Privacy Policy

Privacy Policy

Last updated: December 28, 2025

1. Introduction

Magic Meal Kits ("we," "our," or "us") is committed to protecting the privacy of our users ("you" or "your"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Notion Plus integration module for Make.com ("Service").

2. Information We Collect

2.1 Information from Authentication Providers

When you sign in using authentication providers (including Google and Supabase), we collect:

  • Your email address
  • Basic profile information (name and profile picture)

2.2 Notion Integration Data

When you connect your Notion workspace, we access:

  • Notion workspace information for OAuth authentication
  • Database and page metadata required for automation operations
  • Data you choose to process through Make.com scenarios

2.3 Technical Information

We automatically collect:

  • Device information (browser type, IP address)
  • Log data
  • Usage data related to our services

3. How We Use Your Information

3.1 Core Service Functionality

  • Account creation and management through Supabase
  • Authentication and security
  • Providing our Notion integration module for Make.com
  • Enabling Notion automation workflows
  • Customer support

3.2 Service Improvement

  • Analyzing usage patterns
  • Enhancing user experience
  • Debugging and technical issue resolution
  • Service optimization

4. Data Storage and Security

4.1 Data Storage

  • User authentication data is managed through Supabase
  • Service data is stored on secure servers
  • Personal information is encrypted in transit and at rest
  • We retain your data only as long as necessary

4.2 Security Measures

  • Implementation of industry-standard security protocols
  • Regular security audits
  • Access controls and authentication mechanisms
  • Monitoring for unauthorized access attempts
  • Secure integration with authentication providers

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only:

  • With your explicit consent
  • To comply with legal obligations
  • With service providers who assist in our operations

6. Your Rights and Choices

You have the right to:

  • Access your personal information
  • Request correction of inaccurate data
  • Request deletion of your data
  • Revoke Notion workspace access
  • Revoke authentication provider permissions
  • Opt-out of non-essential data collection
  • Export your data

7. Authentication Provider Policies

7.1 Google API Services

We adhere to the Google API Services User Data Policy and:

  • Only request necessary Google account permissions
  • Use data only for the intended purpose
  • Do not transfer or sell data obtained through Google APIs
  • Provide clear methods to revoke access

7.2 Supabase Integration

Our Supabase authentication implementation:

  • Securely manages user credentials
  • Provides multiple authentication options
  • Maintains data privacy and security
  • Follows industry best practices

7.3 Notion Integration

Our Notion OAuth integration:

  • Only requests necessary workspace permissions
  • Accesses only data required for automation operations
  • Does not store Notion content permanently
  • Provides clear methods to revoke access

8. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect information from children under 13.

9. International Data Transfers

If we transfer your data internationally, we ensure appropriate safeguards are in place to protect your information.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of any material changes by:

  • Posting the new Privacy Policy on our website
  • Sending you an email notification
  • Displaying a notice in our Service

11. Contact Us

If you have questions about this Privacy Policy, please contact us at:

12. Specific Terms for Japanese Users

In compliance with Japanese law, including the Act on Protection of Personal Information (個人情報保護法):

  • We maintain appropriate security measures for personal data protection
  • We provide notice before any material changes to data handling
  • We respond to disclosure requests within legal timeframes
  • We maintain records of personal data handling as required by law

13. Google API Services Specific Terms

13.1 Limited Use

We adhere to Google API Services User Data Policy requirements:

  • We only use Google user data to provide and improve our service features
  • All features using Google data are prominently visible in our application interface
  • We do not transfer or sell Google user data to third parties
  • We do not use Google user data for advertising purposes
  • Human access to data is limited to:
    • Security investigation purposes
    • Legal compliance requirements
    • User-authorized support services

13.2 Data Retention and Deletion

  • Google user data is retained only as long as necessary for service provision
  • Users can request data deletion at any time
  • Upon service termination, all Google user data is deleted within 30 days
  • Regular audits ensure compliance with retention policies

13.3 Security Assessments

  • We undergo regular security assessments as required by Google
  • Our service maintains compliance with Google's security requirements
  • We implement industry-standard encryption for data in transit and at rest
  • Regular penetration testing and vulnerability assessments are conducted

13.4 Child-Directed Services

  • Our service is not directed at children under 13
  • We do not knowingly collect or process data from children under 13
  • If we discover such data collection, it will be deleted immediately