Last updated: March 29, 2026
stedoo ("we", "our", "us") is operated by Tenger AI (텐저에이아이), Republic of Korea. This Privacy Policy explains what personal data we collect, how we use it, and your rights. It applies to all users of stedoo.com.
Account data: name, email address, password (hashed), locale preference, student status. Google OAuth data: email address and Google account ID (if you sign in with Google). We do not receive your Google password. Presentation content: PDF files, presentation scripts, and poll/Q&A content you create or upload. Usage data: session activity, slide navigation, Q&A interactions, poll responses, AI chat messages. Audience data: anonymous session tokens (stored as SHA-256 hashes), question author names (optional, user-provided), device identifiers for rate limiting (stored temporarily in Redis, not persisted to database). Payment data: subscription status and plan type. Payment card details are handled entirely by Paddle and are never stored on our servers. Technical data: IP addresses (for rate limiting), browser type, error logs.
We use your data to: • Provide and operate the Service (legal basis: contract performance) • Authenticate your identity and manage your account (legal basis: contract performance) • Process payments and manage subscriptions via Paddle (legal basis: contract performance) • Generate AI responses to audience questions via Gemini API (legal basis: contract performance) • Send transactional emails via Resend — account verification, password reset, team invitations (legal basis: contract performance) • Enforce usage limits by plan (legal basis: contract performance) • Improve and debug the Service (legal basis: legitimate interests) • Comply with legal obligations (legal basis: legal obligation)
We share data with the following sub-processors as necessary to operate the Service: | Processor | Purpose | Data Shared | | Paddle (paddle.com) | Payment processing, subscription management (Merchant of Record) | Email, subscription data | | Google — Gemini API | AI response generation | Presentation content (script, PDF text) | | Google — OAuth | Authentication | Email, Google account ID | | Cloudflare R2 | File storage for PDFs and processed assets | Uploaded files | | Upstash | Redis-based rate limiting and session data | Ephemeral session tokens, device IDs | | Resend (resend.com) | Transactional email delivery | Email address | | Fly.io | Cloud hosting infrastructure | All data processed on servers | We do not sell your personal data to third parties.
Account data: retained until you delete your account. Presentation data (Pro/Business plans): retained until you delete the content. Presentation data (Free plan): automatically deleted 7 days after the last live session ends. Audience session tokens: retained for the session duration and a reasonable period thereafter. AI chat logs: retained with the associated presentation data. Upon account deletion, your data is permanently deleted within 30 days.
We use cookies to: • Maintain your login session (authenticated users) • Remember your language preference (audience users, cookie-based to support server-side rendering) We do not use tracking or advertising cookies. You can disable cookies in your browser, but this may affect Service functionality.
Depending on your location, you may have the following rights: Right of access: request a copy of your personal data. Right to rectification: request correction of inaccurate data. Right to erasure: request deletion of your account and associated data. Right to data portability: request your data in a structured, machine-readable format. Right to object: object to certain processing activities. Right to restriction: request restriction of processing in certain circumstances. Requests will be processed within 10 business days (Korean PIPA requirement). Korean users: rights under the Personal Information Protection Act (PIPA / 개인정보 보호법) apply. EU/EEA users: rights under the GDPR apply. You also have the right to lodge a complaint with your local supervisory authority. To exercise your rights, contact our Privacy Officer at hello@stedoo.com.
As required under the Personal Information Protection Act (PIPA): Privacy Officer (개인정보보호책임자): Park Minjune (박민준) Email: hello@stedoo.com Organization: Tenger AI (텐저에이아이)
The Service is not directed to children under 14. We do not knowingly collect personal data from children under 14 without parental consent. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
We implement the following technical and organizational security measures: • Passwords stored as bcrypt hashes • Session tokens stored as SHA-256 hashes • Data transmitted over HTTPS/TLS • Access controls limiting data access to authorized personnel • Regular security reviews No method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
Your data may be processed on servers located outside the Republic of Korea (United States, Japan) through our service providers (Fly.io, Cloudflare, Google, Upstash). We ensure appropriate safeguards are in place in accordance with applicable data protection laws.
We may update this Privacy Policy from time to time. We will notify registered users of material changes by email or in-app notice. The updated policy will be posted on this page with a revised date.
For privacy-related inquiries or to exercise your rights: hello@stedoo.com Tenger AI (텐저에이아이) 390 Wangsimni-ro, #1315, Seongdong-gu, Seoul, Republic of Korea