decision Making

We do not use automated decision-making or profiling that produces legal effects concerning you.

18. Additional Information for Specific Regions

18.1 Brazil (LGPD)

Brazilian users have rights similar to GDPR, including access, correction, deletion, and data portability.

18.2 South Korea (PIPA)

Korean users can request access to, correction, and deletion of their personal information under the Personal Information Protection Act.

18.3 Japan (APPI)

Japanese users have rights under the Act on the Protection of Personal Information, including the right to request disclosure, correction, and cessation of use.

Appendix: Third-Party Service Privacy Policies

Google AdMob: https://policies.google.com/privacy
Google Play Services: https://policies.google.com/privacy
Amazon Web Services: https://aws.amazon.com/privacy/
Flutter: https://flutter.dev/privacy

This privacy policy is available in multiple languages. The English version shall prevail in case of any discrepancy.