Home

Privacy Policy

Last updated: April 25, 2025

1. Data Controller

The data controller for personal data collected through the Miru application is:

Stefanello Enrico
Italy
Email: enricostefanello0@gmail.com

2. Data Collected

Miru collects the following personal data necessary for the service to function:

  • Registration data: email address, first name, last name, username chosen by the user
  • Library data: saved anime, watch status, current episode, personal ratings, notes
  • Social data: friend requests, friends list, messages exchanged with other users
  • Technical data: last message read timestamp (stored locally on the device)

No sensitive data, payment data, location data, or biometric data is collected.

3. Purpose and Legal Basis

Data is processed exclusively to:

  • Provide and manage the anime tracking service (basis: contract performance, Art. 6(1)(b) GDPR)
  • Enable social features (friends, chat) (basis: contract performance)
  • Ensure the security and proper functioning of the application (basis: legitimate interest)

Data is not used for profiling, marketing, or sold to third parties.

4. Sub-processors

Supabase Inc. (USA) — database, authentication and real-time messaging provider. Data transfers to the USA are made in compliance with GDPR guarantees through Standard Contractual Clauses (SCC). Privacy policy: supabase.com/privacy

AniList — external API from which public anime data (titles, covers, episodes) is retrieved. No personal user data is transmitted to AniList. Privacy policy: anilist.co/privacy

Google / YouTube — anime trailers are played via YouTube iframe. If the user interacts with the player, Google's terms apply. Privacy policy: policies.google.com/privacy

5. Data Retention

Personal data is retained for the duration of the account. Upon account deletion, all associated data is deleted within 30 days, unless required by law.

6. Cookies and Local Storage

Miru does not use tracking or profiling cookies. localStorage is used exclusively to save local technical data (e.g. last message read timestamp), without transmission to external servers.

7. User Rights (GDPR)

Under Arts. 15-22 of the GDPR, users have the right to:

  • Access — obtain confirmation of processing and a copy of their data
  • Rectification — correct inaccurate or incomplete data
  • Erasure — request removal of their data ("right to be forgotten")
  • Portability — receive their data in a structured, readable format
  • Objection — object to processing based on legitimate interest
  • Restriction — request suspension of processing in certain cases

To exercise these rights, write to: enricostefanello0@gmail.com

Users also have the right to lodge a complaint with the relevant data protection authority in their country of residence.

8. Security

Data is protected through secure authentication (managed by Supabase Auth), encrypted HTTPS connections, and database access policies (Row Level Security). No data is accessible by other users without explicit authorisation.

9. Changes to This Policy

Any changes to this policy will be published on this page with an updated date at the top. For substantial changes, registered users will be notified via an in-app notification.

10. Contact

For any questions regarding personal data processing:
enricostefanello0@gmail.com

Miru is an independent application not affiliated with AniList, YouTube or other mentioned services.
Anime data provided by AniList.

← Home