ZeroPamine Privacy Policy

Last Updated: January 5, 2026

Table of Contents

1. Introduction
2. Personal Information We Collect
3. How We Collect Information
4. How We Use Your Information
5. Sharing and Disclosure to Third Parties
6. Data Retention Period
7. International Data Transfers
8. Security Measures
9. Cookies and Tracking Technologies
10. Your Rights and How to Exercise Them
11. Children's Privacy
12. Changes to This Privacy Policy
13. Data Protection Officer and Contact Information

---

1. Introduction

ZeroPamine ("we," "our," or "the Service") values your privacy and complies with relevant regulations including the Personal Information Protection Act, Information and Communications Network Act, EU GDPR (General Data Protection Regulation), and US CCPA (California Consumer Privacy Act).

This Privacy Policy applies to the ZeroPamine mobile application and website (zeropamine.com), and explains what personal information we collect, how we use and share it, retention periods, and third-party disclosures.

---

2. Personal Information We Collect

2.1 Account Information

Information collected during registration and login:

Email/Password Sign-up

• Email address
• Password (encrypted and stored)
• User unique identifier (UID)
• Display name (optional)
• Email verification status

Google Account Login

• Google account email
• Google account name
• Google OAuth token
• User unique identifier (UID)

Apple Account Login

• Apple account email
• Apple account name (optional)
• Apple OAuth token
• User unique identifier (UID)

2.2 Usage Data

Information automatically collected while using the app:

Timer Session Records

• Session start and end times
• Session type (focus/break)
• Planned and actual duration
• Completion status
• User notes (optional)
• Associated routine information

App Settings

• Selected theme (Coffee, Hourglass, Candle, Battery, Cat, Nyancat, Campfire, Tree)
• Auto-start settings
• Sound enabled/disabled
• Sound volume and type
• Language preference (Korean/English/Japanese)

Routine Configuration

• User-created routine items
• Routine names, durations, and order

2.3 Purchase Information

Information collected for ZeroPamine Pro and special theme purchases:

ZeroPamine Pro Purchase

• Purchase status (active/inactive)
• Purchase date and time
• Purchase platform (Apple/Google)
• Product ID
• RevenueCat customer ID
• Last verification timestamp

Special Theme Purchases

• Purchased theme ID (Campfire, Tree, etc.)
• Purchase status (active/inactive)
• Purchase date and time
• Purchase platform (Apple/Google)
• Product ID
• RevenueCat customer ID
• Last verification timestamp

2.4 Device and Technical Information

Technical information collected automatically:

• Device type and model
• Operating system version (iOS/Android)
• App version
• Advertising identifier (non-Pro users, AdMob)
• IP address (Firebase Analytics, Google Analytics)
• Language and timezone settings

2.5 Website Visit Information (Google Analytics)

Information collected when visiting the website:

• IP address (anonymized)
• Browser type and version
• Pages visited and time spent
• Referrer source
• Cookie identifiers

---

3. How We Collect Information

We collect personal information through the following methods:

3.1 Direct User Provision

• Email/password input during registration
• Login via Google/Apple account
• Changing app settings
• Writing session notes

3.2 Automatic Collection

• Automatic saving of session records during app use
• Usage statistics via Firebase Analytics
• Website visit analysis via Google Analytics
• Subscription information via RevenueCat

3.3 Third-Party Collection

• Google account information via Google Sign-In
• Apple account information via Apple Sign-In

---

4. How We Use Your Information

Collected personal information is used only for the following purposes:

4.1 Service Provision and Maintenance

• Providing Pomodoro timer functionality
• Creating and managing user accounts
• User authentication and login
• Cloud synchronization (session records, settings, routines)
• App improvement and bug fixes

4.2 Payment Management

• Processing ZeroPamine Pro purchases
• Processing special theme individual purchases
• Payment and refund processing
• Providing purchase restoration feature
• Managing theme unlock functionality

4.3 Advertising

• Displaying personalized ads to non-Pro users (Google AdMob)

4.4 Customer Support

• Responding to user inquiries
• Technical support and troubleshooting
• Delivering service-related notifications

4.5 Service Improvement and Analysis

• Analyzing usage patterns
• Monitoring app performance
• Developing new features
• Website traffic analysis (Google Analytics)

4.6 Legal Compliance

• Complying with applicable laws
• Responding to legal disputes
• Preventing fraudulent use

---

5. Sharing and Disclosure to Third Parties

We share your personal information with third parties as follows:

5.1 Firebase (Google Cloud Platform)

Purpose: Authentication, cloud database, analytics Information Shared: Account information, session records, settings, routines, Pro status, special theme purchase information, device information Retention Period: Until account deletion (session records: 90 days) Privacy Policy: https://firebase.google.com/support/privacy

Services Used:

• Firebase Authentication: Email/OAuth authentication
• Cloud Firestore: Cloud data storage and synchronization
• Firebase Analytics: App usage analysis

5.2 RevenueCat

Purpose: In-app purchase management and processing Information Shared: User UID, Pro subscription information, special theme purchase information, purchase history Retention Period: Legal retention period (5 years per tax law) Privacy Policy: https://www.revenuecat.com/privacy

5.3 Google Sign-In

Purpose: Login with Google account Information Shared: Google OAuth token, email, name Retention Period: Until account deletion Privacy Policy: https://policies.google.com/privacy

5.4 Apple Sign-In

Purpose: Login with Apple account Information Shared: Apple OAuth token, email, name (optional) Retention Period: Until account deletion Privacy Policy: https://www.apple.com/legal/privacy/

5.5 Google AdMob

Purpose: Ad display (non-Pro users) Information Shared: Advertising identifier, device information, IP address Retention Period: According to Google AdMob policy Privacy Policy: https://policies.google.com/privacy

5.6 Google Analytics

Purpose: Website visit analysis Information Shared: Anonymized IP address, browser information, visited pages Retention Period: 26 months (Google Analytics default) Privacy Policy: https://policies.google.com/privacy

5.7 Legal Disclosure

We may disclose personal information in accordance with legal obligations in the following cases:

• Court order or warrant
• Request from law enforcement agencies
• When necessary to protect life, body, or property of users or third parties

Important: We do not sell your personal information to third parties for marketing purposes.

---

6. Data Retention Period

6.1 Account Information

• Retention Period: Until account deletion
• Deletion Method: App Settings > Delete Account

6.2 Session Records

• Cloud Storage: Unlimited retention until account deletion
• Local Storage: Maximum 1,000 sessions (stored on device)
• Query Limitation: App displays only the last 90 days, maximum 500 sessions
• Deletion: All session records permanently deleted when account is deleted

6.3 Settings and Routines

• Retention Period: Until account deletion
• Upon Logout: Local data deleted (cloud data retained)

6.4 Purchase Information

• Retention Period: 5 years after purchase (legal requirement for tax purposes)
• Applies to: ZeroPamine Pro purchase, special theme purchases (Campfire, Tree, etc.)

6.5 Local Data (Device Storage)

• Deletion: Immediately deleted upon logout or app uninstall

6.6 Backup Data

• Retention Period: Completely deleted within 30 days after account deletion

---

7. International Data Transfers

7.1 Data Storage Location

Your personal information is processed through Google Cloud Platform (Firebase) and may be stored on servers in the following countries:

• United States
• Asia Pacific region (Korea, Japan, Singapore, etc.)
• European Union

7.2 Safeguards for International Transfers

• EU-US Data Privacy Framework: GDPR compliance
• Standard Contractual Clauses (SCC): EU Commission-approved standard contractual terms
• Firebase Security: Google's advanced security infrastructure

7.3 Information Transferred

• Account information (email, UID)
• Session records
• Settings and routines
• Subscription information
• Special theme purchase information

By using the Service, you are deemed to consent to the above international transfers.

---

8. Security Measures

8.1 Technical Measures

Encryption

• Passwords: Firebase Authentication bcrypt encryption
• Communication: HTTPS/TLS 1.3 encryption protocol
• Storage: Firebase server-side encryption (AES-256)

Access Control

• Data access restrictions via Firebase Security Rules
• User-based UID data isolation
• OAuth 2.0 security protocol

Security Certifications

• Google's ISO 27001, SOC 2, SOC 3 certifications

8.2 Administrative Measures

• Minimizing personal information access privileges
• Regular security checks and updates
• Privacy policy training

---

9. Cookies and Tracking Technologies

9.1 Cookies We Use

Website (Google Analytics)

• _ga: User identification (2 years)
• _gid: Session identification (24 hours)
• _gat: Request rate limiting (1 minute)

Mobile App

• Firebase Analytics SDK: App usage statistics
• AdMob SDK: Advertising identifier (non-Pro users)

9.2 How to Manage Cookies

Website

• Block or delete cookies in browser settings
• Opt out of Google Analytics: https://tools.google.com/dlpage/gaoptout

Mobile App

• iOS: Settings > Privacy > Tracking > Turn off "Allow Apps to Request to Track"
• Android: Settings > Google > Ads > Opt out of Ads Personalization

---

10. Your Rights and How to Exercise Them

You (data subject) have the following rights and may exercise them at any time:

10.1 Right to Access

You can request to view your collected personal information.

• Method: Request via zeropamine@appstdo.com

10.2 Right to Rectification

You can request correction of inaccurate personal information.

• Method: App settings or email request

10.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal information.

• Method: App Settings > Delete Account
• Effect: Permanent deletion of all cloud and local data

10.4 Right to Restriction of Processing

You can request temporary suspension of personal information processing.

• Method: Request via zeropamine@appstdo.com

10.5 Right to Data Portability (GDPR)

You can request your personal information in a format that allows transfer to another service.

• Method: Request via zeropamine@appstdo.com
• Format: JSON or CSV file

10.6 Right to Withdraw Consent

You can withdraw consent for personal information collection and use.

• Method: Delete account or email request

10.7 How to Exercise Your Rights

• Email: zeropamine@appstdo.com
• Processing Period: Within 30 days of request (GDPR: within 1 month)
• Identity Verification: We may request additional information to verify your identity

10.8 CCPA Rights (California Residents)

California residents have the following additional rights:

• Right to know the categories and sources of collected personal information
• Right to opt out of sale of personal information (we do not sell personal information)
• Right to non-discrimination

---

11. Children's Privacy

11.1 Age Restrictions

ZeroPamine is not intended for children under the following ages:

• General: Under 13 years old (COPPA)
• EU: Under 16 years old (GDPR)
• Korea: Under 14 years old (Personal Information Protection Act)

11.2 Parental Consent

Children under the above ages require parental or legal guardian consent to use the Service.

11.3 Deletion of Children's Information

If we become aware that we have collected personal information from children without parental consent, we will immediately delete such information.

• Report: zeropamine@appstdo.com

---

12. Changes to This Privacy Policy

12.1 Change Notification

If this Privacy Policy is changed, we will notify you as follows:

• Website posting (at least 7 days in advance)
• In-app notifications
• Email notification for significant changes

12.2 Effective Date of Changes

The modified Privacy Policy becomes effective 7 days after notification.

12.3 Withdrawal of Consent

If you do not agree to the modified policy, you may delete your account.

---

13. Data Protection Officer and Contact Information

13.1 Data Protection Officer

For inquiries, complaints, or exercising your rights regarding personal information processing, please contact:

Email: zeropamine@appstdo.com

13.2 Processing Procedure

1. Submit inquiry via email
2. Identity verification (if necessary)
3. Response and processing within 30 days
4. Notification of processing results via email

13.3 Dispute Resolution

If personal information disputes are not resolved, you may seek assistance from the following organizations:

Korea

• Personal Information Infringement Report Center: privacy.kisa.or.kr (Call 118)
• Personal Information Dispute Mediation Committee: kopico.go.kr (1833-6972)
• Supreme Prosecutors' Office Cybercrime Investigation Division: www.spo.go.kr (Call 1301)
• National Police Agency Cyber Safety Bureau: cyberbureau.police.go.kr (Call 182)

EU (GDPR)

• Data Protection Authority of each EU member state

US (CCPA)

• California Attorney General: oag.ca.gov

---

This Privacy Policy is effective as of January 5, 2026.