Go HomeLogin
Last Updated: March 24, 2026

Privacy Policy

This policy describes what data TOPIK Practice Test collects, how it is used, and how it is protected.

1. Data We Collect

  • Email address and password entered directly at sign-in/sign-up, or account identifier and email received from OAuth providers (for example, Google or Kakao)
  • Quiz/Speaking Quiz results (correct/incorrect, score, answer or spoken sentence context) and report input data
  • Transcript text converted by browser speech-recognition features when Speaking Quiz is used
  • Minimum payment metadata such as Checkout ID for payment validation
  • Guest identifiers/session identifiers used for guest access and security validation
  • Technical logs for security and incident response

2. Purposes of Use

  • Generate and deliver AI learning reports
  • Validate Speaking Quiz answers and provide learning history
  • Validate payments and manage one-time entitlement usage
  • Operate security controls and improve service quality

3. Payment Data Handling

Payments are processed by Polar, and we do not store sensitive card details such as full card number or CVC.

We process only the minimum payment information needed to verify service entitlement.

4. Third-Party Processors

  • Cloudflare (hosting/security/functions)
  • Supabase (authentication, account sessions, and database)
  • Google (OAuth login provider, and analytics/advertising tags when enabled)
  • Kakao (OAuth login provider when enabled)
  • Microsoft (Clarity analytics)
  • OpenAI (AI generation)
  • Polar (payments)
  • Resend (email delivery when enabled)

5. Browser Local Storage

Some data may be stored in localStorage/sessionStorage for report backup and user convenience.

Your cookie/advertising consent choice may be stored in the browser and used to control Google tag behavior on later visits.

In particular, guest-mode quiz and Speaking Quiz attempt history may be stored in the browser for up to 7 days and up to 10 items, while guest review-schedule data used for follow-up review may remain longer, up to 120 days.

Users can clear this data at any time through browser settings.

6. Retention and Deletion

Data without legal retention requirements is deleted or anonymized once operational purpose is fulfilled.

Signed-in learning/report data is retained for up to 24 months from creation, and may be deleted or anonymized after that period in line with operational policy.

Upon account-deletion request, signed-in account data is deleted except where legal retention obligations apply, and guest session identifiers may remain for about 30 days for security validation.

Records required for payment settlement, refunds, disputes, and accounting may be retained for about 5-10 years as required by applicable law.

Security logs are retained for abuse prevention for up to 180 days in principle and may be retained longer when needed for security incident investigation.

7. User Rights

Users may request access, correction, deletion, or restriction where applicable by law.

Requests are processed within a reasonable period after identity verification.

8. Contact

Privacy and data-rights contact: [email protected]