Privacy Policy

Search OS (hereinafter referred to as the "Company") establishes this Privacy Policy (hereinafter referred to as "this Policy") to protect the information (hereinafter referred to as "Personal Information") of individuals (hereinafter referred to as "Users" or "Individuals") who use the services provided by the Company (hereinafter referred to as "Company Services"), to comply with relevant laws and regulations including the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection (hereinafter referred to as the "Network Act"), and to promptly and smoothly address grievances related to the personal information protection of service users.

In accordance with personal information-related laws and this Policy, the Company may collect Users' personal information, and the collected personal information may be provided to third parties only with the consent of the individual. However, in cases where it is legally mandated by law, the Company may provide Users' collected personal information to third parties without prior consent.

The Company collects and uses personal information for the following purposes:

• Service provision and account management
• Member identification and authentication
• Processing payments and preventing fraudulent transactions
• AI-based analysis and report generation
• Service improvement and new feature development
• Customer support and inquiry response
• Compliance with legal obligations

The Company collects the following types of personal information:

• Required Information: Email address, password (encrypted), name, company name
• Optional Information: Phone number, profile picture, job title, industry
• Automatically Collected Information: IP address, cookie information, service usage records, device information, access logs
• Payment Information: Credit card information, billing address (processed through third-party payment processors)

The Company retains personal information for the period necessary to achieve the purpose of collection and use. Personal information is destroyed without delay when the purpose is achieved or the retention period expires.

• Account Information: Retained until account deletion or service withdrawal
• Payment Records: 5 years (as required by commercial law)
• Service Usage Logs: 3 months (unless required otherwise by law)

The Company does not provide personal information to third parties without user consent, except in the following cases:

• When users have given prior consent
• When required by law or requested by law enforcement agencies
• When necessary for service provision (e.g., payment processing through TossPayments)

The Company may entrust personal information processing to external service providers for smooth service provision. Current entrustees include:

• Cloud Hosting: AWS, Google Cloud Platform (data storage and processing)
• Payment Processing: TossPayments (payment processing and billing)
• Email Service: Email delivery service providers (transactional emails and notifications)
• Analytics: Google Analytics (service usage analysis)

Users have the following rights regarding their personal information:

• Right to access personal information
• Right to correction of inaccurate information
• Right to deletion of personal information
• Right to suspension of personal information processing
• Right to data portability
• Right to withdraw consent

Users may exercise these rights by contacting the Personal Information Protection Officer or through the settings menu in the service.

The Company does not knowingly collect personal information from children under the age of 14 without parental consent. If we become aware that we have collected personal information from a child under 14 without verification of parental consent, we will take steps to delete that information.

The Company uses cookies and similar tracking technologies to provide personalized services and improve user experience. Users may refuse cookie storage through browser settings, but this may limit some service features.

The Company implements the following technical and administrative measures to protect personal information:

• Password encryption and secure authentication
• SSL/TLS encryption for data transmission
• Regular security audits and vulnerability assessments
• Access control and monitoring systems
• Employee training on personal information protection
• Incident response and breach notification procedures

Personal information may be transferred to and processed in countries other than your country of residence. The Company ensures that such transfers comply with applicable data protection laws and implements appropriate safeguards.

The Company may use automated decision-making processes, including AI and machine learning, to analyze data and provide personalized recommendations. Users have the right to request human intervention and to contest automated decisions.

The Company may update this Privacy Policy from time to time. Material changes will be notified through the service or via email at least 7 days before the effective date. Continued use of the service after changes take effect constitutes acceptance of the updated policy.

The Company designates the following individuals and departments to protect Users' personal information and handle related complaints:

1. Personal Information Protection Officer
   • Name: Han Cheolhwa
   • Title: CEO
   • Phone: +82-10-2294-5697
   • Email: cjgfhk5697@gmail.com
2. Personal Information Protection Manager
   • Department: Development Team
   • Name: Cho Minjae
   • Phone: +82-10-5313-6281
   • Email: ipszone0525@gmail.com

1. Data subjects may apply for dispute resolution or consultation with organizations such as the Personal Information Dispute Mediation Committee or the Korea Internet & Security Agency Personal Information Infringement Report Center to seek remedies for personal information infringement. For other inquiries regarding personal information infringement reports and consultations, please contact the following organizations:
   • Personal Information Dispute Mediation Committee: 1833-6972 www.kopico.go.kr
   • Personal Information Infringement Report Center: 118 privacy.kisa.or.kr
   • Supreme Prosecutors' Office: 1301 www.spo.go.kr
   • National Police Agency: 182 ecrm.cyber.go.kr
2. The Company strives to ensure the personal information protection policy of data subjects and to provide consultation and remedy for damages caused by personal information infringement. If you need to report or consult, please contact the department listed in Paragraph 1.
3. Those whose rights or interests have been violated due to actions or inactions by the head of a public institution in response to requests under Articles 35 (Access to Personal Information), 36 (Correction and Deletion of Personal Information), and 37 (Suspension of Personal Information Processing) of the Personal Information Protection Act may file an administrative appeal in accordance with the Administrative Appeals Act.
   • Central Administrative Appeals Commission: 110 www.simpan.go.kr

Article 1: This Policy shall be effective from August 25, 2024.