AURUM

Privacy Policy

Effective date: 2026-06-17 · This policy reflects Korea’s Personal Information Protection Act (PIPA) and the Protection of Communications Secrets Act. The Korean version is authoritative.

think HOW's (생각하는집; Representative: Kim Seon-ho · Business Reg. No. 409-29-20790) (the “Company”) provides the messenger service AURUM (the “Service”) and treats your personal information with care. AURUM is designed so it does not need to know who you are. We do not collect a phone number, real name, or email at sign-up, and we cannot read the contents of your 1:1 and small-group chats. This policy explains exactly what we do and do not collect.

Honest notice: AURUM does not claim that “no one can ever know you.” We only designed it so that AURUM itself cannot know your identity. Third parties such as carriers or payment processors, or a compromise of the device itself, fall outside this design.

1. The structure of identity — what we don’t take

  • An AURUM account is a cryptographic key pair (public key) your app generates on your device. The public key is your account; we do not collect a phone number, real name, email, or national ID number.
  • There is no password login. Authentication uses the private key stored on your device (and Passkeys).
  • As a result, the Company’s database stores “public keys,” not “people.” This is a database-level fact, not marketing copy.

2. Personal information we process

CategoryItemsWhen collectedPurpose
Account identifierDevice-generated public key, your chosen @handle, display name / status message (encrypted)At sign-upService delivery, message routing
Device infoPush token (FCM/APNs), device identifier and nameWhen using pushSending notifications
Access logsIP address, access timeOn access (auto-generated by server)Legal retention duty, security and abuse response
DiagnosticsApp error / crash logsOn error (optional)Bug fixing and stability (no IP or user identifier)
Identity verification (optional)See section 3Only if you choose verificationAge check, trust mark
Payment (optional)Payment token issued by the processor, transaction recordsOn paid purchasePayment processing, legal record-keeping (no card number / CVV)
Content1:1 & small-group: end-to-end encrypted, unreadable by the Company / Open chat: processable by server / reported contentDuring useMessage delivery, open-chat operation, abuse handling

What we do not collect

  • Phone number, real name, email, address book (no contact upload), location, or advertising identifiers.
  • The contents of 1:1 and small-group chats (end-to-end encrypted — the server only relays ciphertext it cannot decrypt).
  • Data for ads or third-party tracking (we don’t show ads and don’t sell data).

3. Identity verification (optional) — “verify, then discard”

  • Identity verification is optional. All core and safety features work equally without it.
  • If you choose it, the real name, national ID number, and phone number received from an external verification agency are immediately discarded, not stored.
  • The Company keeps only: a hash of the duplicate-join identifier (DI), whether you are 18+, birth year, gender, and trust level.

4. End-to-end encryption and its boundary (honest notice)

  • 1:1 and small-group chats: end-to-end encrypted. Keys exist only on user devices; the Company’s servers cannot decrypt the contents.
  • Open chat (public rooms, polls, public profiles): because many people take part, it operates in a way where the server can read the contents (encrypted at rest but decryptable by the Company). The app shows a notice of this. Open chat is not end-to-end encrypted.
  • Media, albums, and work notes are encrypted on the device before storage and cannot be scanned by the Company (open-chat media is an exception for reporting/operation).

5. Retention period

  • Access logs (IP, access time): retained for 12 months under Article 15-2 of the Protection of Communications Secrets Act and its enforcement decree, then destroyed. This is a legal duty; not used for marketing or tracking.
  • Account info: destroyed without delay upon account deletion (except items with a legal retention duty).
  • Payment / transaction records: retained for periods set by law (e.g., 5 years for contract/withdrawal and payment records).
  • Diagnostic / crash logs: destroyed after the period needed to resolve issues (typically 90 days). No user identifier.
  • Messages: server retention is minimized after delivery (temporary hold for offline delivery, then processed).

6. Third-party provision and processing

  • The Company does not sell your personal information or provide it to third parties for advertising.
  • We may entrust the following to the extent needed to run the Service (only necessary items):
    • Cloud infrastructure: Google Cloud Platform (GCP) — hosting and storage.
    • Push notifications: Apple (APNs), Google (FCM) — push tokens for delivery.
    • Payments: we currently offer no paid features. If introduced, we will disclose the payment processor(s) and Apple In-App Purchase here (card data held by the processor, not the Company).
    • Identity verification: we currently offer no identity verification. If introduced, we will disclose the agency; only if chosen, we receive only the result (hash, age).
  • We comply with lawful requests (e.g., warrants). However, we structurally hold little information, and we cannot provide what we do not hold (such as 1:1/small-group chat contents). We can provide only what we actually hold (e.g., account existence, sign-up/access logs).

7. Overseas transfer

Not applicable — the Company’s servers and infrastructure are located in Korea (Google Cloud Platform, Seoul region).

8. Your rights

  • You may request access, correction, deletion, or suspension of processing of your personal information.
  • Account deletion is available in the app; account info is destroyed on deletion (except legally retained items).
  • Children under 14 cannot sign up for the Service, and the Company does not knowingly collect personal information from children under 14.

9. Security measures

  • End-to-end encryption for 1:1/small-group chats, encryption at rest (AES-256-GCM), transport encryption (TLS), access control, and data minimization.
  • There is no password, so there is no password-leak risk; authentication is device-key and Passkey based.

10. Data Protection Officer and contact

  • Data Protection Officer: Kim Seon-ho (Representative)
  • Contact (email): k330sh71@gmail.com
  • Address: 17 Irok-ro, Jangan-gu, Suwon-si, Korea
  • Korean reporting bodies: Personal Information Dispute Mediation Committee (1833-6972), Privacy Infringement Report Center (118).

11. Changes to this policy

If we change this policy, we will give advance notice in the app or on this page.

See also: Support · Home