Privacy Policy

Aligndy Co., Ltd. (hereinafter referred to as the "Company") establishes and discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act( 「개인정보 보호법」 제30조) to protect the personal information of data subjects and to promptly and smoothly handle related grievances.

Article 1 (Purpose of Personal Information Processing)

The Company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and should the purpose of use change, necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act, will be implemented.

  1. Membership Registration and Management for the Seouldrip Service

    Personal information is processed for the purposes of confirming the intent to sign up for membership, identifying and authenticating individuals for membership services, maintaining and managing membership qualifications, preventing fraudulent use of services, verifying the consent of a legal representative when processing the personal information of children under 14, providing various notices and notifications, and handling grievances.

  2. Provision of Community Services

    Personal information is processed for the purposes of providing content, creating and managing posts, writing comments, providing customized services, identity verification, age verification, and statistics on community activities.

  3. Grievance Handling

    Personal information is processed for the purposes of verifying the identity of complainants, confirming the details of complaints, contacting and notifying for fact-finding investigations, and informing of processing results.

Article 2 (Processing and Retention Period of Personal Information)

  1. The Company processes and retains personal information within the retention and use period stipulated by law or the period agreed upon by the data subject when collecting the personal information.

  2. The specific processing and retention periods for each type of personal information are as follows:

  3. Membership Registration and Management: Until membership withdrawal from the Seouldrip service.

    However, in the following cases, the information will be retained until the end of the relevant period:

    • If an investigation or inquiry regarding a violation of related laws is in progress: Until the investigation or inquiry is concluded.
    • If any outstanding claims or debts from service use remain: Until the settlement of such claims or debts.
  4. Retention under the Act on Consumer Protection in Electronic Commerce, etc.

    • Records on display and advertising: 6 months
    • Records on contracts or withdrawal of offers: 5 years
    • Records on payment and supply of goods: 5 years
    • Records on consumer complaints or dispute resolution: 3 years
  5. Retention under the Protection of Communications Secrets Act

    • Login records: 3 months

Article 3 (Provision of Personal Information to Third Parties)

  1. The Company provides personal information to third parties only in cases that fall under Article 17 and Article 18 of the Personal Information Protection Act, such as with the data subject's consent or special provisions in the law.

  2. The Company currently does not provide personal information to third parties.

Article 4 (Consignment of Personal Information Processing)

  1. For the smooth processing of personal information tasks, the Company consigns the processing of personal information as follows:

  2. Consignee (Trustee): Amazon Web Services (AWS)

  3. Content of consigned tasks: Server infrastructure operation and data storage

  4. When concluding a consignment contract, in accordance with Article 26 of the Personal Information Protection Act, the Company specifies in documents such as the contract matters regarding the prohibition of processing personal information for purposes other than performing the consigned tasks, technical and administrative protective measures, restrictions on re-consignment, management and supervision of the consignee, and liability for damages. The Company also supervises whether the consignee processes personal information safely.

  5. If the content of the consigned tasks or the consignee changes, we will disclose it without delay through this Privacy Policy.

Article 5 (Rights and Obligations of Data Subjects and Their Legal Representatives, and Methods of Exercising Them)

  1. Data subjects may exercise their personal information protection rights against the Company at any time.

  2. Request access to personal information

  3. Request correction if there are errors

  4. Request deletion

  5. Request suspension of processing

  6. The exercise of rights under Paragraph 1 may be made to the Company in writing, by e-mail, or by fax (FAX) in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act, and the Company will take action without delay.

  7. The exercise of rights under Paragraph 1 may be done through an agent, such as a legal representative of the data subject or a person who has been delegated authority. In this case, a power of attorney in the form of Attachment No. 11 of the "Public Notice on Personal Information Processing Methods (No. 2020-7)" must be submitted.

  8. The right to request access to and suspension of processing of personal information may be restricted under Article 35(4) and Article 37(2) of the Personal Information Protection Act.

  9. A request for correction and deletion of personal information cannot be made if the personal information is specified as a subject of collection in other laws.

Article 6 (Items of Personal Information Processed)

  1. The Company processes the following personal information items:

  2. Seouldrip Membership Registration and Management

    • Required items: E-mail address, password, nickname
    • Optional items: Profile picture
  3. Information automatically generated and collected during service use

    • IP address, cookies, MAC address, service usage records, visit records, fraudulent usage records, etc.

Article 7 (Destruction of Personal Information)

  1. When personal information becomes unnecessary, such as upon the expiration of the retention period or the achievement of the processing purpose, the Company shall destroy the relevant personal information without delay.

  2. If personal information must be preserved according to other laws despite the expiration of the retention period agreed upon by the data subject or the achievement of the processing purpose, such personal information is moved to a separate database (DB) or stored in a different location.

  3. The procedure and method for destroying personal information are as follows:

  4. Destruction Procedure

    • The Company selects the personal information for which a reason for destruction has occurred and destroys the personal information with the approval of the Company's Personal Information Protection Officer.
  5. Destruction Method

    • Information in electronic file format is destroyed using a technical method that makes the records irreproducible.
    • Personal information printed on paper is destroyed by shredding or incineration.

Article 8 (Measures to Ensure the Security of Personal Information)

The Company takes the following measures to ensure the security of personal information:

  1. Minimization and Training of Staff Handling Personal Information
  2. Restricting Access to Personal Information
  3. Storing and Preventing Forgery of Access Logs
  4. Encryption of Personal Information
  5. Technical Measures Against Hacking
  6. Physical Measures for Secure Storage of Personal Information

Article 9 (Personal Information Protection Officer)

  1. The Company is responsible for the overall management of personal information processing and designates a Personal Information Protection Officer as follows to handle complaints and provide remedies for damages to data subjects related to personal information processing.

Personal Information Protection Officer

  1. Data subjects may contact the Personal Information Protection Officer for all inquiries, complaint handling, and damage remedies related to personal information protection that arise while using the Company's services (or business). The Company will respond to and process inquiries from data subjects without delay.

Article 10 (Changes to the Privacy Policy)

  1. This Privacy Policy is effective from October 1, 2025.

  2. Previous versions of the Privacy Policy can be found below.

Article 11 (Requests for Access to Personal Information)

Data subjects may submit requests for access to personal information under Article 35 of the Personal Information Protection Act to the following department.

Department for Receiving and Processing Requests for Access to Personal Information

Article 12 (Remedies for Infringement of Rights)

Data subjects may apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee, the KISA Personal Information Infringement Report Center, etc., for remedies regarding personal information infringements.

  • Personal Information Dispute Mediation Committee: 1833-6972 (without area code) (www.kopico.go.kr)
  • KISA Personal Information Infringement Report Center: 118 (without area code) (privacy.kisa.or.kr)
  • Supreme Prosecutors' Office Cybercrime Investigation Division: 1301 (without area code) (www.spo.go.kr)
  • National Police Agency Cyber Bureau: 182 (without area code) (ecrm.cyber.go.kr)