Article 1 (Purpose)

HolyGround Inc. (hereinafter referred to as "Company") establishes this Privacy Policy to protect the personal information of individuals (hereinafter referred to as "Users") who use the services provided by the Company (hereinafter referred to as "Services") and complies with relevant laws and regulations.

Article 2 (Types and Methods of Personal Information Collection)

Information Collected

[Required Information]

• Social Media Account Information (Registration is only available through social media integration)
  • KakaoTalk: Unique identifier, nickname, profile picture
  • Naver: Unique identifier, nickname, profile picture
  • Google: Unique identifier, email address, nickname, profile picture
  • GitHub: Unique identifier, email address, nickname, profile picture

[Automatically Collected Information]

• Service usage records, access logs, cookies, IP information, device information, etc.

Collection Methods

• Automatic collection through social media integration
• Automatic collection during service usage

Article 3 (Purpose of Collection and Use of Personal Information)

• Member identification and authentication
• Service provision and identity verification
• Payment and purchase processing
• Customer inquiries and complaint handling
• Development of new services and provision of customized services
• Event and advertising information (with prior consent)
• Legal compliance and dispute resolution

Article 4 (Retention and Use Period of Personal Information)

• Retained until membership withdrawal
• Retention periods according to relevant laws:
  • Contracts and withdrawal of subscription: 5 years
  • Payment and supply records: 5 years
  • Complaints and dispute handling: 3 years
  • Login records (Act on Protection of Communications Secrets): 3 months

Article 5 (Procedures and Methods for Destruction of Personal Information)

• Destruction procedure: Destroyed without delay after achieving the purpose
• Destruction method
  • Electronic files: Permanent deletion
  • Paper documents: Shredding or incineration

Article 6 (Provision of Personal Information to Third Parties)

In principle, no provision to third parties. Exceptions include:

• User consent
• Legal requirements or investigation purposes

Article 7 (Outsourcing of Personal Information Processing)

[Outsourced Services and Tasks]

• Supabase: Database and authentication services
• Delivery companies: Product delivery (if applicable)

• Outsourcing period: Until termination of outsourcing contract

Article 8 (International Transfer of Personal Information)

• Transferred items: Social media account information
• Transfer countries: United States and other countries where social media providers are located
• Transfer method: Network transmission during registration or use
• Retention and use period: According to each social media provider's privacy policy

Article 9 (User Rights and Exercise Methods)

• Request to view, correct, delete, or suspend processing of personal information
• Withdrawal of consent for collection and use
• Requests can be made to the personal information protection officer via written correspondence, email, or phone

Article 10 (Protection of Personal Information of Children Under 14)

The Company does not collect personal information from children under 14 years of age, and users under this age cannot use the service.

Article 11 (Use of Cookies and How to Refuse)

• Used to provide customized services and analyze usage statistics
• Cookie storage can be refused through browser settings (may limit some services)

Article 12 (Installation, Operation, and Refusal of Automatic Collection Devices)

• Utilization of statistical collection tools such as web beacons and pixel tags
• Users may refuse information collection

Article 13 (Measures to Ensure the Security of Personal Information)

• Administrative measures: Processing by minimal personnel, regular training
• Technical measures: Encryption, security programs, access control
• Physical measures: Access control to computer rooms and storage facilities

Article 14 (Measures in Case of Personal Information Breach)

Immediate notification and damage minimization measures in case of breach, reporting to relevant authorities

Article 15 (Ensuring Accuracy and Currency of Personal Information)

Provision of accurate information and immediate correction when changes occur, responsibility lies with the user

Article 16 (Transmission of Advertising Information)

• Prohibition of transmitting advertising information without prior consent
• Guidance on opt-out methods and immediate cessation of transmission

Article 17 (Personal Information Protection Officer and Department)

• Name: Paul Yang
• Position: CEO
• Email: support@holyground.world

Article 18 (Remedies for Rights Infringement)

• Personal Information Infringement Report Center: 118, privacy.kisa.or.kr
• Personal Information Dispute Mediation Committee: 1833-6972, www.kopico.go.kr
• Supreme Prosecutors' Office Cyber Investigation Department: 1301, www.spo.go.kr
• National Police Agency Cyber Safety Bureau: 182, cyberbureau.police.go.kr

Article 19 (Changes to Privacy Policy and Notification Obligations)

• Notice at least 7 days in advance for changes, 30 days for significant changes
• Effective Date: January 23, 2025

Article 20 (Relationship with Terms of Service)

The Privacy Policy applies together with the Terms of Service, and in case of conflict, this Policy takes precedence.