Neumafit Privacy Policy

We are committed to protecting the privacy and security of your personal information. This Neumafit Privacy Policy (this “Privacy Policy”) explains how we collect, use, disclose, and safeguard your personal information when you use Neumafit Services.

By accessing or using any Neumafit Services, you acknowledge that you have read and understood this Privacy Policy and consent to collecting, using, and disclosing your personal information as described herein. This Privacy Policy is governed by and construed in accordance with the laws of the Republic of Korea, without regard to its conflict of law principles. Additionally, if you are a California resident, the state and federal laws applicable in the State of California concerning the protection of personal information will also apply to our processing of your personal information; or if you are a resident of the European Union (EU) or other regions in the European Economic Area (EEA), the General Data Protection Regulation (GDPR) will also apply to the processing of your personal information. Additionally, the Digital Services Act (DSA) may govern our obligations as a digital service provider, if applicable. We will be your data controller, and you can find our contact information in Article 12 below.

Any capitalized terms used but not defined in this Privacy Policy shall have their respective meaning ascribed in the Neumafit Terms of Use. If not defined elsewhere, such terms shall take on their generally accepted meaning. For the purposes of this Privacy Policy, “personal information” shall be construed as “personal data” for Users residing in the EU or other regions in the EEA.

1. Our legal basis for processing your personal information

  1. Neumafit relies on several legal bases to process your personal information, including:

    • your consent to the processing of your personal information;
    • processing necessary for our performance of the contract entered with you, such as the Neumafit Terms of Use or the User Agreement;

    • additional use or transfer of personal information as prescribed under the Relevant Laws; and

    • processing necessary for legal compliance, legal claims, government investigations, or other legitimate purposes (each, a “Legitimate Ground”).

  2. Any additional use or transfer of personal information above will be conducted in compliance with the following principles and limited to the minimum extent necessary:

    • Relevance to the original purpose of collection;
    • Predictability based on the circumstances or general processing practices;

    • No unjustified infringement on the rights or interests of the data subject; and

    • Implementation of safety measures, such as pseudonymization or encryption.

    If additional use and provision of personal information occur continuously, we will disclose the criteria for determining compliance with the above principles and ensure regular checks to verify adherence.

  3. You are entitled to withdraw your consent to processing your personal information at any time, which you may withdraw at any time using your App account settings and other tools. However, withdrawing your consent will not affect the lawfulness of any processing conducted before the withdrawal. We may retain your personal information collected before the withdrawal if it is necessary based on any Legitimate Grounds.

2. Our policies for children

  1. We do not process the personal information of children below the age at which consent from a Legal Representative is required by their jurisdiction’s laws, unless verifiable consent is provided by their Legal Representative. A “Legal Representative” is defined as an individual holding parental authority over the respective child in accordance with the applicable laws. We reserve the right to request and verify proof of such consent from the Legal Representative at any time. The information collected for verification purposes includes:

    • Name, date of birth, and contact information of the Legal Representative

  2. For the purpose of verifying the holder described above, Neumafit may ask the Legal Representative to indicate the consent on the App where the terms and conditions of the consent are posted and may notify the Legal Representative by phone or text message on the Legal Representative’s mobile phone that the consent has been confirmed.

  3. In addition to the consent described above, when collecting personal information of children described above for marketing purposes, we will obtain consent from their Legal Representatives in addition to and separately from the above.

3. Why do we collect your personal information?

  1. We collect your personal information so that we can:

    • Process your registration and manage your account
    • Provide you with Neumafit Services in accordance with Neumafit Terms of Use and perform our obligations under the User Agreement entered into with our Members.

    • Improve, personalize, and develop the Neumafit Services. For example, we use the information to troubleshoot and protect against errors; perform data analysis and testing; conduct research; personalize exercise and activity goals based on the User’s historical exercise or data; and develop new features and services, which may include generative artificial intelligence models.

    • Provide Neumafit Services’ community features, such as the ranking board

    • Provide User support (e.g., respond to User inquiries); or
    • Email you with event information or special offers on other products and services we think you might like.

  2. Upon your request or consent, Neumafit will disclose your information to other service providers, including those offering health-related services, to facilitate personalized care, wellness recommendations, or other relevant services.

4. What personal information do we collect?

  1. We collect the following types of personal information:

    • Personal identification information: email address, Google Sign-In or Apple Sign-In information (e.g., OAuth Token, User profile information)

    • User information: nickname, date of birth, sex, height, weight, country of residence

    • Mobile device information: data collected from the mobile device where the App is installed (e.g., device identifier, GPS data)

    • Sensitive or Special categories of personal information: race (or ethnicity) and data concerning your health or precise geolocation collected from the App (e.g., respirator frequency, breathing pattern, minute ventilation, heart rate, flight time, stiffness, vertical oscillation, balance, cadence, ground contact time, running pace, distance, and route analyzed from GPS data)

    • Other categories of information: personal information collected from your communications with Neumafit Services, such as User support interactions

  2. We collect and otherwise process your personal information when you:

    • Expressly consent to the processing of your personal information
    • Register with or log in to the App on your mobile device
    • Use our Services provided via the Pacer and the App installed on your mobile device (including automatic collection of cookies, access logs, etc.)

    • Voluntarily submit a User inquiry
  3. We may also receive your personal information indirectly from the following sources:

    • Google Inc. or Apple Inc., depending on the third-party authentication service selected by the User during login to Neumafit Services

5. For how long do we retain your personal information?

  1. Neumafit processes and retains personal information within the retention and usage period specified by the Relevant Laws or the retention and usage period agreed upon at the time of collection from the User.
  2. Please note that Neumafit is subject to the following mandatory retention period prescribed by the laws of Korea.
  3. PURPOSE OF RETENTIONLEGAL BASISSTATUTORY RETENTION PERIOD

    Records related to cancellation of contracts or subscriptions, etc.

    Act On The Consumer Protection In Electronic CommerceFive years

    Records related to the resolution of consumer complaints or disputes

    Act On The Consumer Protection In Electronic CommerceThree years
    Records related to marks and advertisementsAct On The Consumer Protection In Electronic CommerceSix months

    Books and evidential documents related to all transactions, as prescribed by tax-related statutes

    Framework Act on National TaxesFive years
    Access RecordsProtection Of Communications Secrets ActThree months
  4. Notwithstanding the forgoing, if further retention is necessary under any Legitimate Grounds, we may continue to retain your personal information for the specified duration and purpose. Once the retention period concludes or the relevant purpose is fulfilled, your personal information will be deleted in accordance with this Privacy Policy.

6. How do we destroy your personal information?

  1. Once the respective retention period expires or the purpose for collecting your personal information is fulfilled, your information will be deleted without undue delay in accordance with the following:

    • Destruction Procedure: we identify personal information for which reasons for destruction have emerged and proceed with the process under the approval of our chief privacy officer (the “CPO”).

    • Destruction Method: personal information stored electronically is rendered unrecoverable, and personal information stored in paper documents is securely destroyed through shredding or incineration.

  2. If we retain your personal information beyond the agreed retention period or after the purpose of collection has been fulfilled due to mandatory retention requirements under Relevant Laws, or other Legitimate Grounds, we will store your personal information in a separate database or at a different location, strictly for the required duration and purpose.

7. How do we share your personal information?

  1. We do not sell your personal information to any third party unless under your express request.

  2. We do not share your personal information with a third party for cross-context behavioral advertising unless under your express request or consent.

  3. We use services provided by Amazon Web Services, Inc. (the “Contractor”) to store your personal information for the provision of Neumafit Services in accordance with the following:

    • We utilize the Contractor’s computing infrastructure to store your personal information and operate our artificial intelligence-assisted analysis necessary to provide Neumafit Services. As we operate globally, your personal information may be transferred to and stored on the Contractor’s servers located in the Republic of Korea, the United States, EU, or other regions within the EEA. If you are a resident of EU or other regions within the EEA, we will rely on the European Commission’s Adequacy Decisions to lawfully transfer your data overseas.

    • The Contractor processes your personal information solely within the scope and duration necessary for the purposes listed above, pursuant to our instructions. The Contractor does not process your personal information beyond the scope of our business relationship, nor does it combine your personal information with data received from a third party.

    • The Contractor does not Sell or Share your personal information with any third party. Any changes regarding the Contractor, the scope of the entrusted work, or any engagement with another person to assist in processing your personal information will be reflected in this Privacy Policy. Regardless of such changes, any new or engaged party will be bound by the terms of this Privacy Policy.

  4. Upon your request or consent, we will transmit your personal information to other entities, including those offering health-related services, to facilitate personalized care, recommendations, or other relevant services.

  5. We may retain or disclose your personal information to courts, government entities, or other authorities to comply with the Relevant Laws or governmental requests for investigations or based on any other Legitimate Grounds.

8. How do we protect your personal information?

  1. We take the following measures to safeguard the personal information collected:

    • Administrative Measures: establishment and execution of internal management plans, operation of a department dedicated to personal-information protection, minimization of personal-information-processing staff, employee training on a regular basis, and similar measures;
    • Technical Measures: installation and operation of access-control devices, encryption of personal information, installation of security programs, encrypted communication, use of intrusion-prevention systems, and similar measures; and
    • Physical Measures: Access control to computer rooms, data storage rooms, and similar measures.
  2. In addition to the above, we conduct data protection impact assessments when our processing activities are likely to result in high risks to the rights and freedoms of individuals. Our assessments include:

    • a description of the processing activities and their purposes;
    • an assessment of the necessity and proportionality of the processing in relation to its purposes;
    • an evaluation of the potential risks to individuals’ privacy and rights; and
    • the measures we implement to mitigate identified risks and ensure compliance with applicable privacy laws.
  3. Despite the measures we take, as illustrated above, to safeguard personal information, please note that no system can guarantee absolute security. Unless attributable to our fault, we hold no responsibility for any problems arising from the disclosure of personal information caused by the User’s negligence (e.g., transfer, lending, loss of ID [e-mail], password, access medium, etc., or leaving seat while logged in) or internet issues. Our Privacy Policy does not apply to the collection of personal information on linked sites, etc., pertaining to other companies, if any.
  4. Upon any breach of data, we will notify the authorities and the affected individuals promptly in accordance with the laws of your jurisdiction.

9. How to block disclosure of sensitive personal information?

  1. Your sensitive personal information may be disclosed in the following Neumafit Services:
  2. SERVICESENSITIVE PERSONAL INFORMATIONDISCLOSUREHOW TO BLOCK DISCLOSURE

10. How to opt-out from automatic information collection?

  1. Neumafit obtains prior consent from the Legal Representative before providing personalized advertisements to children. Aside from this, Neumafit does not collect children’s behavioral information for the purpose of personalized advertisements or provide personalized advertisements to children.

  2. Neumafit may collect and use advertising identifiers in the App for personalized advertisements. Users can block or allow personalized advertisements in the App by changing the settings on their mobile devices.

    1. Blocking and allowing advertising identifiers on mobile devices:

      • (Android): Settings → Security & Privacy → Privacy → Other Privacy Settings → Ads → Reset Advertising ID or Delete Advertising ID

      • (iPhone): Settings → Privacy & Security → Tracking → Disable App Tracking

      • ※ The menu and methods may vary slightly depending on the version of the mobile operating system.

11. What are your personal information protection rights?

  1. We would like to make sure you are fully aware of all of your personal information protection rights, including the following:

    • You have the right to access your personal information that we have collected.

    • You have the right to request that we make corrections to your personal information collected.

    • You have the right to request that we delete your personal information collected, unless retaining is necessary under any Legitimate Grounds.

    • You have the right to limit the use and disclosure of your sensitive personal information to what is necessary to perform Neumafit Services, as reasonably expected by an average consumer requesting those services.

    • You have the right to restrict our processing of your personal information when:

      1. the accuracy of your personal information is contested;
      2. the processing is unnecessary or unlawful, but you prefer not to have your personal information deleted, whether for the establishment, exercise, or defense of legal claims, or for any other reason; or

      3. the verification of any Legitimate Grounds for retaining your personal information despite your objection is pending.

    • Despite any Legitimate Ground for our processing your personal information, you have the right to object to such processing unless we demonstrate a compelling legitimate ground. Notwithstanding, you have the right to object at any time to our processing of your personal information for direct marketing purposes.

    • You have the right to opt-out of any sale of your personal information or any sharing thereof with a third party for cross-context behavioral advertising.

    • You have the right to request that we transfer your personal information collected to another organization or directly to you, under certain conditions.

    • You have the right not to be discriminated against for exercising any of the rights listed under this Paragraph ①, provided that the unavailability of Neumafit Services that require the processing of your personal information, which has been restricted or deleted as a result of exercising such rights, shall not be deemed discrimination.

  2. Please note that you are entitled to withdraw your consent to our processing of your personal information at any time in accordance with the terms and conditions provided under Article 1 above.

  3. If you would like to exercise any of your personal information protection rights, please contact us using our contact information provided below. We will provide information on the action taken at your request without undue delay and in accordance with the laws of your jurisdiction. Please note that we reserve the right to request authentication from you that is reasonable in light of the nature of the request. If you have a membership account with Neumafit Services, we may require you to use that account to submit a verifiable User request.

12. How do you contact us?

  • The following person is our CPO, responsible for overseeing the overall management of personal information processing and addressing complaints and damage relief associated therewith.
    • Name:
    • Position:
    • Contact (email):
  • If you have questions about this Privacy Policy or need help exercising your privacy rights, please contact us at the address provided below:
    • [PLEASE INSERT ADDRESS]
    • Our CPO at [PLEASE INSERT EMAIL ADDRESS].

13. What are the remedies for privacy infringement?

  1. AGENCIES FOR ASSISTANCE WITH PRIVACY INFRINGEMENT IN KOREA: You can also seek dispute resolution or consultation concerning personal information infringement through institutions or agencies in Korea, including those listed below. For calls originating from outside Korea, kindly input the international calling code and the country code of Korea (082) first:

    • Personal Information Infringement Reporting Center: (without area code) 118 ( privacy.kisa.or.kr )

    • Personal Information Dispute Mediation Committee: (without area code) 1833-6972 ( www.kopico.go.kr )

    • Supreme Public Prosecutors' Office: 1301 (without area code) ( www.spo.go.kr )

    • National Police Agency: (without area code) 182 ( ecrm.cyber.go.kr )

  2. If you are a resident of EU or other regions within EEA and you wish to report a complaint or if you feel that we have not addressed your concern in a satisfactory manner, you may contact your local Data Protection Authority (DPA). For more information or to find the DPA in your country, visit:

    • European Data Protection Board (EDPB) DPA Directory:


      https://www.edpb.europa.eu/about-edpb/about-edpb/members_en

14. Languages

This Privacy Policy is available in both English and Korean. In the event of any disputes or inconsistencies between the two versions, the Korean version will take precedence if you are a national or resident of Korea, while the English version will prevail if you are neither.

15. Changes to the Privacy Policy

  • We will notify you before we make material changes to this Privacy Policy and give you an opportunity to review the revised policy before deciding if you would like to continue to use the Neumafit Services.

  • Previous versions of this Privacy Policy can be found in the link below:


    [Link]

NEUMAFIT Co., Ltd.
CEO
Jinmo Kim
Business Registration Number
149-81-02184
E-commerce Registration Number
2022-Seoul Gwanak-2176
Address
13F, Front1, 122 Mapodaero, Mapo-gu, Seoul, Republic of Korea
Phone
1522-5985
Email Support
support@neumafit.com
© 2025 NEUMAFIT&PACER. All Rights Reserved.