Privacy
Privacy Policy
This policy explains how EnneTI handles personal information and service data.
1. Core Principles
EnneTI is a self-understanding test that reads behavior patterns and inner motivations. We process data only as needed to operate the service, and we do not store raw question-by-question answers on the server by default.
This policy is written under Korean privacy law standards. Translations are provided for convenience; if meanings differ, the Korean version controls.
2. Information We Process
EnneTI does not require name, phone number, resident registration number, payment information, or member account information. Raw answers may be stored in the browser's localStorage for progress recovery, but only derived result data is sent after completion.
| Category | Items | Purpose |
|---|---|---|
| Local test progress | Question answers, progress position, selected avatar gender, test mode, temporary session ID | Resume test and calculate results |
| Completed result analytics | Country code, locale/time zone, device category, selected avatar gender, final type code, behavior code, motivation type and top 3, axis scores/letters, mixed/tied axes, quality flags, question count, duration, referrer domain, UTM fields, landing path, app/questionnaire/scoring/report versions, idempotency key | Statistics, quality checks, service improvement, duplicate prevention |
| Contact requests | Email address, message content, information voluntarily provided by the user | Respond to inquiries and rights requests |
| Security logs | IP address, User-Agent, requested URL, request time, country code, security events | Security monitoring, abuse prevention, incident response |
3. Purposes of Processing
- Provide the test, result calculation, result pages, and sharing features
- Analyze completed-result statistics and improve service quality
- Improve ad placement, share cards, multilingual content, and compatibility content
- Detect and respond to abnormal requests, automated abuse, and security threats
- Handle inquiries, bug reports, and privacy-related requests
4. Retention
| Data | Retention period |
|---|---|
| Progress data in browser localStorage | Until the user resets the test or clears browser storage |
| Derived completed-result data | Up to 24 months from collection, then deleted or converted into aggregate statistics |
| Security logs | Up to 90 days, unless a longer period is needed for incident investigation or legal reasons |
| Contact records | One year after the inquiry is resolved, unless a longer period is required for dispute handling |
| Aggregate statistics | Stored in a non-identifying form |
5. Processors and Third-Party Services
We do not sell personal information. We may use the following infrastructure or tools to operate the service.
| Provider | Purpose | Related data |
|---|---|---|
| Cloudflare, Inc. | DNS, CDN, WAF, Worker runtime, security logs | IP address, request data, country code, security events |
| Supabase, Inc. | Database hosting for completed-result analytics | Derived completed-result data |
| Google LLC | Analytics and advertising when GTM, GA, or AdSense is enabled | Cookie/ad identifiers, device/browser data, page events |
| Kakao Corp. and sharing services | Sharing when selected by the user | Shared URL, card metadata, selected recipient/service |
6. International Processing
When global providers such as Cloudflare, Supabase, or Google are used, personal information or access data may be processed on servers outside Korea. Transferred items are limited to information necessary for service operation, security, analytics, and advertising.
If you do not want such processing, you may stop using the service or restrict cookies and tracking in your browser. Some essential infrastructure processing cannot be refused without limiting service use.
7. Cookies, localStorage, and Behavioral Data
- We use localStorage to resume tests and remember language settings.
- When Google Analytics, Google Tag Manager, or Google AdSense is enabled, cookies or similar technologies may process page usage and advertising-related data.
- You can delete cookies, block third-party cookies, use private browsing, or limit ad personalization in your browser settings.
8. Automated Result Generation
EnneTI results are generated automatically by a predefined scoring logic based on user responses. The results are informational and are not designed to create legal effects or significant decisions such as medical diagnosis, counseling diagnosis, hiring, credit evaluation, or capability assessment.
You may request an explanation of the result logic by email and may retake the test at any time.
9. User Rights
You may request access, correction, deletion, suspension of processing, withdrawal of consent, or an explanation of automated processing where applicable. Because EnneTI does not operate user accounts, additional information may be needed to identify the relevant data.
- Requests can be sent to contact@enneti.io.
- Progress data stored in the browser can be deleted by clearing browser storage or using the reset function.
- Some requests may be limited where retention is required by law or necessary to protect others' rights.
10. Children Under 14
EnneTI is not primarily directed to children under 14. Children under 14 should use the service with guidance from a legal guardian.
11. Safeguards
- HTTPS, Cloudflare security policies, and API rate limits
- Data minimization and no server-side storage of raw answers
- Server secrets are not exposed to client code
- Supabase RLS, permission restrictions, and database constraints
- Least-privilege access and operational log review
12. Contact and Changes
Privacy inquiries and rights requests can be sent to contact@enneti.io.
This policy may be updated when laws, service structure, processors, or data items change. Material changes will be announced on the service or this page where practical.