Dear Us

Privacy Policy

Version 2.0 • Effective April 7, 2026

Article 1. Service Definition and Controller Information

1. Service Definition

Dear Us (the “Service”) is a closed-platform exclusively for two people (a couple) already in a romantic relationship, providing three functional areas: (1) Emotional Connection — Couple Diary, Shared Calendar, SoulTalk Q&A; (2) Practical Utility — Date Planner, Love Coupons, Menu Roulette; (3) Location-Based Safety — Safety Check-In (optional feature — disabled by default, separate consent required).

2. Controller Information

Item Details
Operating Company WithStan
Representative Hyun Seunghwan
Address 503, 5F, 23-gil 123 Nohae-ro, Gangbuk-gu, Seoul, Republic of Korea
Privacy Inquiries privacy@with-stan.com
Data Protection Officer Kim minjeong / dev@with-stan.com

Article 2. Data Type Definitions — Mutual Shared Data Concept

This Service is built around “Mutual Shared Data” co-created by two users. This is distinct from standard individual-data privacy frameworks and is therefore defined separately.

Type Definition & Examples Rights Principle
&circledone; Personal Data Created and owned by one user only. E.g.: email, nickname, date of birth, marketing consent history, personal diary photos/text Exclusive right of that user
&circledtwo; Mutual Shared Data Co-created or shared by both users. E.g.: diary photos/text, Q&A answers (including partner’s), calendar, coupons, planner, character, nicknames Article 3 rules apply — uploader priority
&circledthree; Location Data Collected in Safety Check-In. Separate consent basis. Raw GPS deleted within 7 days. Use/provision log retained 6 months.

Article 3. Mutual Shared Data Handling Rules — Deletion Authority Standards

1. Deletion Authority Principle — Uploader Priority

Both the user who uploaded or created Mutual Shared Data AND the partner who received it have deletion authority.

Situation Deletion Authority and Handling
Jointly created planner/coupon items Both A and B can delete
Upon couple disconnect or account deletion Bulk processing rules of Articles 3(4) and 3(5) apply

3. Shared Data Access Rights

  • While couple is connected: both users have access to the entire shared space.
  • Third parties (including our employees): access is prohibited except in extremely limited circumstances required by law.

4. Data Handling Upon Couple Disconnect

Data Type Handling Notes
Shared Diary & Calendar (including photos) Access blocked for both parties immediately upon disconnect → permanently deleted after 60 days
Soul-Talk Q&A Answers Access blocked for both immediately → permanently deleted after 60 days
Date Planner & Love Coupons Access blocked for both immediately → permanently deleted after 60 days
Safety Check-In GPS History Access blocked immediately → auto-deleted within 7 days Use/provision log retained 6 months (Location Information Act)
Personal Account Information Unaffected (personal account remains) Separate account deletion request possible

5. Handling When Only One Party Withdraws — Balancing Right to Be Forgotten with Partner Protection

Step Handling Timeline
Upon withdrawal request A’s personal data (email, nickname, profile photo) immediately deleted Within 5 days of request
Immediately anonymized + 60 days Shared data linked to A’s couple is immediately anonymized + permanently deleted after 60 days Immediately anonymized + auto-deleted after 60 days

Required UI notice on withdrawal: “Upon withdrawal, your personal information will be immediately deleted, and your information in the shared space will be anonymized. Your partner will be given 30 days to export shared data. Would you like to export now?”

6. Handling Underage and Falsely Registered Minors

Discovery Type Immediate Action Shared Data Handling Partner Notification
Under-14 false registration discovered Account immediately terminated ex officio. Legal guardian notified. All shared data immediately destroyed (no grace period). Partner notified of disconnect.
Age 14–17 false registration discovered Account immediately terminated. User notified. Shared data access blocked immediately, destroyed within 30 days. Partner notified of disconnect.

Article 4. Categories of Personal Data Collected

1. Personal Data (Required Collection)

Function Items Collected Data Type
Account registration Nickname, email, date of birth, encrypted password Personal Data
Couple connection Connected couple info (invite code, connection date/time) Personal Data
Marketing notifications (with consent) Email, push token Personal Data

2. Mutual Shared Data

Function Items Collected Data Type
Couple Diary Uploaded photos, text, sticker history, creation date/time Mutual Shared Data
Shared Calendar Date records, photo thumbnails, memos Mutual Shared Data
Q&A Question and answer content (both parties), creation date/time, read status Mutual Shared Data — Article 5 special provisions apply
Date Planner Goal names, amounts, expense items, dates Mutual Shared Data
Digital Coupons Coupon content, issuance and usage history Mutual Shared Data

3. Location Data (Optional — Separate Consent)

Function Items Collected Handling
Safety Check-In Real-time GPS coordinates, movement path, safe arrival time Raw GPS: auto-deleted within 7 days. Use/provision log: retained 6 months. See Article 7.

4. Automatically Collected Data

Item Details
Device information Device model, OS version, app version
Network information IP address, access country
Usage logs Feature usage history, access date/time, error logs
Advertising ID (with consent) iOS: IDFA (after ATT consent), Android: GAID
Firebase auto-collection App launch and screen transition events (anonymized analysis)

Data NOT collected: resident registration numbers or other unique identifiers; precise real-time location (continuous tracking); sexual orientation or relationship preferences; government-issued IDs; payment card information; EXIF metadata (GPS coordinates in EXIF are automatically stripped upon server upload).

Article 5. Soul-Talk Q&A — Voluntary Sensitive Information Processing Special Provisions

The Company does not directly request or collect information that constitutes “sensitive data” under applicable laws in any jurisdiction (including health, sexual activity, religion, political views) through the Soul-Talk Q&A feature.

User consent obtained at registration:

  • I acknowledge that I am voluntarily entering sensitive information in Q&A answers.
  • The data is processed solely for the purpose of sharing with my connected couple partner.
  • It is absolutely not used for advertising targeting, profiling, or third-party sale.
  • The operator does not infer or generate sensitive information based on behavioral data.
  • I can individually delete answers I have written at any time to stop processing.

Q&A Data Technical Protection Measures

  • Firebase AES-256 encrypted storage. Employee access is permitted only upon legal request.
  • Advertising and analytics SDKs are blocked at the code level from accessing Q&A screen events.
  • Designed so that Q&A answer content is not included in Firebase Analytics event logs.

Article 6. Photo and Media Handling — EXIF Metadata

  • EXIF metadata embedded in photos (GPS coordinates, capture date/time, device information) is automatically stripped upon server upload.
  • Accessible only to the uploading user and their couple partner. Not disclosed to third parties.
  • Deletion follows the Mutual Shared Data rules of Article 3.

Article 7. Location Data Processing — Optional Feature

1. Separation of Core Service and Location Feature

The Safety Check-In feature is an optional feature separate from the core service (Diary, Q&A, Planner, etc.). Even if you decline location consent, you can use the entire core service normally.

Item Details
Items Collected Real-time GPS coordinates (lat/lon), movement path, safe arrival time
Purpose Providing real-time location and safe arrival notification service to connected couple partner
Recipients Only the connected couple partner. Not provided for advertising, marketing, or third parties.
Legal Basis Separate explicit consent under Location Information Act Art. 15
Withdrawal App Settings → Safety Check-In → Disable (data collection stops immediately)

2. Location Data Storage Structure (Location Information Act Art. 16(2))

Data Type Retention Period and Details
Raw GPS coordinates and movement path Auto-deleted within 7 days of safe arrival completion. User can delete earlier.
Location use/provision fact confirmation log 6 months per Location Information Act Art. 16(2). Contents: service use date/time, user UID, recipient (partner UID). Does not include actual GPS coordinates.

3. Platform Liability Limitation

Liability Category Basis and Details
Damage caused by partner’s actions The Service cannot monitor or control how the location data recipient (partner) uses it. The Service is not liable for any damage caused by the partner’s actions.
Location data misuse (stalking, etc.) Criminal conduct. Immediate account termination + cooperation with authorities upon report.
GPS accuracy or service interruption damage The Service is not liable for damage from GPS signal instability, network failures, or inaccurate/undelivered location data.

Article 8. Processing Purposes and Legal Bases

Processing Purpose Legal Basis (Korea) Legal Basis (Mexico, Brazil, Philippines)
Account creation and authentication Contract performance Contract performance / Consent
Diary, Calendar, Planner, Coupons Contract performance Contract performance
Q&A — may include voluntary sensitive info Contract performance + PIPA Art. 23 separate consent Contract performance + explicit user consent
Safety Check-In location sharing (optional) Explicit consent (Location Information Act Art. 15 separate) Explicit consent
Ad ID-based targeted advertising (optional) Explicit consent (opt-in, including ATT) Consent (opt-in)
Service analysis and improvement Legitimate interest (anonymized statistics only) Legitimate interest
Marketing delivery (optional) Explicit consent (separate opt-in, night-time separate consent) Consent (separate opt-in)
Safety and fraud prevention Legitimate interest; Legal obligation Legal obligation / Legitimate interest

Article 9. Advertising SDKs — Third-Party Independent Controller Notice

The operator does not provide user registration information or couple shared data to third parties under any circumstances. However, for users who choose “watch ads” to earn free reward items, limited data is provided to advertising SDK providers solely for delivering targeted ads and measuring effectiveness.

SDK Provider Items Collected and Purpose
Google AdMob IDFA/GAID, ad view/click events, app usage data — reward ad delivery and effectiveness measurement
Firebase Analytics App events, device info, IP address — service usage pattern analysis
Firebase Crashlytics Error stack traces, device info — app stability monitoring

iOS ATT Alignment

  • iOS users: ATT framework popup is displayed per Apple requirements. ATT popup text matches this policy.
  • IDFA is provided to SDK providers only if “Allow Tracking” is selected in ATT.
  • If “Ask App Not to Track” is selected, non-personalized ads are provided without collecting IDFA.

How to Opt Out of Advertising ID Collection

Device Type Steps
iOS (IDFA opt-out) Settings → Privacy & Security → Tracking → Disable “Allow Tracking” for Dear Us
Android (GAID opt-out) Settings → Privacy → Ads → “Delete advertising ID” or “Opt out of Ads Personalization”

Article 10. Data Processing Delegation

Processor Delegated Work Data Transferred
Google LLC (Firebase) Server infrastructure, Firestore DB, Cloud Storage, Authentication, Analytics, FCM Account, content, logs — U.S. server
Google AdMob Reward ad delivery Advertising ID, view history — consenting users only
Firebase Analytics App usage analysis Advertising ID, view history — consenting users only
Firebase Crashlytics App error monitoring Error logs, device info

The operator has entered into data processing agreements (DPA) with all processors above and conducts periodic security checks.

Article 11. Google Firebase and International Data Transfers

This Service uses Google LLC’s Firebase, with servers located in the United States. Your personal data is transferred to the United States.

Item Details
Destination Country United States
Recipient Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Purpose Firebase cloud service provision
Items Transferred Account identification info, couple shared data, location data (with consent), device/usage info, notification tokens (with consent), advertising IDs (with consent)
Transfer Method Real-time transfer via network during service use
Retention Period Duration of service. Deleted per Firebase policy after withdrawal.
Opt-Out Method Email request to privacy@with-stan.com or App Settings → Privacy → International Transfer Opt-Out
Consequences of Refusal This Service operates exclusively on Google Firebase (U.S. server) infrastructure. If you refuse the international transfer, registration and use of the Service are fundamentally impossible due to the technical structure.

Article 12. Retention Periods by Purpose

Data Retention Period Basis
Account basic information Deleted within 5 days of withdrawal Purpose fulfilled
Shared Diary, Q&A, Planner 60 days after user deletion or couple disconnect/withdrawal Shared data grace period
Raw GPS coordinates and movement path Auto-deleted within 7 days of safe arrival Data minimization principle
Location use/provision log 6 months (Location Information Act Art. 16(2)) Legal obligation
Service usage records, access logs, IP 3 months (Communications Secrets Protection Act Art. 15-2) Legal obligation
Payment and goods supply records 5 years (E-Commerce Act Art. 6) Legal obligation
Consumer complaints and dispute records 3 years (E-Commerce Act Art. 6) Legal obligation
Advertising ID and view history 60 days Purpose fulfilled
Marketing consent history 5 years after withdrawal Legal evidence
Reports and safety records 3 years from report Legal dispute response
Error and diagnostic logs 60 days Service stability
Inactive accounts Deleted after 12 months inactivity with 30-day advance notice Service operations policy

Article 13. Personal Data Protection Measures

  • Transmission encryption: TLS 1.2 or higher (Firebase default)
  • Storage encryption: AES-256 (Firebase default), one-way hash for passwords
  • Couple space access control: Firebase Security Rules block non-couple members
  • Q&A/Diary SDK isolation: Code-level blocking prevents advertising/analytics SDKs from accessing those screen events

Incident Response — Supervisory Authority Reporting Timeline

Country Reporting Deadline Authority
Republic of Korea Within 24 hours of discovery (above certain scale) Personal Information Protection Commission
Brazil Within 72 hours of discovery ANPD
Philippines Within 72 hours of discovery NPC
Mexico Notification obligation to relevant authorities and users Relevant authorities

Article 14. User Rights and How to Exercise Them

Right Target Data How to Exercise Processing Period
Access Personal and shared data App Settings → Privacy → My Information Within 10 days
Correction Personal data App Settings or email request Within 10 days
Deletion (withdrawal) All personal data + shared data anonymization App Settings → Delete Account Within 5 days (Korea)
Individual content deletion Mutual shared data I created Directly in each item within app Immediately
Location GPS deletion GPS location history Safety Check-In → Delete Location Records Immediately
Processing restriction Personal data Email: privacy@with-stan.com Within 10 days
Consent withdrawal Marketing, advertising, location App Settings → Consent Management Immediately
Data portability Personal + my shared data JSON provided upon email request Within 30 days

Article 15. Policy Amendments and Notification

Change Type Notice Timing Notice Method
General changes At least 7 days before effective date In-app notices
Material changes to user rights (adding collection items, changing purposes, adding third-party sharing, etc.) At least 30 days before effective date In-app notices + individual email notification to registered email

This Privacy Policy is available at any time at App Settings → Privacy Policy. Also accessible from the initial app launch and registration screen.

Article 16. Remedies and Supervisory Authorities by Country

Users may contact the Data Protection Officer or the following national authorities to seek remedy for personal data infringement.

Korea — Mandatory Legal Disclosure

Agency Contact Website
Personal Information Dispute Mediation Committee 1833-6972 www.kopico.go.kr
Personal Data Infringement Report Center (KISA) 118 (no area code) privacy.kisa.or.kr
Supreme Prosecutors’ Office Cyber Investigation Division 1301 (no area code) www.spo.go.kr
National Police Agency Cyber Investigation Bureau 182 (no area code) ecrm.cyber.go.kr

Supervisory Authorities by Country

Country Authority Website
Republic of Korea Personal Information Protection Commission (PIPC) pipc.go.kr
Brazil ANPD gov.br/anpd
Mexico INAI inai.org.mx
Philippines NPC privacy.gov.ph

Data Protection Officer: Kim minjeong / dev@with-stan.com  |  Privacy Inquiries: privacy@with-stan.com  |  Effective Date: April 7, 2026