External Transmission of User Information
Last updated: July 17, 2026
Ruth Heath Garden K.K. (the “Company”) publishes this page to explain information that the Kenoco iOS application and related services (the “Service”) and kenoco.app (the “Website”) cause a user’s device to transmit to external providers. It supports transparency, including disclosure requirements that may apply in Japan.
This page is separate from the Kenoco Privacy Policy so that external data flows can be reviewed and updated clearly. Please see the Privacy Policy for purposes of processing personal information, disclosure to third parties, international transfers, retention and individual rights.
Some transmissions are necessary to provide a requested feature or deliver the Website. Stopping such a transmission may make the relevant feature or Website unavailable. Optional transmissions can be stopped as described below.
Transmissions from the iOS app
Apple Inc. — iCloud, CloudKit and CKShare
- Information transmitted: profiles, records, photos, minimal Plus-entitlement status, sharing metadata and device or account-state information when Family Sharing is enabled
- Company purpose: iCloud synchronization, Kenoco Family Sharing, Plus-entitlement sharing, invitations and background synchronization
- Provider purpose: providing iCloud and CloudKit, synchronization, security, fraud prevention, support and legal compliance
- When sent and how to stop: sent when Family Sharing is enabled. Ending Family Sharing stops future sharing. Device backups remain subject to Apple settings and specifications
- Provider information: Apple Privacy Policy
Apple Inc. — App Store and in-app purchases
- Information transmitted: purchase, transaction, entitlement, restoration, refund and revocation information; during refund review, this may include transaction identifier, consumption status, delivery status, platform, refund preference, prior free-use information and consent status
- Company purpose: payment, purchase validation, delivery of purchased features, restoration, refund and revocation handling, and refund-review assistance
- Provider purpose: providing the App Store, payment and refund processing, fraud prevention, refund review, service improvement and legal compliance
- When sent and how to stop: sent when a user purchases, restores or requests a refund. Not using those procedures avoids the related transmission but does not affect information already sent
- Provider information: App Store & Privacy, Apple Privacy Policy
Apple Inc. — App Attest and DeviceCheck
- Information transmitted: attestation information, tokens, IP address, and app, device, operating-system and network information used to verify the app and device
- Company purpose: preventing modified apps, fraudulent devices and unauthorized access
- Provider purpose: app and device verification, security, fraud prevention and service delivery
- When sent and how to stop: sent automatically when a protected server feature is accessed. It cannot be disabled separately while that feature is used
- Provider information: Apple Privacy Policy, Apple Platform Security
Google LLC — Firebase Authentication and Firebase App Check
- Information transmitted: outside-EEA anonymous identifiers and authentication information used for external AI and AI credits; App Check attestation information and tokens; IP address; app and operating-system version; device and network information
- Company purpose: verifying use by the genuine app, anonymous authentication, and preventing unauthorized or abusive access
- Provider purpose: authentication, app verification, security, abuse prevention, service delivery and support
- When sent and how to stop: sent outside the EEA when external AI or AI credits are used, or when the Japan-only feature-contribution function is used. Disabling the relevant optional feature stops its future use. App Check cannot be disabled separately while a protected feature is used
- Provider information: Google Privacy Policy
Google LLC — Google Cloud
- Information transmitted: images and related information sent for external AI; anonymous-authentication and App Check information; App Store storefront country code; purchase and AI-credit information; household and request identifiers; processing results; errors; IP address; network and security logs; and, after separate consent in the Japan storefront, contributed feature data that excludes the original image and persistent user identifiers
- Company purpose: routing and processing external AI requests, managing purchases and AI credits, receiving and retaining feature contributions, improving classification, preventing duplicate or abusive requests, troubleshooting and security
- Provider purpose: providing cloud infrastructure, processing, storage, logging, security, support and legal compliance to the Company
- When sent and how to stop: sent when external AI or AI credits are used, or after feature-contribution consent. Disabling each optional feature stops its future transmissions, although processing needed to deliver purchased features, prevent abuse, respond to incidents or comply with law may continue
- Provider information: Google Cloud Privacy Notice, Google Cloud Data Processing Addendum
Google LLC — Gemini API
- Information transmitted: the image selected for analysis, related information such as record category and age in months, an optional user note and output language
- Company purpose: generating objective visual observations and input suggestions
- Provider purpose: AI processing under the Company’s agreement and settings, service delivery, security, support and legal compliance
- When sent and how to stop: sent only outside the EEA when external AI analysis is enabled and the user requests analysis. Disabling external AI analysis stops future transmission. The Company does not persistently store the analysis image on its server
- Provider information: Gemini API Additional Terms, Google Privacy Policy
Transmissions from the Website
Cloudflare, Inc.
- Information transmitted: IP address, access time, page URL, browser, operating-system, device and network information, cookies or other information needed for security decisions, and network or error logs
- Company purpose: content delivery, caching, TLS, DDoS protection, abuse prevention, troubleshooting and security
- Provider purpose: providing CDN and security services, threat detection, abuse prevention, incident response, support and legal compliance
- When sent and how to stop: sent when the Website is accessed for delivery and security. It cannot be disabled separately while using the Website
- Provider information: Cloudflare Privacy Policy, Cloudflare Data Processing Addendum
Google LLC — Google Fonts
- Information transmitted: IP address, access time, referrer, browser, operating-system, device and network information, and requested-font information
- Company purpose: delivering and displaying Website fonts
- Provider purpose: font delivery, maintaining and protecting the service, and understanding service usage
- When sent and how to stop: sent when the Website is displayed. A browser or content blocker may block external fonts, but the Website’s appearance may change
- Provider information: Google Privacy Policy
Google LLC — Google Analytics 4
- Information transmitted: page URL and title, referrer, page-view and interaction events, access time, browser, operating system, device, language, screen information, IP address, IP-derived approximate location and consent state. If analytics is accepted, this additionally includes a client identifier stored in cookies such as
_gaand session information - Company purpose: aggregating Website usage, improving content, navigation and display quality, and investigating failures
- Provider purpose: providing the analytics service, maintaining and protecting it, abuse prevention, and processing under Google’s policies
- When sent and how to stop: the Website uses Google consent mode. Cookie-based measurement occurs only if a visitor accepts in the consent banner. The choice is stored in the browser and can be changed at any time from “Analytics settings” in the footer. If a visitor declines, a minimal cookieless transmission — the items listed above other than the cookie-based ones — is still sent to Google. To block that transmission as well, use browser settings, a content blocker or the Google Analytics Opt-out Add-on. When a visitor declines, analytics cookies such as
_gathat were already set are deleted by the consent-management control. Cookies can also be deleted through browser settings - Advertising: the Company does not use Google Signals, Google Ads links or ad personalization. Advertising-related consent types default to denied and ad identifier redaction (
ads_data_redaction) is enabled. Any such use will be separately disclosed and used only with the consent required by law - Provider information: Google Analytics data collection, Google Privacy Policy, Google Analytics Terms
Changes to this page
The Company updates this page when an external service, transmitted information, purpose or stopping method changes. If a change materially affects the purposes of processing personal information, disclosure to third parties or international transfers, the Company will also update the Kenoco Privacy Policy and provide notice or obtain consent as required by law.