Privacy Policy
Last updated: 2026-05-07
SignalDesk ("the Service") handles personal data with care. This policy explains what data we collect, why, and your rights as a user.
1. Data we collect
The Service collects two types of data: (1) When visiting the landing page: a language-preference cookie. (2) When signing in: Google account info via Firebase Auth.
2. Data items (GDPR Art. 13)
2-1. Landing page cookie
- Name: preferred_lang
- Value: ko or en
- Retention: 1 year (max-age=31536000)
- Attributes: SameSite=Lax, Secure, path=/
- Not used for tracking — no consent banner required
2-2. Google sign-in data (on app.signal-desk.io)
- Email address
- Display name (optional)
- Profile picture URL (optional)
- Firebase UID (unique identifier issued by Google)
3. Purposes
- preferred_lang cookie: store language preference (user convenience)
- Google sign-in data: user identification + automatic account creation + service use
4. Legal basis
- GDPR Art. 6(1)(b) contractual necessity (service provision) + Art. 6(1)(f) legitimate interest (cookie)
- PIPL §15(1) contract execution and performance
5. Third-party sharing
The Service does not share personal data with third parties. However, the following processors are used: Google Firebase (authentication + hosting).
6. Your rights
- Access: review the data we hold about you
- Correction: request corrections
- Deletion: immediate processing on account deletion
- Restriction: processing halted upon request
To exercise these rights, contact jkkim@signal-desk.io
7. Cookie management
The preferred_lang cookie can be deleted via your browser settings or changed using the language toggle.
8. Policy changes
When this policy changes, we update the "Last updated" date above. Material changes will be communicated separately.
9. Contact
For questions about data handling, contact jkkim@signal-desk.io.