friendin.city

Privacy Policy

Last updated: March 6, 2026

This Privacy Policy explains how friendin.city collects, uses, stores, and discloses personal information in connection with its AI-powered editorial travel guidance service.

friendin.city is operated in Japan by [LEGAL_NAME], trading as [TRADE_NAME]. This policy is written with the service’s current product and data flows in mind, including account login, premium features, AI chat, bookmarks, trip plans, optional location sharing, and supporting infrastructure providers.

This page intentionally names current processors and current storage behavior. Update it whenever the product or vendor list changes.

1. Information we collect

We collect information you provide directly, information created through your use of the service, limited technical and security information, and optional location information when you choose to enable nearby recommendations.

Account and profile information, such as email address, password hash, display name, self introduction, and preferred locale.
Service content, such as chat threads, chat messages, bookmarked places, trip plans, trip notes, and related itinerary selections.
Security and support information, such as session records, password reset requests, audit logs, IP address, user agent, and support or legal correspondence.
Optional location information, such as browser geolocation coordinates, accuracy, and capture timestamp when you turn on location for nearby results.
Browser-side storage, such as the session cookie used for sign-in, theme preference storage, sessionStorage for thread access tokens, web-search toggles, scroll-restore state, and optional location cache.

2. How we use personal information

To create and manage accounts, authenticate users, and secure sessions.
To provide AI chat responses, preserve conversation continuity, and power trip planning and bookmarking features.
To process optional nearby-search requests when you enable location access.
To process premium purchases and related records through Stripe.
To send password reset emails and service-related notices.
To monitor abuse, enforce our terms, investigate fraud or security incidents, and comply with legal obligations.

3. AI processing and recommendation context

When you use the chat feature, we may send certain information to our AI service provider, OpenAI, to generate responses. This can include the text of your messages, your display name and self introduction if present, and active trip-plan context such as plan name, dates, hotel name, hotel address, and hotel station information.

Optional browser geolocation coordinates are used server-side to support nearby-search logic. They are not stored by us as a separate persistent location profile in the database based on the current implementation.

4. Disclosure to service providers and third parties

We disclose personal information to service providers only as reasonably necessary to operate, secure, and improve the service or to comply with law.

OpenAI for AI response generation.
Neon for database hosting and storage.
Stripe for payment processing and purchase records.
Resend for password reset email delivery.
Google Maps and Google Geocoding for map display and geocoding features.
Professional advisers, regulators, courts, or counterparties when required for legal compliance, rights protection, or dispute resolution.

5. International processing

Some service providers may process personal information outside Japan. By using the service, you understand that your information may be processed in countries where our service providers operate, subject to their applicable safeguards and contractual obligations.

6. No ads and no sale of personal information

friendin.city is not an ad-supported recommendation service. We do not operate targeted advertising based on your personal information and we do not sell your personal information to data brokers or advertisers.

7. Retention

We retain personal information for as long as reasonably necessary to operate the service, maintain security, comply with legal obligations, resolve disputes, and enforce our agreements.

Because there is no self-service account deletion or export flow at this time, account closure, deletion, correction, and similar requests are handled manually.

Account, profile, chat, bookmark, and trip-plan data are generally retained until account closure or a validated deletion request, unless longer retention is required by law or legitimate operational need.
Security logs, password-reset records, and payment-related records may be retained for fraud prevention, accounting, or legal compliance.
Optional location data cached in the browser can be cleared by you from your browser session storage or by turning location off in the product.

8. Your choices and requests

You can update certain profile information from your account page.
You can disable optional location sharing from the chat interface or through browser permissions.
You can clear browser-side storage through your browser settings.
You can request access, correction, deletion, account closure, or other privacy support by contacting [CONTACT_EMAIL].

9. Security

We use reasonable administrative, technical, and organizational measures to protect personal information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Children

The service is intended for users who are at least 13 years old. If you are a parent or guardian and believe a child provided personal information without appropriate consent, contact us so we can review and address the request.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the effective date above.

12. Contact

Legal name: [LEGAL_NAME]
Trade name: [TRADE_NAME]
Postal address: [POSTAL_ADDRESS]
Privacy contact email: [CONTACT_EMAIL]
Complaint contact: [COMPLAINT_CONTACT]

1. Information we collect

Account and profile information, such as email address, password hash, display name, self introduction, and preferred locale.

Service content, such as chat threads, chat messages, bookmarked places, trip plans, trip notes, and related itinerary selections.

Security and support information, such as session records, password reset requests, audit logs, IP address, user agent, and support or legal correspondence.

Optional location information, such as browser geolocation coordinates, accuracy, and capture timestamp when you turn on location for nearby results.

Browser-side storage, such as the session cookie used for sign-in, theme preference storage, sessionStorage for thread access tokens, web-search toggles, scroll-restore state, and optional location cache.

2. How we use personal information

To create and manage accounts, authenticate users, and secure sessions.

To provide AI chat responses, preserve conversation continuity, and power trip planning and bookmarking features.

To process optional nearby-search requests when you enable location access.

To process premium purchases and related records through Stripe.

To send password reset emails and service-related notices.

To monitor abuse, enforce our terms, investigate fraud or security incidents, and comply with legal obligations.

3. AI processing and recommendation context

4. Disclosure to service providers and third parties

We disclose personal information to service providers only as reasonably necessary to operate, secure, and improve the service or to comply with law.

OpenAI for AI response generation.

Neon for database hosting and storage.

Stripe for payment processing and purchase records.

Resend for password reset email delivery.

Google Maps and Google Geocoding for map display and geocoding features.

Professional advisers, regulators, courts, or counterparties when required for legal compliance, rights protection, or dispute resolution.

7. Retention

We retain personal information for as long as reasonably necessary to operate the service, maintain security, comply with legal obligations, resolve disputes, and enforce our agreements.

Because there is no self-service account deletion or export flow at this time, account closure, deletion, correction, and similar requests are handled manually.

Account, profile, chat, bookmark, and trip-plan data are generally retained until account closure or a validated deletion request, unless longer retention is required by law or legitimate operational need.

Security logs, password-reset records, and payment-related records may be retained for fraud prevention, accounting, or legal compliance.

Optional location data cached in the browser can be cleared by you from your browser session storage or by turning location off in the product.

8. Your choices and requests

You can update certain profile information from your account page.

You can disable optional location sharing from the chat interface or through browser permissions.

You can clear browser-side storage through your browser settings.

You can request access, correction, deletion, account closure, or other privacy support by contacting [CONTACT_EMAIL].