Privacy Policy

Last updated: April 27, 2026 · Effective date: April 27, 2026

Bewibe Co., Ltd. ("Bewibe," "we," "us," or "our") operates the TUUN mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use the App. By using the App, you consent to the data practices described in this policy.

For purposes of this Privacy Policy, "personal information" or "Personal Data" means any information that identifies, relates to, describes, or could reasonably be linked, directly or indirectly, with a particular individual. The terms are used interchangeably and include "personal data" under PDPA / APP / Philippine DPA, "personal information" under CCPA/CPRA, and equivalent definitions in other applicable laws.

We are committed to protecting your privacy and handling your data in accordance with applicable privacy laws, including the California Consumer Privacy Act (CCPA/CPRA), Singapore's Personal Data Protection Act (PDPA), Australia's Privacy Act 1988, Malaysia's Personal Data Protection Act 2010, and the Philippines' Data Privacy Act of 2012.

Please read this policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access or use the App.

Scope and HIPAA

TUUN is a consumer wellness application. TUUN is not a HIPAA-covered entity, and the health information you provide to us is not Protected Health Information (PHI) as defined under the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA). Although we voluntarily apply enhanced safeguards to your health and genetic data (as described in Section 9), the regulatory regime governing our processing of your data is consumer privacy law (CCPA/CPRA, PDPA, APP, and other jurisdiction-specific frameworks), not HIPAA. If you wish to share medical records that are subject to HIPAA, please consult your healthcare provider regarding their disclosure obligations.

"We do not sell or share your personal information"

Bewibe does not sell your personal information, and we do not share your personal information for cross-context behavioral advertising (as those terms are defined under California law). We do not authorize third parties to use your information for their own marketing purposes.

1. Information We Collect

We collect information that you provide directly, information collected automatically through your use of the App, and information obtained from third-party services you connect to the App. The categories of information we collect include:

Sources of Personal Data

We obtain Personal Data from the following sources:

Directly from you. Information you provide when creating an account, uploading blood test images, importing genetic files (e.g., 23andMe-compatible raw data), entering medication or supplement records, or interacting with the AI assistant.
Automatically through your use of the App. Device locale and timezone, push notification tokens, App version, and basic operational metadata generated as you use the App.
From third-party services you connect.
- Apple HealthKit — with your explicit, per-data-type permission, we read health and fitness metrics you have logged in Apple Health.
- RevenueCat — subscription status and purchase receipts associated with an anonymized user identifier (we do not receive your Apple ID payment details).
- Apple Sign-In — an authentication token tied to your Apple ID. We do not receive your Apple ID password or any biometric data (Face ID / Touch ID is processed locally on your device).
From publicly available sources. We do not collect Personal Data about you from publicly available sources.

1.1 Account Information

Email address
Authentication tokens generated through Apple Sign-In
AWS Cognito user identifiers

1.2 Apple HealthKit Data

Apple HealthKit Disclosure: TUUN integrates with Apple HealthKit to read health and fitness data from your device. We access HealthKit data only with your explicit permission, and solely for the purpose of providing personalized health insights. HealthKit data is never used for advertising, is never sold to third parties, and is never shared with third parties for marketing or advertising purposes.

With your explicit consent, TUUN may read the following HealthKit data types:

Data Type	Purpose
Heart Rate	Monitor cardiovascular trends, detect anomalies, and provide heart health insights
Resting Heart Rate	Assess baseline cardiovascular fitness and recovery status
Heart Rate Variability (HRV)	Evaluate autonomic nervous system balance, stress levels, and recovery
Blood Oxygen Saturation (SpO2)	Monitor respiratory wellness and oxygen delivery efficiency
Respiratory Rate	Track breathing patterns and respiratory health trends
Body Temperature	Detect temperature variations that may indicate illness or cycle tracking
Steps	Measure daily physical activity levels and movement patterns
Active Energy Burned	Quantify energy expenditure during physical activities
Sleep Analysis	Analyze sleep duration, quality, and stages for recovery insights
Workout Data	Review exercise sessions, duration, and intensity for fitness tracking
Dietary Energy	Correlate caloric intake with activity and health goals
VO2 Max	Assess cardiorespiratory fitness levels over time
Body Mass	Track weight trends in relation to health goals
Body Fat Percentage	Monitor body composition changes alongside fitness activities

HealthKit data is read from your device and may be transmitted to our servers solely to generate AI-powered health insights for you. You may revoke HealthKit access at any time through your device's Settings > Privacy & Security > Health > TUUN.

1.3 Blood Test Results

You may upload photographs of blood test results. These images are processed using optical character recognition (OCR) to extract test values. The extracted data is stored in our database to provide longitudinal health tracking and AI-generated analysis. Original images may be temporarily stored for processing and are deleted after extraction is complete.

1.4 Genetic Analysis Data

You may provide genetic data, including genetic markers and single nucleotide polymorphism (SNP) data, for personalized health insights. This data is treated as sensitive personal information and is subject to enhanced security measures.

Scope of Data Sent to AI (Anthropic Claude API):

What we send: The minimum SNP genotype data required for analysis (up to 45 SNPs per request), blood test values, and relevant health metrics.
What we never send: Your name, user ID, email address, age, gender, disease history, device information, or IP address are never transmitted to the AI service.

Genetic data is classified as sensitive personal information requiring explicit, separate consent. Consent is not pre-selected — you must actively opt in through a dedicated consent screen.

1.5 Medication Data

You may input medication schedules, dosages, and medication logs. This data is used to provide medication reminders and to contextualize health insights.

1.6 Usage Data

Chat history with the AI assistant
AI-generated health summaries and analyses
Widget configurations and preferences

1.7 Device Information

Push notification tokens (for delivering notifications)
Device locale and timezone (to localize content and schedule reminders)

2. How We Use Your Information

We use the information we collect for the following purposes:

Provide and operate the App: Deliver core features including health data visualization, trend analysis, blood test tracking, genetic analysis, medication reminders, and AI-powered health insights.
Personalize your experience: Tailor health insights and recommendations based on your health data, preferences, and history.
AI-powered analysis: Process your health data, blood test results, genetic data, and chat messages through our AI system to generate personalized insights (see Section 3).
Communication: Send push notifications for medication reminders, health alerts, and important app updates.
Improvement and research: Analyze aggregate, de-identified usage patterns to improve App functionality and user experience. We do not use individually identifiable health data for research without your explicit consent.
Security and fraud prevention: Detect and prevent unauthorized access, abuse, or security incidents.
Legal compliance: Comply with applicable laws, regulations, and legal processes.

Marketing and Promotional Communications

At present, TUUN sends only operational communications via push notification (medication reminders, health alerts, scheduled reports, and critical app updates). We do not send promotional emails or SMS marketing.

If we introduce marketing communications in the future, we will ask for your opt-in consent first, and every marketing message will include clear unsubscribe instructions. You can manage or stop communications at any time:

Push notifications: device Settings → Notifications → TUUN, or in-App settings.
Future emails: click the "unsubscribe" link in the email footer.
All channels: email social@tuunclub.com with the subject "Stop Communications".

Anonymized and Aggregated Data

We may use anonymized, de-identified, or aggregated information for any purpose permitted by applicable law, including analytics, research, product improvement, and business intelligence. Such information cannot reasonably be used to identify any individual user and is not subject to the restrictions of this Privacy Policy.

3. AI-Powered Features

TUUN uses artificial intelligence to provide health insights and analysis. It is important you understand how this works:

3.1 How AI Processing Works

When you interact with TUUN's AI assistant or request health analyses, your relevant data (including chat messages, health metrics, blood test results, and genetic data as applicable) is sent to Anthropic's Claude API for processing. Anthropic processes this data on its servers to generate responses, which are then returned to you through the App.

3.2 AI Data Handling

Data sent to Anthropic for processing is subject to Anthropic's Privacy Policy and their data handling commitments.
Anthropic does not use data submitted through our API to train its models.
AI-generated responses, summaries, and analyses are stored in our systems as part of your account data.
Chat history with the AI is retained until you delete it or delete your account.

Automatic Data Deletion: Data sent to Anthropic's Claude API for processing is automatically deleted within 30 days. Anthropic does not use your data to train its AI models.

3.3 AI Limitations

Important: AI-generated content in TUUN is for informational and educational purposes only. It does not constitute medical advice, diagnosis, or treatment. Always consult a qualified healthcare professional before making decisions about your health based on information provided by the App.

3.4 Your Rights Regarding AI Data

You have the right to:

Delete your chat history with the AI at any time through the App's settings.
Request deletion of all AI-generated summaries and analyses associated with your account.
Opt out of AI-powered features (note: this will limit core App functionality).

4. Data Sharing and Third Parties

We do not sell your personal information. We share information only in the following limited circumstances:

4.1 Service Providers

Provider	Service	Data Shared
Amazon Web Services (AWS)	Cloud infrastructure: Lambda (serverless computing), DynamoDB (database), S3 (file storage), Cognito (authentication)	All app data is stored and processed on AWS infrastructure in the ap-northeast-1 (Tokyo, Japan) region
Anthropic (Claude API)	AI chat processing and health analysis	Chat messages, relevant health data for analysis context (transmitted for processing; not stored by Anthropic for training)
Apple HealthKit	Health data source	Read-only access; TUUN reads data from HealthKit but does not write data back
RevenueCat	Subscription management	Anonymized user identifier, subscription status, purchase receipts
Tally.so	Contact forms (website only; not integrated in the App)	Name, email, and message content submitted through website contact forms

4.2 Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Bewibe, our users, or the public.

4.3 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice in the App prior to any such transfer and any resulting change in applicable privacy practices.

5. International Data Transfers

TUUN is operated by Bewibe Co., Ltd., a company based in Japan. Your personal data is primarily stored on AWS servers located in the ap-northeast-1 region (Tokyo, Japan).

If you are accessing the App from outside Japan, please be aware that your data is transferred to and processed in Japan. Japan has been recognized by several jurisdictions as providing an adequate level of data protection. Specifically:

Japan's Act on the Protection of Personal Information (APPI) provides comprehensive data protection standards.
The European Commission has recognized Japan as providing an adequate level of data protection.

When data is sent to Anthropic for AI processing, it may be processed in the United States or other locations where Anthropic operates servers. Anthropic maintains appropriate data protection measures as described in their privacy policy.

By using the App, you consent to the transfer of your information to Japan and, for AI processing, to the United States or other jurisdictions where our service providers operate.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

Account data: Retained for the duration of your account and for up to 30 days after account deletion to facilitate recovery requests.
Health and medical data (HealthKit data, blood test results, genetic data, medication data): Retained for the duration of your account. Deleted within 30 days of account deletion.
AI chat history: Retained until you delete it through the App or until account deletion.
AI-generated summaries: Retained for the duration of your account.
Device tokens: Updated with each App session; previous tokens are overwritten.
Server logs: Retained for up to 90 days for security and debugging purposes, then automatically purged.

When data is deleted, we take reasonable steps to ensure it is removed from our active systems. Residual copies in backup systems are purged within 90 days of deletion from active systems.

Account Deletion: When you delete your account, all data on our servers is permanently deleted. Backup copies are completely purged within 90 days.

Genetic Data Only Deletion: You may request deletion of your genetic data separately without deleting your account. Genetic data will be completely deleted within 14 days of receiving your request.

7. Your Rights

Depending on your jurisdiction, you may have various rights regarding your personal information. This section outlines your rights under the laws of specific jurisdictions. To exercise any of these rights, please contact us at social@tuunclub.com.

Anti-Discrimination Policy for Genetic Data: Your genetic data will never be used or disclosed for:

Insurance underwriting or premium calculations
Employment decisions, hiring, or performance evaluations
Credit assessments by financial institutions
Any form of discrimination based on genetic predispositions

7.1 For All Users

Regardless of your location, you may:

Request access to your personal data by emailing social@tuunclub.com. We will provide a copy in a commonly used, machine-readable format (e.g., JSON) within 30 days.
Request deletion of your account and associated data.
Withdraw consent for HealthKit data access through your device settings.
Delete your AI chat history through the App.
Opt out of push notifications through your device settings.

7.2 For California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

Categories of Personal Information Collected

Under CCPA categories, we collect:

Identifiers: Email address, unique personal identifiers (Cognito user ID), device identifiers.
Personal information under Cal. Civ. Code 1798.80(e): Name (if provided), health-related information.
Protected classification characteristics: Not intentionally collected.
Commercial information: Subscription purchase history (processed by RevenueCat).
Biometric information: We do not collect biometric identifiers or templates. The App offers an optional biometric app-lock feature using Apple's LocalAuthentication framework (Face ID, Touch ID, or Optic ID), but this is processed entirely on your device by iOS — TUUN only receives a yes/no authentication result and never receives biometric scans, faceprints, or fingerprint data. The same applies to Apple Sign-In.
Internet or electronic network activity: App usage data, chat history.
Geolocation data: Timezone and locale only (not precise geolocation).
Sensory data: Not collected.
Professional or employment information: Not collected.
Education information: Not collected.
Inferences: AI-generated health insights and analyses drawn from your data.
Sensitive personal information: Health data (HealthKit, blood test results, genetic data, medication data). This data is processed solely for the purpose of providing services you request and is not used for any purpose other than providing the App's health analysis features.

Your California Rights

Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose for collection, and the categories of third parties with whom we share it.
Right to Delete: You have the right to request that we delete any personal information we have collected from you, subject to certain exceptions.
Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you.
Right to Opt-Out of Sale/Sharing: We do not sell or share (as defined by CCPA/CPRA) your personal information for cross-context behavioral advertising. Therefore, there is no need to opt out.
Right to Limit Use of Sensitive Personal Information: We use sensitive personal information (health data) only for the purposes of providing the App's services as requested by you.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

We do not sell or share personal information. Bewibe does not sell personal information to third parties. We do not share personal information for cross-context behavioral advertising purposes.

To submit a CCPA/CPRA request, email us at social@tuunclub.com with the subject line "CCPA Request." We will verify your identity before processing your request and respond within 45 days.

7.3 For Singapore Residents (PDPA)

If you are located in Singapore, the following applies under the Personal Data Protection Act 2012 (PDPA):

Purpose of Collection: We collect and use your personal data for the purposes described in Sections 1 and 2 of this Privacy Policy. We will not use your data for purposes beyond those disclosed without obtaining your further consent.
Consent: By using the App and providing your personal data, you consent to the collection, use, and disclosure of your data as described in this policy. For HealthKit data and sensitive health information, we obtain your explicit consent through in-app permission prompts.
Cross-Border Transfer: Your personal data is stored in Japan (AWS Tokyo region). Data may also be processed in the United States by Anthropic for AI features. We take reasonable steps to ensure that overseas recipients of your data are bound by legally enforceable obligations to provide a standard of protection comparable to Singapore's PDPA.
Access and Correction: You have the right to request access to and correction of your personal data held by us. We will respond to your request as soon as reasonably possible, and in any event within 30 days.
Withdrawal of Consent: You may withdraw your consent for the collection, use, or disclosure of your personal data at any time by contacting us at social@tuunclub.com. Please note that withdrawal of consent may affect our ability to provide certain features of the App. We will inform you of the likely consequences of withdrawal before processing your request.
Data Protection Officer: For any inquiries or complaints relating to your personal data, please contact our Data Protection Officer at social@tuunclub.com.

7.4 For Australian Residents (Privacy Act 1988)

If you are located in Australia, the following applies under the Privacy Act 1988 and the Australian Privacy Principles (APPs):

APP Compliance: Bewibe is committed to complying with the Australian Privacy Principles in our handling of your personal information.
Types of Personal Information: We collect the categories of personal information described in Section 1 of this Privacy Policy, including sensitive information such as health data (HealthKit data, blood test results, genetic information, and medication data). We only collect sensitive information with your consent.
Purpose of Collection: We collect personal information only for the purposes described in Section 2. We will not use or disclose personal information for a purpose other than the primary purpose of collection unless you consent, or a permitted general situation or permitted health situation applies.
Disclosure to Overseas Recipients: Your personal information is stored and processed in Japan (AWS ap-northeast-1, Tokyo region). For AI processing features, data may be transmitted to Anthropic's servers, which may be located in the United States. Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient does not breach the APPs in relation to that information.
Access and Correction: You have the right to request access to your personal information and to request correction of any inaccurate, out-of-date, incomplete, irrelevant, or misleading information. We will respond to access requests within 30 days.
Complaints: If you believe we have breached the APPs, you may lodge a complaint with us at social@tuunclub.com. We will investigate and respond within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

7.5 For Malaysian Residents (PDPA 2010)

If you are located in Malaysia, the following applies under the Personal Data Protection Act 2010:

Data Processing Principles

We adhere to the seven data protection principles under Malaysia's PDPA:

General Principle: We process your personal data only with your consent and for lawful purposes.
Notice and Choice Principle: This Privacy Policy serves as our notice to you regarding the processing of your personal data. You are informed of the purposes and your rights herein.
Disclosure Principle: We do not disclose your personal data for purposes other than those described in this policy or for which you have given consent.
Security Principle: We implement appropriate technical and organizational measures to protect your personal data (see Section 9).
Retention Principle: We retain personal data only for as long as necessary for the purposes described (see Section 6).
Data Integrity Principle: We take reasonable steps to ensure your personal data is accurate, complete, not misleading, and kept up to date.
Access Principle: You have the right to access and correct your personal data held by us.

Your Malaysian Rights

Right to Access: You may request access to your personal data that we hold.
Right to Correct: You may request that we correct any personal data that is inaccurate, incomplete, misleading, or not up to date.
Right to Withdraw Consent: You may withdraw your consent to the processing of your personal data. This may limit our ability to provide certain App features.
Right to Prevent Processing: You may request that we cease or not begin processing your personal data if it is causing or likely to cause unwarranted substantial damage or distress.

Cross-Border Transfer: Your personal data is transferred to and stored in Japan. Data may also be processed in the United States for AI features. We ensure that adequate safeguards are in place to protect your personal data when transferred outside Malaysia, in compliance with Section 129 of Malaysia's PDPA 2010.

For data protection inquiries, contact us at social@tuunclub.com.

7.6 For Philippine Residents (Data Privacy Act of 2012)

If you are located in the Philippines, the following applies under Republic Act No. 10173 (Data Privacy Act of 2012) and its implementing rules and regulations:

Data Processing Principles

We process your personal information in adherence to the principles of transparency, legitimate purpose, and proportionality.

Your Rights as a Data Subject

Right to Be Informed: You have the right to be informed of the collection and processing of your personal data, including the purposes, scope, method of processing, recipients, and your rights. This Privacy Policy serves as our primary means of providing this information.
Right to Access: You have the right to obtain from us a copy of your personal data that is being processed, as well as information regarding the manner in which such data was collected, the recipients, and the purposes of processing.
Right to Object: You have the right to object to the processing of your personal data, including processing for direct marketing, automated processing, or profiling.
Right to Erasure or Blocking: You have the right to request the removal or destruction of your personal data from our systems, particularly when the data is incomplete, outdated, false, unlawfully obtained, no longer necessary for the purposes for which it was collected, or when you withdraw consent.
Right to Rectification: You have the right to dispute the inaccuracy or error in your personal data and have it corrected immediately, unless the request is vexatious or otherwise unreasonable.
Right to Data Portability: You have the right to obtain your personal data in an electronic or structured format that is commonly used and allows for further use. You may request that we transmit your data directly to another data controller where technically feasible.
Right to File a Complaint: You have the right to lodge a complaint before the National Privacy Commission (NPC) if you believe your data privacy rights have been violated.
Right to Damages: You have the right to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal data.

Cross-Border Transfer

Your personal data is transferred to and stored in Japan. For AI processing, data may be transferred to the United States. These transfers are conducted with appropriate safeguards and in compliance with NPC Circular No. 2022-01 on cross-border transfer of personal data.

Breach Notification

In the event of a personal data breach that is likely to cause serious harm to affected data subjects, we commit to notifying the National Privacy Commission (NPC) and affected individuals within 72 hours of becoming aware of the breach, in accordance with NPC Circular No. 16-03.

Data Breach Response

In the event of a personal data breach that poses a risk to your rights:

We will notify the relevant data protection authority within 3-5 business days of discovery (preliminary report), with a full report within 30 days (60 days for unauthorized access incidents).
We will notify affected users without undue delay if the breach is likely to result in high risk to your rights and freedoms.
For users in the Philippines: We will notify the National Privacy Commission (NPC) within 72 hours as required by the Data Privacy Act of 2012.

8. Children's Privacy

TUUN is not directed at children under the age of 13 (or the minimum age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at social@tuunclub.com. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information as promptly as possible.

Cookies and Similar Technologies

Within the App (iOS)

The TUUN iOS app is a native application and does not use browser cookies. To provide core functionality, the App integrates the following SDKs and frameworks:

Apple Sign-In and AWS Cognito SDK — secure authentication.
RevenueCat SDK — subscription status and entitlement management.
Apple HealthKit framework — reads health data with your explicit, per-type permission.

The App does not include third-party advertising SDKs, behavioral analytics SDKs, cross-app trackers (e.g., IDFA-based tracking), or marketing pixels.

On Our Website (tuunclub.com)

Our website is hosted on Shopify and uses the following:

Strictly necessary cookies — for cart and session functionality (e.g., cart_currency). Disabling these will impair website functionality.
Shopify Web Pixels — Shopify's first-party analytics for storefront visit metrics. These are governed by Shopify's privacy practices and do not transmit data to advertising networks.
Google Fonts — for font delivery via fonts.googleapis.com; no personal data is exchanged beyond standard HTTP request metadata.

You can manage browser cookies through your browser's privacy settings. Disabling cookies may affect basic website functionality such as cart persistence.

We do not use cookies or similar technologies for cross-context behavioral advertising or for selling/sharing your information with advertising networks.

9. Security Measures

We implement a range of technical and organizational security measures to protect your personal information, including:

Encryption in transit: All data transmitted between the App and our servers is encrypted using TLS 1.2 or higher.
Encryption at rest: Data stored in our databases and file storage systems is encrypted using AES-256 encryption.
Authentication security: User authentication is managed through Apple Sign-In and AWS Cognito with industry-standard security protocols.
Access controls: Access to personal data within our organization is restricted to authorized personnel on a need-to-know basis.
Infrastructure security: Our AWS infrastructure is configured with security best practices, including VPC isolation, IAM policies, and security monitoring.
Regular security reviews: We periodically review and update our security measures to address emerging threats.

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

Update the "Last updated" date at the top of this policy.
Notify you through the App or via email for significant changes.
Obtain your consent again where required by applicable law.

We encourage you to review this policy periodically. Your continued use of the App after changes are posted constitutes your acceptance of the revised policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Bewibe Co., Ltd.
Representative: Ryo Sasaki
Address: Yokotera-cho 31, Suiryo 204, Shinjuku-ku, Tokyo, Japan
Email: social@tuunclub.com

For jurisdiction-specific inquiries:

CCPA/CPRA requests (California): social@tuunclub.com with subject line "CCPA Request"
PDPA inquiries (Singapore): social@tuunclub.com with subject line "PDPA Inquiry"
APP complaints (Australia): social@tuunclub.com with subject line "Privacy Complaint (AU)." You may also contact the OAIC at www.oaic.gov.au
PDPA inquiries (Malaysia): social@tuunclub.com with subject line "PDPA Inquiry (MY)"
DPA inquiries (Philippines): social@tuunclub.com with subject line "DPA Inquiry (PH)." You may also contact the National Privacy Commission at www.privacy.gov.ph

We will endeavor to respond to all inquiries within 30 days of receipt.