Privacy Policy

Account — a unique account created for You to access our Service.
Application — refers to Korus, the software program provided by the Company.
Company — Korus ("We", "Us", or "Our").
Country — Philippines.
Device — any device that can access the Service.
Group Collection — a shared collection owned by one user that other users may join via an invite code, granting read-only access to its songs.
Personal Data — any information that relates to an identified or identifiable individual.
Service — refers to the Korus Application.
You — the individual accessing or using the Service.

Korus is an independent application developed by a solo developer and is not affiliated with or endorsed by the Seventh-day Adventist Church or any of its affiliated organizations. Resources such as Adventist hymns included in the app are provided solely for reference, worship, and personal use.

• Authenticate You and manage Your account.
• Sync lyrics, collections, and preferences across devices.
• Store and retrieve uploaded attachments (images, PDFs).
• Display Your name and avatar within the app interface.
• Manage user settings such as theme and hymnal preferences.
• Enable Group Collections — display your display name and role to other group members as described in Section 2d.
• Manage and validate your subscription tier and enforce plan-based usage limits.
• Analyze aggregate usage patterns (via Firebase Analytics) to understand how the app is used and improve it over time.
• Diagnose and fix non-fatal errors (via Firebase Crashlytics) to improve app stability.
• Send you occasional app update announcements or feature notices by email, if you have opted in to email communications (enabled by default, can be disabled in Settings).

We may also use limited account and content metadata to investigate abuse, enforce our policies, and respond to legal or copyright-related requests.

We do not use your data for advertising, profiling, or sale to third parties.

Local storage (on your device): Your content and account profile are cached locally on your device for offline access. Signing out clears all local user data from your device.

Cloud storage: Account data, lyrics, collections, group membership records, subscription status, favorites, change history, and attachments are stored securely in our cloud. File access uses secure, time-limited access links.

On-demand content downloads: Hymnal sheet music is not bundled with the initial app download. It is downloaded separately from our cloud storage when you choose to view it, and cached locally on your device for offline use.

International data transfers: Your data may be processed and stored on servers located outside your country, including by our third-party service providers (Supabase, Google/Firebase, RevenueCat). By using the Service, you consent to this transfer.

Korus offers a voluntary donation option for users who wish to support the developer. Donations are entirely optional, not required, and do not unlock any features, premium access, or benefits of any kind.

Donation payments are made directly by the user through their own banking application or mobile wallet by scanning a QR code displayed within the app. These transactions occur entirely outside of Korus — the app does not process, receive, confirm, or track any payment information. No receipt, tracking, or confirmation is provided through the app.

We collect no data related to donations. Any transfer fees that apply are determined solely by the user's banking provider.

Korus uses the following third-party services:

• Supabase — cloud database and file storage. See Supabase Privacy Policy.
• Google OAuth — used for authentication. We receive email, name, and avatar URL. See Google Privacy Policy.
• Firebase Analytics (Google LLC) — automatic and event-based usage analytics to help us understand and improve the app. See Google Privacy Policy.
• Firebase Crashlytics (Google LLC) — crash and non-fatal error reporting for diagnosing app stability issues. See Google Privacy Policy.
• RevenueCat — subscription management and billing middleware for the Plus subscription plan. RevenueCat communicates with Google Play on our behalf to validate and manage subscriptions. See RevenueCat Privacy Policy.
• Google Play (Google LLC) — payment processing for paid subscription plans. See Google Privacy Policy.

• In-app account deletion: When you delete your account via More → Settings → Delete Account, all your data — songs, collections, group membership records, favorites, attachments, storage files, subscription records, profile, and your Supabase authentication account — is permanently deleted immediately. This action is irreversible.
• Residual data: Database backups or infrastructure logs managed by Supabase (our cloud provider) may retain traces of your data for a limited time per their own retention policies, independent of our deletion process.
• Soft-deleted songs and collections (moved to Trash): retained for 7 days, then permanently removed.
• Sync logs: cleaned up within 7 days once synced.
• Group membership records: deleted when you leave a group, are removed by the owner, or delete your account.
• Subscription data: retained per RevenueCat and Google Play's standard data retention policies.
• Analytics and crash data: retained per Firebase / Google's standard data retention policies.

• Delete individual songs, collections, and attachments within the app at any time.
• Sign out of the app to immediately clear all local user data from your device.
• Delete your account directly within the app — via More → Settings → Delete Account. This permanently and irreversibly removes:
  • All your songs, collections, favorites, group membership records, and attachments from the cloud database
  • All uploaded image and PDF files from cloud storage
  • Your account profile and configuration
  • All local data from your device
  This includes your Supabase authentication account (your login credential), all cloud database records, all uploaded files in cloud storage, and all local data on your device. You will be asked to confirm your full name and acknowledge the action before deletion proceeds. This cannot be undone.
• Leave any Group Collection you have joined at any time from within the app.
• Disable email updates at any time via More → Settings → Email Updates.
• Contact us at ronsell42@gmail.com for any additional data requests or questions about your data.

• All data transmitted over HTTPS.
• Access controls ensure users can only access their own data, except for data explicitly shared through the Group Collection feature.
• Attachments are served via secure, time-limited access links.
• No plain-text passwords — authentication via Google OAuth only.
• Group invite codes are alphanumeric and rate-limited to protect against brute-force enumeration.

We cannot guarantee absolute security of data transmission or storage.

Our Service requires users to sign in with a Google account and is intended for users aged 13 and older. We do not knowingly collect personal data from anyone under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us and we will promptly delete that information.

While the app's content rating allows broad age access (3+), full use of the Service requires Google account authentication, which Google limits to users 13 and older per their Terms of Service.

We may contain links to other websites not operated by Us. Review the privacy policies of any sites you visit. We assume no responsibility for third-party content or privacy practices.

We may update this Privacy Policy from time to time. Updates are effective when posted on this page. Continued use of the Service after changes constitutes acceptance of the revised policy.

If you have questions about this Privacy Policy, please contact us:

By email: ronsell42@gmail.com

For copyright concerns or content removal requests, contact: ronsell42@gmail.com