Digitalog Technologies Privacy Policy

All personal information handled by Digital Log Technologies Co., Ltd. (hereinafter referred to as the “Company”) is collected, retained, and processed based on applicable laws or with the consent of the data subject. This Privacy Policy takes effect on November 4, 2024. The Company complies with the Personal Information Protection Act and other relevant laws to lawfully process and securely manage personal information, ensuring the protection of the freedoms and rights of data subjects. Pursuant to Article 30 of the Personal Information Protection Act*, the Company establishes and discloses the following Privacy Policy to inform data subjects of the procedures and standards for the processing and protection of personal information and to ensure that related grievances are promptly and smoothly addressed.

Collection of General Personal Information

Purpose of Personal Information Processing

Retention Period of Personal Information

Email, Password

Confirmation of Membership Provision of BizCalendar

Until Membership Termination

Destruction of Personal Information

Overseas Transfer of Personal Information

Grievance Handling Department

Permanent Deletion by Irreversible Methods

Google, Inc. (Firebase)

Personal Information Consultation +82-070-4106-4243 help@digitalog.ai

☐ Purpose of Personal Information Processing, Collected Items, Retention, and Usage Period

The Company processes personal information for the following purposes. Personal information being processed is not used for purposes other than those specified below. If there is any change in the intended purpose, the Company will take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

Personal Information Items Processed Without Consent from the Data Subject

The Company processes the following personal information items without obtaining consent from the data subject.

Legal Basis	Category	Purpose of Collection	Collected Items	Retention and Usage Period
Article 15, Paragraph 1, Subparagraph 4 of the Personal Information Protection Act (‘Performance of Contract’)	Membership Registration	Confirmation of Membership Intent, Provision of BizCalendar Services	Email, Password	Until Membership Termination

The following are cases where personal information is retained without destruction in accordance with other laws:

<Basis of Retention Law and Clause>:<Retention Period>
Records Related to Transactions in Accordance with Article 6 (Preservation of Transaction Records, etc.) of the Act on Consumer Protection in Electronic Commerce, Etc.:

Records related to advertising and labeling: 6 months
Records related to contracts or withdrawal of offers: 5 years
Records related to payment and supply of goods, etc.: 5 years
Records related to consumer complaints or dispute resolution: 3 years

Retention of Communication Confirmation Data in Accordance with Article 15-2 (Obligations of Telecommunications Service Providers to Cooperate) of the Protection of Communications Secrets Act:

Computer communication, internet log records, and access tracking data: 3 months

☐ Processing of Personal Information of Children Under the Age of 14

The Company obtains consent from the legal guardian of a child under the age of 14 when it is necessary to process the child’s personal information.
When obtaining the legal guardian’s consent for the processing of personal information of a child under the age of 14, the Company may request only the minimum necessary information, such as the guardian’s name and contact information. The Company facilitates the guardian’s indication of consent via an internet site where the consent content is displayed, and confirms this consent by notifying the guardian via a text message to their mobile phone.

☐ Personal Information Destruction Procedures and Methods

The Company promptly destroys personal information without delay when it becomes unnecessary, such as upon the expiration of the retention period or the achievement of the processing purpose.

Establishment of a Destruction Plan

The Company establishes a personal information destruction plan in accordance with internal policies and applicable laws.

Destruction Procedures and Timeline

Information entered by users is destroyed without delay within five days after the retention period expires or the processing purpose is achieved.
Personal information is destroyed with the approval of the Personal Information Protection Officer.

Destruction Methods

For electronic files: Permanently deleted using methods that prevent restoration.
For records, printouts, documents, and other recording media in non-electronic file forms: Shredded or incinerated.

If the retention period for personal information agreed upon by the data subject has expired or the processing purpose has been achieved, but the personal information must still be retained in accordance with other laws, the Company transfers the relevant personal information to a separate database (DB) or stores it in a different location for retention.

※ The items of personal information retained and the legal basis for retention in accordance with other laws can be found in the section "Purpose of Personal Information Processing, Collected Items, and Retention and Usage Period."

☐ Provision of Personal Information to Third Parties

The Company does not provide personal information to third parties.

☐ Collection and Transfer of Personal Information Overseas

The Company provides and entrusts the processing of personal information overseas as follows for the smooth handling of personal information tasks.
Users may refuse the overseas transfer of their personal information by contacting the Personal Information Protection Officer or the department in charge of personal information protection. If a user refuses the overseas transfer of personal information, the Company will exclude the user's personal information from overseas transfers. However, in such cases, services that necessarily involve the overseas transfer of personal information may be restricted. For inquiries and requests to refuse the overseas transfer of personal information, users may contact help@digitalog.ai.

Item	Details
Recipient	Google Inc. (Firebase)
Receiving Country	USA
Purpose of Use	To manage membership registration, email, and password information using Firebase Authentication
Method and Timing of Transfer	Transferred during membership registration and login using the Firebase Authentication SDK
Entrusted Personal Information Items	Information collected during service use
Retention and Usage Period of Personal Information	Until membership termination
Legal Basis for Overseas Transfer	Article 28-8, Paragraph 1, Subparagraph 3(a) of the Personal Information Protection Act

☐ Measures to Ensure the Security of Personal Information

The Company takes the following measures to ensure the security of personal information:

Administrative Measures:

Establishment and implementation of internal management rules, operation of a dedicated organization.

Technical Measures:

Encryption of personal information, management of access rights to personal information processing systems, installation of access control systems.

Physical Measures:

Access control to computer rooms, data storage rooms, and other physical locations.

The Company strives to securely manage users' personal information by taking all necessary precautions. In addition to the security measures required by the Personal Information Protection Act, the Company makes additional efforts to protect personal information.

Encryption of personal information, management of access rights to personal information processing systems, installation of access control systems.

☐ Installation, Operation, and Rejection of Devices that Automatically Collect Personal Information

< Automatically Collected Personal Information Devices >

The Company uses cookies to store and retrieve usage information from time to time in order to provide personalized services and convenience to users.

Definition of Collection Devices

The Company operates devices such as "cookies" to identify user information. A cookie is a small text file sent by the server used to operate the Company’s website to the user's browser, and it is stored on the user’s computer hard disk.

Purpose of Use

Cookies are used for purposes such as implementing auto-login features, analyzing the access frequency and visit time of members and non-members, identifying user preferences and areas of interest, improving services, and preventing abnormal access.

Collection Method

Tools such as Google, Datadog, and Hotjar are used to collect and analyze user activity data.

Users can configure their web browser options to allow or block cookies. However, refusing to store cookies may result in difficulties in using personalized services.

▶ Cookie Allowance/Blocking on Mobile Browsers

Chrome: Mobile browser settings > Privacy and Security > Clear browsing data
Safari: Device settings > Safari > Advanced > Block all cookies
Samsung Internet: Mobile browser settings > Browsing history > Clear browsing data

☐ Rights and Obligations of Data Subjects and Legal Guardians, and How to Exercise Them

Data subjects may exercise their rights at any time, including requesting to access, correct, delete, suspend the processing of, or withdraw consent for their personal information, as well as objecting to or requesting an explanation regarding automated decisions.
Rights can be exercised in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act via written request, email, or fax, and the Company will respond without delay.

Access, Correction, Deletion:Service page homepage > Profile icon > Account settings > Edit profile information
Membership Withdrawal: Service page homepage > Profile icon > Account settings > Membership withdrawal
Consent Withdrawal and Automated Decisions or Explanation: Contact the department handling personal information access requests for assistance.

Rights may also be exercised through a legal guardian or an authorized representative of the data subject. In this case, a power of attorney must be submitted.

Accepted Power of Attorney: [Form No. 11 from the Personal Information Processing Guidelines (Notice No. 2023-12)]

Requests for access to or suspension of personal information processing may be restricted in accordance with Articles 35(4) and 37(2) of the Personal Information Protection Act.
Requests for correction or deletion of personal information cannot be made if the information is specified as a mandatory collection item under other laws.
When responding to requests for access, correction, deletion, or suspension of personal information processing, the Company verifies whether the requester is the data subject or a legitimate representative.
Requests for access to personal information can be made to the department below. The Company will make every effort to process such requests promptly.

▶ Department for Processing Requests for Access to Personal Information

Department Name: Development Team
Contact Information: help@digitalog.ai, 070-4106-4243

☐ Matters Regarding the Rights, Obligations, and Methods of Exercise for Data Subjects and Legal Guardians

The Company takes overall responsibility for personal information processing tasks and has designated a Personal Information Protection Officer as follows to address complaints and provide remedies related to the processing of personal information.
Data subjects may contact the Personal Information Protection Officer and the responsible department for any inquiries, complaints, or remedies related to personal information protection that arise while using the Company's services. The Company will respond to and address inquiries without delay.

Category	Personal Information Protection Officer	Personal Information-Related Department
Department	-	Development Team
Name	Dong-Kyu Son	-
Phone	070-4106-4243	070-4106-4243
Email	help@digitalog.ai	help@digitalog.ai

☐ Remedies for Infringement of Data Subject Rights

Data subjects may seek resolution of disputes or request consultations regarding personal information infringements through the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency’s Personal Information Infringement Reporting Center, and other relevant organizations. For reporting or consulting on other personal information infringement issues, please contact the organizations listed below:

Personal Information Dispute Mediation Committee: 1833-6972 (www.privacy.go.kr)
Personal Information Infringement Reporting Center: 118 (privacy.kisa.or.kr)
Supreme Prosecutors' Office: 1301 (www.spo.go.kr)
Korean National Police Agency: 182 (ecrm.police.go.kr)

The Company is committed to protecting the data subject's right to self-determination of personal information and strives to provide consultation and remedies for damages caused by personal information infringement. For inquiries or consultations, please contact the department below:

▶ Customer Consultation and Reporting Related to Personal Information Protection

Department Name: Development Team
Contact Information: help@digitalog.ai, 070-4106-4243

☐ Changes to the Privacy Policy

This Privacy Policy has been in effect since November 4, 2024. The following changes have been made compared to the previous version of the Privacy Policy.

Reason for Change	Details
Establishment of a Privacy Policy	Privacy Policy established due to the launch of a new service

You can view the previous version of the Privacy Policy below.

2024. 11. 04 ~