Koreanstory.net and all subdomains (e.g., en.koreanstory.net, it.koreanstory.net, etc.) value your personal information and are committed to handling it transparently while complying with applicable laws and regulations. This Privacy Policy is governed by the Personal Information Protection Act of South Korea and the **General Data Protection Regulation (GDPR)** of Europe, and applies to all users who visit and use Koreanstory.net.
________________
1. Purpose of Collecting and Using Personal Information
Koreanstory.net collects and uses the minimum amount of personal information necessary for the following purposes. The collected personal information is only used within the scope necessary for providing services and is not used for any other purposes.
* Service Provision: Content delivery, personalized services, member management (signup, withdrawal, identity verification, etc.)
* Customer Communication and Inquiry Handling: Questions related to service use, complaint resolution, notices
* Service Improvement and Statistical Analysis: Analyzing usage records, improving services and developing new services based on statistical data
* Advertising and Marketing: Displaying targeted advertisements, providing event information (only with user consent)
________________
2. Items of Personal Information Collected and Methods of Collection
Koreanstory.net collects the following personal information:
* Required Items:
* During registration: Email address, password, nickname
* When making inquiries: Name, email address
* During service use: IP address, cookies, visit records, device information (for analyzing access environment and improving services)
* Optional Items:
* Profile photo, self-introduction, etc. (can be entered optionally, and not providing them does not restrict service use)
Collection Methods:
* Collected when users directly enter information during registration and service use.
* Collected through inquiries via message boards, emails, etc.
* Automatically generated information (IP address, cookies, etc.) may be collected during service use.
________________
3. Handling and Retention Period of Personal Information
Collected personal information is generally destroyed without delay once the purpose of collection and use has been achieved or upon the withdrawal of consent by the data subject. However, the following information is retained for the period specified by relevant laws:
* Consumer Protection in Electronic Commerce Act:
* Records of contracts or withdrawals: 5 years
* Records of payments and delivery of goods: 5 years
* Records of complaints or dispute resolution: 3 years
* Communications Privacy Act:
* Login records: 3 months
________________
4. Provision and Delegation of Personal Information to Third Parties
Koreanstory.net uses personal information only within the scope disclosed in “1. Purpose of Collecting and Using Personal Information” and does not, in principle, provide it to outside parties without prior user consent. Exceptions include:
* When the user has given prior consent
* When required by law or when law enforcement agencies request in accordance with prescribed procedures for investigation purposes
Koreanstory.net may delegate the processing of personal information to external specialized companies for service improvement. Such outsourcing agreements specify compliance with privacy laws, confidentiality of personal information, prohibition of third-party provision, and liability in case of accidents, and the details of outsourced tasks and recipients are disclosed on the website.
________________
5. How Data Subjects Can Exercise Their Rights
Users may at any time exercise their rights regarding their personal information, including:
* Requesting access to their personal data to verify processing
* Requesting correction if the information is inaccurate or incomplete
* Requesting deletion of their personal data (including the ‘Right to Be Forgotten’ under GDPR)
* Requesting the restriction of processing
EU citizens subject to GDPR have additional rights:
* Data Portability: The right to receive personal data in a structured, commonly used, machine-readable format or to request direct transfer to another controller if technically feasible
* Right to Object to Automated Decision-Making: The right to object to decisions based solely on automated processing, including profiling, that have legal effects or significantly affect the individual
* Restriction of Processing: The right to request restriction of processing under certain conditions
These rights can be exercised via the ‘My Page’ feature on the website or by contacting the data protection officer listed at the bottom of this Privacy Policy via written communication, email, etc. Koreanstory.net will respond without delay.
________________
6. Measures to Ensure Personal Information Security
Koreanstory.net implements technical, administrative, and physical measures to ensure the safe handling of personal information:
* Technical Measures: Encrypting personal data, installing and regularly updating security software, operating intrusion prevention systems
* Administrative Measures: Minimizing personnel with access to personal data, training staff, establishing and executing internal management plans, conducting regular audits
* Physical Measures: Controlling access to storage systems, controlling physical access
________________
7. Use of Cookies
Koreanstory.net uses cookies to provide better personalized services. Cookies are small text files sent by the server that operates the website to the user’s browser and stored on the user’s hard disk.
* Purpose of Cookies: To understand the types of services visited and preferences, enabling the delivery of optimized information
* Installing/Operating and Rejecting Cookies: Users can set their browsers to allow all cookies, be prompted each time a cookie is stored, or reject all cookies.
* Example settings (Internet Explorer): Tools > Internet Options > Privacy
* Example settings (Chrome): Settings > Privacy & Security > Site Settings > Cookies and site data
To comply with GDPR, users in the EU accessing Koreanstory.net will see a banner or popup requesting explicit consent for cookie use. Non-essential cookies will not be set without consent.
________________
8. Data Protection Officer and Responsible Department
Koreanstory.net designates a Data Protection Officer to oversee personal data processing and handle user complaints and damages related to personal data.
* Data Protection Officer:
* Name: Orebyn Niriel
* Email: koreanstory.net@gmail.com
Users can contact the Data Protection Officer for any inquiries, complaints, or damages related to personal data processing.
________________
9. Remedies for Rights Violations
Data subjects can apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency’s Personal Information Infringement Report Center, and others.
* Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
* Personal Information Infringement Report Center (KISA): 118 (privacy.kisa.or.kr)
* Supreme Prosecutors’ Office Cyber Investigation Division: 1301 (www.spo.go.kr)
* National Police Agency Cyber Crime Investigation Bureau: 182 (ecrm.police.go.kr)
EU citizens covered by GDPR have the right to file complaints with their national data protection supervisory authority (e.g., in Germany, with the state or federal data protection authorities).
________________
10. Changes to the Privacy Policy
This Privacy Policy will be revised if there are changes in laws or policies, with amendments, deletions, or corrections notified at least 7 days prior through the website’s notice.
* Initial Effective Date: July 8, 2025
* Last Updated: July 8, 2025