TezStudio KO
PRIVACY POLICY

Lumiary

Last updated · 2026-05-09

1. Overview

TezStudio ("the Studio") respects user privacy in Lumiary ("the App") and handles personal data in accordance with applicable laws including South Korea's Personal Information Protection Act and GDPR.

Because the App handles sensitive content (diary entries), we describe data flows transparently below.

2. Information We Collect

2-1. Diary content (user-entered)

  • Diary title and body
  • Mood category (one of five: angry, sad, neutral, happy, excited)
  • Entry timestamp

Diary entries are stored on the user's device (Core Data) by default. They are transmitted to OpenAI only when the user explicitly requests AI feedback for an entry (see Section 3).

2-2. Account data

  • Apple ID or Google ID — Firebase Authentication identifier
  • Email address and display name — provided by Apple/Google sign-in

2-3. Advertising

  • Advertising identifier (IDFA), device info, IP address — processed by Google Mobile Ads (AdMob)
  • App Tracking Transparency (ATT) permission is requested; the user may decline.

3. AI Feedback (Important)

When the user explicitly requests AI feedback on a diary entry, that entry's text is sent once to OpenAI's GPT API to receive an empathic response.

  • Data reaches OpenAI servers only at request time and is discarded immediately after the response is received.
  • OpenAI does not use API data to train models and deletes it within 30 days. See the OpenAI Privacy Policy.
  • If you do not use the AI feedback feature, diary entries are never sent externally.

4. Data Storage and Location

  • Diary content — stored on device (Core Data) by default
  • Google Firebase (Authentication) — only sign-in identifier; diary content is NOT stored in Firestore or any cloud
  • All transport encrypted via HTTPS/TLS

5. Advertising and Analytics

For free users, the App may display Google Mobile Ads (AdMob) and requests App Tracking Transparency permission.

  • iOS: opt out via Settings > Privacy & Security > Tracking. All app features remain available.
  • The advertising SDK does not access diary content.

6. Third Parties and Sub-Processors

We do not share personal data with third parties except for the following sub-processors:

  • Google LLC — Firebase Authentication, Google Mobile Ads
  • OpenAI, L.L.C. — processes diary text only when AI feedback is requested
  • Apple Inc. — Sign in with Apple

7. Retention and Deletion

  • Diary data: removed when you delete entries in-app or uninstall the App
  • Data sent to OpenAI: auto-deleted within 30 days per OpenAI policy
  • iCloud backups follow Apple's iCloud policy

8. User Rights

  • Edit or delete entries directly in the App
  • Account deletion removes the sign-in identifier
  • Email requests: supports@tez.kr

9. Children's Privacy

The App is not directed to children under 14 and does not knowingly collect personal data from them.

10. Security

  • TLS 1.2+ encryption in transit
  • Secrets such as API keys are never exposed to clients

11. Policy Changes

We will provide advance notice via the App or this page before any material change to this policy.

12. Contact

For privacy inquiries, contact supports@tez.kr.