Privacy Policy
Effective date: April 4, 2024
Echostone Inc. ("Company") operates the Echostone web and mobile application ("App").
We value the personal information of users who use the Echostone service ("Service"). We comply with Korean laws and regulations on personal information protection and have established this Privacy Policy.
This policy may be amended due to changes in laws or internal operations; any changes will be announced through the Service.
Article 1 (Personal Information Collection)
We collect the minimum personal information necessary for service provision through the web and app as follows.
- Personal information that users directly input during service use.
- Name, email, profile information
- Device information (OS, screen size, device ID), service usage information (app version, location, activity logs), and cookies may be automatically collected.
- Personal information may be collected to resolve inquiries via email, fax, or phone.
Article 2 (Use of Personal Information)
The Company uses personal information for service provision, improvement, and new service development.
- User identification, intent verification, identity verification, anti-fraud
- When users reserve or receive services
- Service improvement through statistics and analysis of usage records
- Service provision based on demographic analysis
- Handling and forwarding inquiries and requests
- Leaderboard: User names, scores, rank, and learning dates may be partially disclosed on the leaderboard.
Article 3 (Provision of Personal Information)
The Company does not provide personal information to third parties except with user consent or as required by law. Some necessary tasks are outsourced to trusted partners for efficient and secure service provision.
- Processor: Supabase
- Purpose: Storage and management of user personal information and learning data
- Data provided: Name, email, profile, go learning progress, results, and statistics
- All data stored via Supabase is secured with appropriate technical and administrative safeguards.
- Processor: Payletter
- Purpose: Payment processing services
- Data provided: Payment information (payment method, transaction records) for processing
- Payletter processes payments to provide secure and convenient payment options. Only the minimum necessary payment information is provided and kept secure.
Article 4 (Destruction of Personal Information)
Personal information is destroyed without delay once its purpose has been fulfilled.
Electronic files are securely deleted; other records are shredded or incinerated.
When retention is required by law, data is transferred to separate storage.
- Inquiry records and service abuse records are retained for 1 year and then destroyed.
- Other retention periods required by law are as follows.
- Contract or withdrawal records: 5 years
- Payment and supply records: 5 years
- Consumer complaint or dispute records: 3 years
- Advertising records: 6 months
- Tax-related books and documents: 5 years
- Electronic financial transaction records: 5 years
- Service visit records: 3 months
Article 5 (User and Legal Representative Rights)
- Users and legal representatives may view, correct, or withdraw registration of personal information at any time through the app. For details, use the "My Info" screen in the app.
- Or contact our privacy officer by mail, phone, or email for assistance.
- We will not use or disclose personal information until corrections are complete.
- Deleted personal information is handled in accordance with this Privacy Policy and is not used for other purposes.
Article 6 (Technical and Administrative Safeguards)
We take reasonable measures to protect personal information. Access is limited to trained staff who follow strict standards.
We protect data with security patches, access controls, and firewalls. While we strive for secure service, we cannot guarantee security during transmission over the internet.
Article 7 (Cookie Installation, Use, and Opt-Out)
Cookies are used to provide a more convenient service. We use cookies (small data sent to your browser) for login persistence, usage tracking, and storing your preferences.
Cookies do not store personally identifiable information such as name or phone number. They cannot be used to identify you.
You may allow or refuse cookies in your browser settings. Refusing cookies may prevent use of essential services such as login.
Article 8 (Privacy Officer)
We have designated the following department and privacy officer to protect personal information and handle complaints.
If you need to report or consult on a privacy violation, contact the following agencies.
- Privacy Violation Report Center
- Personal Information Dispute Mediation Committee
- Supreme Prosecutors' Office Cyber Crime Investigation Unit
- 1301 (toll-free)
- cid@spo.go.kr
- National Police Agency Cyber Bureau
Article 9 (Changes to Privacy Policy)
This Privacy Policy may be amended to reflect legal or service changes.
Changes will be posted; the revised policy takes effect 7 days after posting.