Scribena
Start free

Privacy Policy

⚠️ This is a pre-launch version. It will take effect once the ★ items (company / privacy officer details) are confirmed and final legal review is complete.

1. Overview

Scribena (“we”) complies with applicable data-protection laws and follows a data-minimization principle. Counseling data (recordings, transcripts, summaries) is encrypted and stored only on your device — it is never transmitted to or collected by our servers.

2. Information we collect

  • Account: email (required), name (optional), social-login identifier (if you use Google/Kakao)
  • Billing: subscription status, payment/refund receipt metadata, payment-method identifier (card numbers are not stored by us; they are handled by the payment provider)
  • Logs & safety: access logs, IP, admin-access records (fraud prevention and accountability)

3. Purpose of use

Member identification and authentication, subscription/billing and refund management, customer support, fraud prevention and dispute handling, and legal compliance.

4. Retention and deletion

We delete personal data without delay once its purpose is fulfilled (account and session data are deleted immediately on account closure). Where law requires retention, we keep those records stored separately and destroy them when the period ends.

  • Contract / withdrawal-of-subscription records: 5 years
  • Payment and supply-of-goods records: 5 years
  • Consumer complaint / dispute records: 3 years

Retained items: transaction-party identifiers (email, etc.) and payment/contract records. Destruction: electronic files are permanently and irrecoverably deleted.

5. Processors

To operate the service we entrust processing to, and supervise, the following:

  • Supabase Inc. — authentication, database, hosting
  • Vercel Inc. — web hosting
  • PortOne · Toss Payments — domestic (Korea) payments
  • Paddle.com Market Ltd — international payments (Merchant of Record)

6. International transfers

Some processors are located abroad, so personal data may be transferred and processed outside Korea — Supabase Inc., Vercel Inc. (USA) and Paddle.com Market Ltd (UK). Transferred items: account identifiers (email, etc.) and billing/subscription metadata, transmitted over the network during service use, for the purposes above and until the processing contract ends.

7. Third-party disclosure

We do not provide personal data to third parties without your consent, except where required by law or upon a lawful request by an investigative authority.

8. Your rights

You may at any time request access, correction, deletion, suspension of processing, or withdrawal of consent (account closure), via in-app settings or the contact below; we act without delay. Personal data of children under 14 requires the consent of a legal guardian.

9. Security measures

On-device encryption of counseling data (not stored on servers), encryption in transit, access controls, and retention of admin-access logs.

10. Privacy officer

Name: ★ (officer) · Contact: privacy@scribena.com · Company: ★ (legal name)

11. Changes

We will announce any changes on this page before they take effect. Effective date: