Privacy Policy — “Minna de Nemurou” (みんなで眠ろう)

Operator: Utakata Yodomi Kenkyujo (泡沫よどみ研究所, sole proprietorship, Japan) Website: https://utakata-yodomi.com Contact: [email protected] Canonical URL of this policy: https://utakata-yodomi.com/privacy_policy/minna_sleep/ Last updated: May 30, 2026 Subject application: “Minna de Nemurou” (Japanese: みんなで眠ろう, English working title: “Sleep Together”), an Android/iOS mobile application (package identifier: sleep.app; hereinafter the “App”).

This English version is a reference translation. In the event of any conflict, the Japanese version available at the canonical URL above shall prevail.

Summary (read this first)

  • The App does not collect your name, email address, phone number, postal address, precise or coarse location, device identifiers (Advertising ID / IDFA / IMEI / MAC address), contacts, photos, microphone or camera data, health data, or behavioral analytics.
  • The only data that leaves your device are (a) an anonymous Firebase UID generated automatically by Firebase Authentication and (b) free-text content you yourself post to the in-app community board “夜の静寂 (The Stillness Board)”.
  • Board posts are visible for 24 hours and are then physically deleted by the client.
  • The App contains no Google Analytics, no Firebase Crashlytics, and no advertising SDKs (as of version 1.0.0+1).
  • The X (formerly Twitter) sharing flow runs only when you explicitly turn on the “Post to X when sleeping” toggle and tap the play button, and the App itself does not store or relay that post text.

1. Categories of data

1.1 Data transmitted from the App to external services

Item Description Stored at
Anonymous UID A random opaque string issued by Firebase Authentication. Not linked to your name, email, phone number or any other identifying attribute. Firebase Authentication (Google LLC)
Free-text post to “The Stillness Board” Text that you yourself enter and submit through the in-app composer. Length and content are constrained. Cloud Firestore (Google LLC)
Post creation timestamp Server timestamp assigned at write time. Cloud Firestore
Reactions to other users’ posts Reaction type and timestamp. Cloud Firestore
Abuse report payload Reported post ID, reporter’s anonymous UID, reported author’s anonymous UID, a snapshot of the reported post text, and timestamp. Sent only when you actively use the “report” function. Cloud Firestore

1.2 Data stored only on your device (never transmitted)

The following are saved exclusively in SharedPreferences on the device and are not transmitted to any external service:

  • Unlocked entries in the in-app “Chord Codex (コード図鑑)”
  • Stamina counter (number of remaining plays) and last-update timestamp
  • Rewarded-ad related counters (reserved for future ad integration; no real ads are served in the current version)
  • A list of other-user anonymous UIDs you have chosen to mute/block in the board
  • Whether you have already seen the quick-start guide
  • Your playback preferences (“Post to X”, loop mode vs. random mode, etc.)
  • Other purely UI-side configuration values

1.3 Data we do NOT collect

  • Personally identifying information such as name, email address, phone number or postal address
  • Location data (precise or coarse)
  • Contacts, photos, calendar, microphone, or camera contents
  • Device identifiers (IMEI, advertising ID such as AAID / IDFA, MAC address)
  • Health or biometric data, sleep tracking data
  • In-app behavioural analytics (no event tracking such as Firebase Analytics)
  • Crash reports (no Firebase Crashlytics or equivalent)

2. Purposes of use

We process the data collected under Section 1.1 only for the following purposes:

  1. Operating “The Stillness Board” — letting you post, browse, react, and report.
  2. Preventing duplicate posts by the same user and authenticating that the deletion request comes from the original author.
  3. Reviewing reported posts and, where necessary, removing them as part of our moderation operations.
  4. Maintaining the stable operation of the App.

We do not use the collected data for marketing, ad personalization, ad targeting, profiling, or sale to third parties.

3. Third-party services and data sharing

3.1 External services we rely on

Provider Service Role Region
Google LLC Firebase Authentication (anonymous sign-in) Issues and verifies the anonymous UID United States
Google LLC Cloud Firestore Stores and serves board posts, reactions, and reports United States (Firebase project sleepapp-fbae1)

For details on Google’s handling of this data, please refer to the Google Privacy Policy: https://policies.google.com/privacy

3.2 User-initiated external navigation

The following are opened in your OS’s default browser or related app only when you explicitly tap or toggle inside the App. The App itself does not store or forward your content in these flows.

  • Posting to X (formerly Twitter) — only when you enable the “Post to X when sleeping” toggle and tap the play button, the App opens the X Web Intent URL (https://twitter.com/intent/tweet). The actual posting occurs on X; that content is then governed by X’s own terms and privacy policy.
  • Contact form — Google Forms. Governed by Google’s privacy policy.
  • Artist credit pages — third-party catalogue pages of the music providers (MotionElements, Audiostock). The App merely opens these URLs and transmits no user data.

3.3 Selling data / ad targeting

We do not sell, lease, or otherwise transfer your data to third parties for their commercial purposes. The current version of the App contains no advertising SDK and serves no targeted ads.

4. Retention period

Data Retention
Posts to “The Stillness Board” 24 hours from creation. After that, the client automatically purges them on next launch.
Reactions Deleted together with the parent post in a batched delete.
Abuse report payloads Retained for as long as reasonably necessary for moderation (up to one year), then deleted.
Firebase anonymous UID Until the anonymous authentication session is invalidated (e.g., the App is uninstalled or its data is cleared, after which a fresh UID is issued).

5. Security

  • Access to Cloud Firestore is restricted by Firebase Security Rules, which enforce the following at the server side:
    • You can only create or delete posts authored under your own anonymous UID.
    • At most one reaction per (post, user) pair is permitted; duplicate writes are rejected.
    • Reacting to one’s own posts is rejected.
  • All communication between the App and Firebase is performed over TLS-encrypted channels operated by Google.

6. Your choices and rights

You can exercise the following rights:

  • Delete your own posts. Long-press your own post on “The Stillness Board” to remove it. Associated reactions are deleted in the same transaction.
  • Mute other users. Add another user’s anonymous UID to your local mute list to hide all of their posts. Mute lists are stored only on your device.
  • Reset your identifier. Uninstalling and reinstalling the App causes Firebase Authentication to issue a fresh anonymous UID and clears all device-local data; the link between you and any past posts is severed.
  • Request deletion or access. For anything that cannot be handled through the in-app controls above, please email [email protected]. After reasonable verification we will respond to your request to the extent reasonably possible.

If you are an EU/EEA, UK, or California resident, you may have additional statutory rights (right to access, rectification, erasure, restriction, objection, portability, the right to lodge a complaint with a supervisory authority, the right to opt out of “sale” or “sharing” as defined under the CCPA, etc.). Please use the same contact channel above to exercise these rights.

7. Children

The App is not directed to children under 13 (or the equivalent age threshold in your jurisdiction, such as 16 under GDPR for some Member States). If we become aware that a child under that age has used the App, we will delete the relevant data to the extent reasonably possible. A parent or guardian who believes their child has used the App can contact us at the address above.

8. App permissions

The App requests only the permissions strictly necessary to provide its audio playback function. None of these are used to collect personal data.

Android

  • INTERNET — for connecting to Firebase, the X share URL, the contact form, and credit pages.
  • WAKE_LOCK — to continue audio playback while the screen is off.
  • FOREGROUND_SERVICE, FOREGROUND_SERVICE_MEDIA_PLAYBACK — to declare a foreground media-playback service to the system so that audio keeps playing in the background.

iOS

  • UIBackgroundModes = audio — to keep audio playing when the App is in the background or the screen is off.

The App does not request permissions for the microphone, camera, location, contacts, calendar, photo library, motion data, or push notifications.

9. International data transfer

Because the App relies on Firebase services operated by Google LLC, your data may be processed on servers located outside Japan, primarily in the United States. Google LLC implements appropriate safeguards for international data transfers, including the EU Standard Contractual Clauses (SCC) where applicable.

10. Changes to this Policy

We may revise this Policy from time to time in response to changes in law, the App’s functionality, or the requirements of Google Play and the Apple App Store. When we make material changes, we will update the “Last updated” date at the top of the canonical version of this Policy at https://utakata-yodomi.com/privacy_policy/minna_sleep/ , and where appropriate we will announce the change inside the App (for example, via the in-app “patron LED” notice strip).

11. Contact

For questions about this Policy or about how the App handles data, please contact:

  • Operator: Utakata Yodomi Kenkyujo (泡沫よどみ研究所)
  • Email: [email protected]
  • Website: https://utakata-yodomi.com

This English translation is provided for the convenience of non-Japanese readers. The Japanese-language version available at the canonical URL is the authoritative version.