Politique de confidentialité | Yumejo
yumejo
— Politique de confidentialité —

Politique de confidentialité

Dernière mise à jour : 30 avril 2026

1. Introduction

This Privacy Policy explains how Yumejo ("Yumejo", "we", "us", or "our") collects, uses, and shares information when you use Yumejo (the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Operator

Yumejo is operated from the United States and is governed by the laws of the State of Wyoming. For privacy questions or requests, contact us at info@yumejo.com.

3. Information We Collect

We collect the following categories of information:

  • Account information (email address, display name, profile image — including data shared by Google, Apple, or LINE when you use social login)
  • Reader profile data (preferred name, honorific, gender preferences, language) and reader progress (episodes viewed, choices made, save points)
  • Billing information processed by our payment provider (see §5) — we receive a transaction reference, the last four digits and brand of your card, country, and ZIP/postal code, but we do not receive or store your full card number
  • Server and device logs (IP address, user agent, referrer, timestamps) collected automatically when you load pages or call our APIs
  • Cookie and local storage data (authentication sessions, locale preference, guest reading limits, analytics identifiers)
  • Communications you send to us (e.g., emails to info@yumejo.com)

4. Account Information

Account information such as email addresses, display names, and profile images is used for authentication, account management, and to deliver service-related communications. We do not send marketing emails without your separate consent, and we do not sell or rent your personal information. Email addresses obtained through social login (Google, Apple, LINE) are handled under this same policy.

5. Payments and Stripe

Payments for subscriptions, coin purchases, and other paid features are processed by Stripe, Inc. ("Stripe"), a PCI-DSS Level 1 certified payment processor. When you make a purchase, your card details are submitted directly to Stripe over an encrypted connection — they are never sent to or stored on our servers. We receive a Stripe customer ID, payment intent or subscription ID, the last four digits and brand of your card, billing country, and amount, which we use to fulfill purchases, prevent fraud, issue refunds, and meet tax and accounting obligations. Stripe processes your payment data as an independent controller under its own privacy policy: https://stripe.com/privacy. If you dispute a charge, both we and Stripe may share information necessary to investigate the dispute with your card network and bank.

6. How We Use Information

We use the information we collect for the following purposes:

  • To create, authenticate, and manage your account and reader profile
  • To deliver the Service, including saving your reader progress and choices across devices
  • To process payments, deliver purchased items (such as coins or subscriptions), prevent fraudulent transactions, and issue refunds
  • To send transactional messages such as sign-in links, receipts, and important service notices
  • To measure and improve the Service through analytics and product research
  • To enforce our Terms of Service, investigate suspected abuse, and comply with legal obligations

7. Service Providers

We share information with the following categories of service providers, each acting on our behalf or as an independent controller for the purposes described:

  • Cloudflare, Inc. — hosting (Workers, R2, D1) and bot mitigation. Cloudflare may receive your IP address, request metadata, and any data you submit through the Service.
  • Stripe, Inc. — payment processing, fraud detection, and tax calculation (see §5).
  • PostHog, Inc. — product analytics. PostHog receives pseudonymous identifiers, page views, and custom events through our first-party domain (s.yumejo.com).
  • Google LLC — Google Analytics 4 (delivered server-side via Cloudflare Zaraz to /ss), Google Sign-In, and Google Search Console.
  • Apple Inc. and LINE Corporation — "Sign in with Apple" and "LINE Login" social authentication.
  • X Corp. — conversion tracking via the X (Twitter) Ads pixel for advertising measurement.
  • Email and transactional providers we use to deliver sign-in links and receipts.

8. Cookies and Local Storage

We use cookies and browser local storage for authentication sessions, locale preference, guest reading limits, fraud prevention, and analytics. You can clear or block cookies through your browser settings, but parts of the Service (such as signing in or staying signed in) will not work without them.

9. Analytics and Advertising

We operate three analytics pipes in parallel: Google Analytics 4 (delivered first-party via Cloudflare Zaraz), PostHog (delivered first-party via s.yumejo.com), and the X Ads conversion pixel. These tools use cookies and similar technologies to measure how the Service is used, attribute conversions, and improve features. Identifiers are pseudonymous; we do not sell this data to third parties.

10. Data Retention

We retain account, reader profile, and reader progress data for as long as your account is active. Billing and tax records are retained for at least seven (7) years to meet U.S. accounting and tax requirements. Server logs are typically retained for 30–90 days. You may request deletion of your account at any time by emailing info@yumejo.com; we will delete or anonymize personal data within 30 days, except where retention is required by law (for example, to satisfy tax, anti-fraud, or dispute-resolution obligations).

11. Your Privacy Rights

Depending on where you live, you may have the following rights regarding your personal information. To exercise any of these rights, email info@yumejo.com from the email address associated with your account. We will not discriminate against you for exercising these rights.

  • Access — request a copy of the personal information we hold about you
  • Correction — request correction of inaccurate information
  • Deletion — request deletion of your account and associated data
  • Portability — receive your data in a machine-readable format
  • Opt-out of "sale" or "sharing" — California residents may opt out under the CCPA/CPRA. We do not sell personal information for monetary value, and we do not knowingly share personal information of users under 16 for cross-context behavioral advertising.
  • EU/UK/Swiss residents — rights under GDPR/UK GDPR including objection to processing and the right to lodge a complaint with your local supervisory authority

12. Children's Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. Paid features (subscriptions, coin purchases) are restricted to users 18 years of age or older. If you believe a child under 13 has provided us with personal information, contact info@yumejo.com and we will delete it.

13. Security

We use industry-standard safeguards including TLS encryption in transit, encrypted storage at rest (Cloudflare R2/D1), scoped access controls, and short-lived authentication tokens. Card data is handled exclusively by Stripe under PCI-DSS Level 1. No system is perfectly secure, however, and we cannot guarantee absolute security of information transmitted to or stored on the Service.

14. Contact

For questions, requests, or complaints regarding this Privacy Policy, contact us at info@yumejo.com.

15. Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be reflected in the "Last updated" date at the top of this page; if the changes are significant, we will provide additional notice (for example, by email or in-product banner) before they take effect.

Retour à l'accueil