Privacy Policy

Article 1 (Purpose of Processing Personal Information)

The Company processes personal information for the following purposes and will not use the collected personal information for purposes other than those specified.

• Membership registration and management: identity verification, providing membership services, preventing fraudulent use, notices and notifications, dispute resolution, etc.
• Service provision: content delivery, personalized service provision, payment and settlement, customer support, etc.
• Marketing and advertising use: development of new services, provision of event and promotional information (only with prior consent)

Article 2 (Personal Information Items Processed)

The Company collects the following personal information during membership registration and service use.

Article 3 (Processing and Retention Period of Personal Information)

• Immediately destroyed upon membership withdrawal (except where required by law to retain for a certain period)
• Retention according to the Act on Consumer Protection in Electronic Commerce, etc.
  • Contract and withdrawal records: 5 years
  • Payment and supply records: 5 years
  • Consumer complaint and dispute resolution records: 3 years
  • Records on labeling and advertising: 6 months

Article 4 (Provision of Personal Information to Third Parties)

In principle, the Company does not provide users' personal information to third parties.

However, exceptions are made in the following cases:

• When users have given prior consent
• When there are special provisions in laws and regulations
• When requested by investigative agencies through lawful procedures

Article 5 (Consignment of Personal Information Processing)

The Company may outsource personal information processing when necessary for service provision, and executes contracts and performs management and supervision in accordance with relevant laws when outsourcing.

• Payment processing: Google Play, Apple App Store, RevenueCat, Paddle
• Hosting/Storage: Supabase, Firebase, Google Cloud Platform, Amazon AWS
• Logging/Analytics/Notifications: Sentry, Firebase Analytics, Crashlytics

Article 6 (Rights of Users and How to Exercise Them)

Users can exercise the following rights as personal information subjects:

• Request to view personal information
• Request correction in case of errors
• Request deletion
• Request suspension of processing

※ Some rights may be restricted according to laws and regulations, and the Company will take action without delay when requested.

Article 7 (Procedures and Methods for Destroying Personal Information)

• Destroyed without delay when no longer necessary due to expiration of retention period or achievement of processing purposes.
• Electronic files: permanently deleted using technical methods that prevent recovery
• Paper documents: shredded or incinerated

Article 8 (Measures to Ensure Safety of Personal Information)

The Company takes the following measures to ensure safety in accordance with Article 29 of the Personal Information Protection Act.

• Administrative measures: establishment and implementation of internal management plans, employee training, etc.
• Technical measures: encryption, access control, installation of security programs
• Physical measures: access control to computer rooms and data storage rooms

Article 9 (Installation, Operation, and Rejection of Automatic Personal Information Collection Devices)

• The Company provides customized services to users through cookies, SDKs, log analysis tools, etc.
• Users can refuse cookie storage through browser settings.
• However, refusing cookies may result in restrictions on service use.

Article 10 (Privacy Officer and Contact Information)

• Privacy Officer: Haejung Ko
• Email: privacy@arclair.com
• Address: 5086, 5F, Namgyeong Bldg, 35, Irwon-ro, Gangnam-gu, Seoul, Republic of Korea

※ For personal information breach reports or consultations, users can contact the following organizations:

• Personal Information Infringement Report Center (privacy.kisa.or.kr / 118 without area code)
• Supreme Prosecutors' Office Cyber Investigation Division (spo.go.kr / 1301 without area code)
• National Police Agency Cyber Bureau (cyberbureau.police.go.kr / 182 without area code)

Article 11 (Changes to Privacy Policy)

This policy may be revised according to changes in laws, policies, or security technologies, and changes will be announced within the service at least 7 days in advance.