Privacy Policy

Sutory (the "Company") processes personal data for the purposes set out below in order to provide the Sutory service. If the purposes change, the Company will obtain separate consent in accordance with Article 18 of the Korean Personal Information Protection Act (PIPA).

• Member identification and authentication (Apple / Google social login)
• Delivery of the AI companion and personal-wiki services (chat, graph, schedules, notifications)
• Processing of paid-service payments and prevention of fraudulent use
• Ensuring service reliability (security logs, incident tracing)
• Compliance with statutory obligations (e.g. transaction-record retention under the Act on the Consumer Protection in Electronic Commerce)

The Company may temporarily process the device location of users on its mobile app to provide location-based features (such as nearby lunch suggestions and schedule reminders). For users who have agreed to the separate location-based terms required by the Korean Act on the Protection, Use, etc. of Location Information, processing follows the principles below (see Location-Based Services Terms).

• When collected: only at the moment the user — having granted location permission — directly invokes a location-aware feature (e.g. nearby lunch suggestions).
• Scope of storage: coordinates are discarded immediately after the response is generated and are never written to the database (memory only).
• Disclosure to third parties: coordinates are not shared externally. Coordinates may be transmitted transiently to external map APIs (e.g. Google Places) to perform proximity search, and the Company discards them on transmission.
• IP address: used only as an access identifier for security and logging purposes — never for location inference, ad targeting, or profiling.
• Withdrawing permission: users can revoke location permission in their device settings at any time. Doing so disables only location-aware features; the rest of the service continues to function normally.
• Users under 14: because the Company blocks sign-ups by anyone under 14, no location data is processed for users under that age (Location Information Act §25).

• Member account and content: deleted immediately upon account withdrawal. After a 30-day grace period, recovery is no longer possible (soft-delete → hard-delete).
• Raw voice audio: deleted immediately after STT processing (never retained).
• AI-composed images: automatically deleted after 7 days (copies downloaded by the user are separate).
• Payment records: retained for 5 years under Article 6 of the Act on Consumer Protection in Electronic Commerce.
• Consumer-complaint and dispute records: retained for 3 years under Article 6 of the same Act.
• Access logs and security logs: retained for 3 months under Article 15-2 of the Protection of Communications Secrets Act.

The Company does not disclose your personal data to external parties as a general rule. The following are the only exceptions:

• where you have given prior consent;
• where required by law, or where an investigative agency requests it in accordance with the procedures and methods prescribed by law; or
• where pseudonymised data is provided for statistical or academic-research purposes.

The Company outsources certain processing tasks to the subprocessors listed below. The outsourcing contracts contain security obligations required by Article 26 of the Korean Personal Information Protection Act.

Any change in subprocessors will be announced through advance revision of this policy. With every AI subprocessor, the Company uses channels covered by no-training agreements, which forbid using your data for model training.

Among the subprocessors listed in Section 6, the ones located in the United States, United Kingdom, and EU receive transferred personal data. Your consent to this policy is treated as consent to such transfers. To withdraw consent, please delete your account.

You may exercise the following rights at any time, either through the Settings screen or by contacting the Data Protection Officer (Section 14).

• Right of access: download directly via Settings → Data Export (JSON / Markdown).
• Right to rectification or erasure: edit your profile and content directly in Settings, or withdraw your account.
• Right to restriction of processing: request by email to the Data Protection Officer.
• Right to data portability: data exports are provided as standard JSON.
• Right to object to and to receive an explanation of automated decisions (PIPA §37-2, added in 2024): AI outputs are reference information only — the Company does not make automated decisions with legal or financial effect. If you nonetheless object, please contact the Data Protection Officer and we will review and reply.

The Company destroys personal data without delay once the retention period elapses or the processing purpose has been achieved.

• Electronic form: permanently deleted in an irrecoverable manner (NULLifying database columns and automatic disposal once backup retention expires).
• Paper documents: shredded or incinerated.
• Data transmitted to AI subprocessors: destroyed immediately under the outsourcing contract (no-training, no-retention options applied).

• Administrative: internal management plan, regular security training, principle of least access.
• Technical: TLS 1.3 in transit, AES-256 at rest, Row-Level Security multitenant isolation, password hashing (Argon2id), short-lived JWTs.
• Physical: reliance on the ISO 27001 / SOC 2 controls of Azure data centres.
• Logging and monitoring: anomaly detection on access, notification within 72 hours of any security incident (per GDPR / PIPA).

The Company stores the following items in LocalStorage to maintain authenticated sessions. We do not use cookies for advertising tracking or third-party analytics.

• tory-auth: authenticated session (access / refresh tokens and expiry).
• tory-oauth-state: one-time OAuth login state (deleted immediately after the callback).

You may delete these items at any time through your browser settings.

The Company blocks sign-ups by children under the age of 14. This measure satisfies both Article 22-2 of the Korean Personal Information Protection Act and the U.S. Children’s Online Privacy Protection Act (COPPA, under 13).

• Where blocked: the consent step of sign-up requires a year of birth; if the user is determined to be under 14, sign-up is rejected outright and no input data is stored.
• Default protection from social providers: Apple ID and Google accounts are issued only to users aged 13+ under each provider’s terms, giving us a first line of defence.
• Post-hoc detection: if a user is found to be under 14 after sign-up, the Company immediately suspends the account and destroys all personal data collected within 7 days. We notify the registered email of the destruction.
• Rights of legal guardians: a legal guardian who discovers that the Company is processing personal data of a child under 14 may immediately require destruction, access, or cessation of use through the Data Protection Officer.

The Company does not collect personal data for marketing, advertising, or promotional purposes. We send only notifications essential to operating the service, such as payment and security notices, which fall under the consent-exception provisions of Article 22-2 of the Personal Information Protection Act.

• Officer: Min-kyung Kim (CEO)
• Email: privacy@tory.my
• Company: Sutory · Business registration number: 633-02-03631
• Response time: within 7 business days
• Dispute resolution: Personal Information Dispute Mediation Committee (1833-6972), Privacy Infringement Report Centre (118), Supreme Prosecutors’ Office Cyber Investigation (1301), National Police Agency Cyber Bureau (182)

• 2026-05-27 · Added an English translation (Korean original remains authoritative; other-language bodies are provided for convenience).
• 2026-05-13 · Added an explicit location-information processing section (§3), added protection of minors (§12 COPPA / PIPA §22-2), and corrected the Data Protection Officer email domain.
• 2026-05-12 · Initial release.