Privacy Policy

This Privacy Policy describes how Mikoshi handles personal information and related data in connection with the Mikoshi website, application features, APIs, and connected tooling.

This Privacy Policy is intended to reflect the current product. It covers account registration, Google sign-in, Engram storage and sharing, API key usage, and related operational processing.

Mikoshi may collect account and profile information such as your name, username, email address, avatar image URL, account identifiers, and timestamps related to account creation or updates.

When you sign in with Google, Mikoshi may receive information made available by Google through OAuth, such as your Google account identifier, email address, display name, profile image, and certain authentication-related metadata or tokens required to operate sign-in securely.

Mikoshi also stores Engram-related information that you upload or create, including Engram names, descriptions, visibility settings, tags, plaintext persona files such as SOUL.md and IDENTITY.md, optional avatar URLs, encrypted memory bundle data, API key metadata, and API key last-used timestamps.

In addition, Mikoshi may collect technical and operational information such as session records, request metadata, security logs, and information necessary to prevent abuse, diagnose failures, and maintain the service.

Mikoshi uses collected information to provide authentication, maintain accounts, operate Engram storage and sharing features, process encrypted memory uploads, manage API keys, and deliver the service you request.

Mikoshi also uses information for security, fraud prevention, abuse detection, debugging, service improvement, customer or operational communications, and compliance with applicable law.

If Mikoshi needs to use personal information for a purpose beyond what is reasonably related to these functions, it will do so only where permitted by applicable law or with any additional notice or consent required.

Mikoshi currently uses Google sign-in for account authentication. When you choose Google sign-in, your use of that sign-in flow is also subject to Google's Terms of Service and Google's Privacy Policy.

Mikoshi uses information received from Google to identify your account, help protect login security, and populate account data needed to operate the service. Mikoshi does not claim ownership of your Google account or data held by Google outside the scope of the sign-in integration.

If you revoke Mikoshi's access through your Google account settings, some authentication-related functions may stop working until you sign in again.

Engram content may include personal or persona-related text that you choose to upload. You are responsible for deciding what to upload and for selecting the appropriate visibility setting.

In Mikoshi's current model, certain persona files, including SOUL.md and IDENTITY.md, may be stored in plaintext and may be visible to other users depending on Engram visibility and access rules.

Encrypted memory bundles are stored as opaque encrypted payloads. Mikoshi stores and transfers those payloads, but does not treat your own passphrase, encryption design, or decryption environment as something it controls.

Mikoshi may share information with service providers and infrastructure partners to the extent necessary to operate the service, including providers used for authentication, cloud hosting, database operation, storage, and security.

This may include, for example, Google for sign-in and identity-related processing and cloud storage providers used for user-uploaded assets such as avatars.

Mikoshi may also disclose information where required by law, regulation, court order, governmental request, or where reasonably necessary to protect rights, security, or the integrity of the service.

If Engram visibility is set to Public or Unlisted, information included in the accessible parts of that Engram may be viewed or cloned by other users according to the product behavior in effect at that time.

Mikoshi retains personal information and related data for as long as reasonably necessary to operate the service, maintain security, resolve disputes, enforce terms, comply with legal obligations, or provide requested features.

Retention periods may differ depending on the type of data, including account records, session records, API key metadata, Engram content, and security or operational logs.

Even after deletion requests or account closure, certain data may be retained where continued retention is reasonably necessary for legal compliance, dispute handling, fraud prevention, or backup and recovery processes.

Mikoshi takes reasonable technical and organizational measures to protect personal information and service data from unauthorized access, loss, alteration, or disclosure.

That said, no internet service is perfectly secure. Mikoshi cannot guarantee absolute security of data in transit, at rest, or in every operational environment.

You are responsible for safeguarding your own account access, API keys, local backups, passphrases, and any plaintext data you choose to upload.

Depending on the infrastructure and service providers used to operate Mikoshi, your information may be processed or stored outside Japan.

When Mikoshi relies on third-party services, those providers may process information under their own legal and technical frameworks. Your use of linked or third-party services is also subject to those providers' own terms and privacy policies.

Subject to applicable law, you may have rights to request access to, correction of, deletion of, suspension of use of, or other handling of your personal information.

Where Mikoshi provides account settings or deletion tools, you may use those tools directly. In other cases, requests regarding disclosure, correction, deletion, suspension of use, or other handling of personal information may be submitted to support@ectplsm.com.

If you are a minor under applicable law, use Mikoshi only with the consent of a parent, guardian, or other legal representative.

If the operator becomes aware that personal information has been collected in a manner that violates applicable law regarding minors, Mikoshi may take reasonable steps to restrict access or delete the relevant information.

Mikoshi may update this Privacy Policy when reasonably necessary due to changes in law, business operations, security requirements, or service design.

If material changes are made, Mikoshi may provide notice by posting the updated policy on the website or through another reasonable method. The updated version will apply from its stated effective date.

For questions, complaints, or requests regarding this Privacy Policy or the handling of personal information, contact the Mikoshi operator at support@ectplsm.com.