Privacy Policy

1. Purpose of Processing Personal Information

’TenStep’ (hereinafter referred to as "the App") processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures will be implemented, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

1. Membership Registration and Management
   • Personal information is processed for the purposes of confirming membership registration intent, identification and authentication for providing membership services, maintaining and managing membership status, preventing unauthorized use of services, and handling various notices and complaints.
2. Provision of Goods or Services
   • Personal information is processed for the purposes of providing services, providing content, and providing customized services.
3. Use in Marketing and Advertising
   • Personal information is processed for the purposes of developing new services (products) and providing customized services, providing and offering opportunities to participate in events and advertising information, providing services and placing advertisements according to demographic characteristics, verifying service effectiveness, identifying access frequency, or statistics on members' service usage.

2. Processing and Retention Period of Personal Information

① The App processes and retains personal information within the retention and use period of personal information according to laws or the retention and use period of personal information agreed upon when collecting personal information from data subjects.

② The processing and retention periods for each type of personal information are as follows:

1. Membership Registration and Management: Until membership withdrawal
   • However, in the following cases, until the reason ends:
     • If investigation or inquiry is ongoing due to violation of related laws, until the end of such investigation or inquiry
     • If obligations and debts remain from using the App, until settlement of such obligations and debts

3. Items of Personal Information Processed

The App processes the following personal information items:

1. Membership Registration and Management
   • Required items: Email
   • Optional items: Nickname, Profile photo (information provided during social login)

4. Provision of Personal Information to Third Parties

The App processes personal information only within the scope specified in Article 1 (Purpose of Processing Personal Information), and provides personal information to third parties only in cases corresponding to Articles 17 and 18 of the Personal Information Protection Act, such as consent from the data subject or special provisions of laws.

5. Consignment of Personal Information Processing

The App consigns personal information processing tasks as follows for smooth personal information processing:

1. Firebase (Google)
   • Consignee: Google LLC
   • Consigned business content: Member management, data storage, push notification delivery, app analytics
2. Google AdMob
   • Consignee: Google LLC
   • Consigned business content: Providing personalized advertising

6. Rights and Obligations of Data Subjects and Legal Representatives and Methods of Exercise

① Data subjects may exercise their rights to view, correct, delete, or request suspension of processing of personal information against the App at any time.

② The exercise of rights under paragraph 1 may be made to the App in writing, by email, or by fax in accordance with Article 41, paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and the App will take action without delay.

7. Destruction of Personal Information

① The App destroys personal information without delay when it becomes unnecessary, such as when the retention period of personal information has elapsed or the processing purpose has been achieved.

② The procedures and methods for destroying personal information are as follows:

1. Destruction Procedure: Information entered by users is transferred to a separate DB after the purpose is achieved (in the case of paper, to separate documents) and stored for a certain period according to internal policies and other related laws, or immediately destroyed. At this time, personal information transferred to the DB will not be used for other purposes unless required by law.
2. Destruction Method: Electronic file format information uses technical methods that make records irreproducible.

8. Measures to Ensure Safety of Personal Information

The App takes the following measures to ensure the safety of personal information:

1. Administrative Measures: Establishment and implementation of internal management plans, regular employee training, etc.
2. Technical Measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs

9. Personal Information Protection Officer

The App designates a Personal Information Protection Officer as follows to take overall responsibility for matters related to personal information processing and to handle complaints and remedy damages of data subjects related to personal information processing:

• Personal Information Protection Officer
  • Name: EUIBIN KIM
  • Contact: befire916@gmail.com

10. Changes to Privacy Policy

This Privacy Policy takes effect from December 4, 2025.