Privacy Policy

TOKU, LLC. (hereinafter “we,” “our,” or “the Company”) establishes this Privacy Policy regarding the handling of personal information across all services we operate (hereinafter “the Services”).

Services covered by this Policy

• tabiin (iOS app)
• Tabiato (iOS app)
• Tabippi (iOS app)
• Tabiniwa (iOS app)
• FanPath Japan (fanpath.travel)
• Anime Spots (animespots.travel)
• TOKU, LLC. Corporate Website (toku.llc)

Note: As of the May 2026 updates (tabiin v2.0.0, Tabiato v2.0.0, Tabippi v2.0.0, Tabiniwa v1.0.0), these four iOS apps share a unified cloud backend (Firebase project “toku-shared”). When users sign in with the same Apple ID or Google account, the same profile and friend information becomes available across all four apps.

(1) All Services

• Access logs (IP address, browser information, referring URL, access date/time)
• Data collected via cookies and similar technologies
• Information submitted through contact forms (name, email address, message)

(2) tabiin App (Specific)

• Account information: Email address and user identifier (UID) obtained via Sign in with Apple or Google authentication. Used solely for account management and friend features.
• Visit records: Shrine/temple name, visit date, and notes entered by the user, stored on Cloud Firestore.
• Friend information: User ID and display name of friend-registered users.
• Visit photos (optional): Photos attached during a visit (up to 5) are stored on Firebase Storage (Google LLC / USA). Photo library access occurs only when attaching photos; attachment is optional.
• tabiin does not access location, camera, or microphone.
• External service integration (Rakuten Travel): Tapping the “Book on Rakuten Travel” button on a facility detail screen opens an external page operated by Rakuten Group, Inc. The link includes our affiliate identifier, but no personal information of the user is transmitted to Rakuten. Booking and browsing history on Rakuten Travel is governed by Rakuten's privacy policy.
• Account deletion is available via in-app Settings → Delete Account. All user data on Firestore and Firebase Storage is deleted immediately upon account deletion.

(3) Tabiato App (Specific)

• Location data (GPS): Used only during a check-in action to verify whether the user is within 500m of the pilgrimage spot. Collected only with explicit permission and not stored persistently on our servers.
• Account information: Email address and user identifier (UID) obtained via Sign in with Apple or Google authentication. Used solely for account management and friend features. Before sign-in, a Firebase anonymous UID is used to associate data with a device.
• Check-in history (work ID, spot ID, visited date/time): Stored on Cloud Firestore for visit logging and history display.
• Check-in photos (optional): Photos attached during a check-in (up to 5) are stored on Firebase Storage (Google LLC / USA). Photo library access occurs only when attaching photos; attachment is optional.
• Friend information: User ID and handle name of friend-registered users.
• Work requests (optional): Work title, comments, and UID submitted via the request feature are stored on Firestore. Request content is used solely for internal listing review and will not be made public.
• Advertising identifier (IDFA): From v2.0.0 onwards, Google AdMob banner ads are displayed. The advertising identifier (IDFA) is used for ad delivery only when the user selects “Allow” in the App Tracking Transparency (ATT) dialog shown at app launch. If “Ask App Not to Track” is selected, only non-personalized ads are shown.

(4) Tabippi App (Specific)

• Account information: Email address and user identifier (UID) obtained via Sign in with Apple, Google authentication, or email/password registration. Used solely for account management, friend features, and Trip sharing. Before sign-in, a Firebase anonymous UID is used to associate data with a device.
• Trip information: Title, destination, dates, party size, budget, cover emoji, and cover photo (optional). Text data is stored on Cloud Firestore; cover photos are stored on Firebase Storage (Google LLC / USA). Photo library access occurs only when setting a cover photo; attachment is optional.
• Expense information: Item title, amount, category, payment date, and notes. Used solely for personal expense tracking and never shared with third parties.
• Friend information: User ID and handle name of friend-registered users.
• Trip-sharing information: When the user optionally shares a trip with a friend, the list of member UIDs (ownerUID / memberUIDs) is stored. The owner and members can each record and view expenses for the shared trip. Members can leave a shared trip at any time using the “Leave shared trip” action.
• Trip member names (when sharing is not used): Labels entered by the user for personal expense management (e.g., “Alex”, “myself”). We will not provide or disclose information about any third parties named in these labels.
• Tabippi does not access location, camera, or microphone.
• Advertising identifier (IDFA): From v2.0.0 onwards, Google AdMob banner ads are displayed. The advertising identifier is used only when the user selects “Allow” in the ATT dialog. Otherwise, only non-personalized ads are shown.

(5) Tabiniwa App (Specific)

• Account information: Email address and user identifier (UID) obtained via Sign in with Apple or Google authentication. Used solely for diary storage, garden growth tracking, and friend features. In guest mode, only a Firebase anonymous UID is obtained.
• Diary information: Text, mood (5 levels), tags, date, and attached photos (up to 5, optional) entered by the user are stored on Cloud Firestore and Firebase Storage (Google LLC / USA). Diary content is visible only to the user and is never made public by us.
• Garden information: Garden name, emoji, cover color, scope (trip / visited place / freeform), and 5-stage growth (seed / sprout / cotyledon / bud / bloom) are stored on Cloud Firestore. In v1.0.0, only the user can view it. A future update may add an option to share the garden with friends if the user explicitly opts in (we will update this Policy at that time).
• Visited place name (optional): If a photo attached to a diary entry contains location data in its EXIF metadata, we read those coordinates via ImageIO and transmit them to Apple Inc.'s geocoding service (CLGeocoder, USA) to convert them into a place name string (e.g., prefecture, municipality, country). Raw latitude and longitude are never stored on our servers; only the converted place name string is saved as the visit location. We do not request GPS device access permission (NSLocationWhenInUseUsageDescription). For photos without EXIF location data, the visit location is not auto-populated (the user can enter it manually).
• Friend information: User ID and handle name of friend-registered users. The same friend list is shared with tabiin, Tabippi, and Tabiato.
• Tabiniwa Premium subscription information: When a user purchases a monthly (¥480/month) or annual (¥4,800/year) subscription, we obtain the purchase receipt, transaction ID, purchase date/time, and renewal date/time from Apple Inc.'s App Store servers (USA). This information is used solely for subscription state verification via StoreKit 2. We have no involvement in payment processing itself (card numbers, billing amounts, etc., are managed solely by Apple Inc.).
• Tabiniwa does not request GPS device access permission or access the microphone. Camera and photo library access occurs only when attaching photos to a diary; attachment is optional.
• Advertising identifier (IDFA): From v1.0.0 onwards, Google AdMob banner ads are displayed. The advertising identifier is used only when the user selects “Allow” in the ATT dialog.

• Providing, operating, and improving our Services
• Responding to inquiries and related communications
• Analyzing usage (Google Analytics)
• Delivering and optimizing advertisements (Google AdMob)
• Preventing unauthorized use and ensuring security
• Responding to Terms of Use violations and legal proceedings

We will not provide collected personal information to third parties except in the following cases.

• With the prior consent of the individual
• When required by law
• When necessary to protect the life, body, or property of a person

We may share information with the following service providers for operational purposes:

Transfer of Personal Data to Third Parties Outside Japan (Article 28)

Among the service providers listed above, Google LLC (Firebase, GA4, AdSense, AdMob), Apple Inc., and Vercel Inc. are located in the United States. The United States is not designated as a country with an equivalent level of personal data protection under Article 28 of Japan's Act on the Protection of Personal Information (APPI). However, we have entered into the Google Cloud Data Processing Addendum (Google Cloud DPA), the Apple Developer Program License Agreement, and the Vercel DPA, establishing a system that meets the standards for appropriate and reasonable data handling under Article 28, Paragraph 3 and Article 16 of the Enforcement Rules.

Our web services use cookies. You may disable cookies through your browser settings, though some features may not function properly as a result. Among our iOS apps, tabiin does not use advertising identifiers. Tabippi, Tabiato, and Tabiniwa display Google AdMob banner ads from v2.0.0 / v1.0.0 onwards, and use the advertising identifier (IDFA) only when the user selects “Allow” in the ATT dialog (otherwise only non-personalized ads are shown).

Access Analytics (Google Analytics 4)

Our web services (FanPath Japan, Anime Spots, toku.llc, etc.) use Google Analytics 4 (provided by Google LLC, USA) to analyze traffic. GA4 collects behavioral data via cookies and transmits it to Google's servers in the United States. This information is used solely for improving our services. To opt out of GA4 data collection, please use the Google Analytics Opt-out Browser Add-on.

Advertising (Google AdSense)

Our web services use Google AdSense (provided by Google LLC, USA) to serve advertisements based on user interests via cookies. For Google's privacy policy, see Google Privacy Policy. You can manage ad preferences at Google Ad Settings.

For the transfer of GA4 and AdSense data to the United States, please refer to Article 4 “Transfer of Personal Data to Third Parties Outside Japan.”

Tabiato

The Tabiato app uses your device's GPS location only during a check-in action to verify whether you are within 500m of the pilgrimage spot. Location data is collected only with your explicit permission and is not stored persistently on our servers. Only the work ID, spot ID, and visited date/time are saved as check-in history — raw latitude/longitude is not retained. You may stop location access at any time by uninstalling the app or revoking location permissions in your device's OS settings.

Tabiniwa

The Tabiniwa app does not request GPS device access permission (NSLocationWhenInUseUsageDescription) at all. Only when a photo attached to a diary entry contains location data in its EXIF metadata, we read those coordinates via ImageIO and transmit them to Apple Inc.'s geocoding service (CLGeocoder, USA) to convert them into a place name string (e.g., prefecture, municipality, country). Only the converted place name string is stored as the diary's “visit location” on Cloud Firestore; raw latitude/longitude is never stored on our servers. For photos without EXIF location data, the visit location is not auto-populated, and the user can enter it manually instead.

We manage collected personal information appropriately and take measures to prevent unauthorized access, loss, and leakage. Personal information that is no longer needed after an inquiry is resolved will be promptly deleted, except where retention is required for Terms of Use violations or legal proceedings.

You may request access to, correction of, or deletion of your personal information held by us. Please contact us at the address below to submit such requests.

Our Services are not directed to children under 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will promptly delete it.

We may update this Policy as necessary. Changes take effect when posted on this page. When significant changes are made, we will update the “Last updated” date at the top of this page.

For inquiries regarding this Policy, please contact us through the following.