Article 1 (Purpose of Processing Personal Data)
The Company processes personal data for the following purposes and will not use it for other purposes:
- Membership registration and management, identity verification, prevention of misuse
- Service provision (digital asset information, membership, shopping, etc.)
- Customer inquiries and support
- Advertising display and effectiveness measurement
Article 2 (Items of Personal Data Collected)
1. Information entered directly by users
- Required: Email, authentication information (password)
- Optional: Referral ID (for marketing purposes)
2. Information automatically collected during service use
- Device information (OS type/version, device model, device identifier)
- Advertising identifiers (Android AAID, iOS IDFA)
- IP address, access logs, service usage records
Article 3 (Retention and Use Period of Personal Data)
| Category | Retention Period |
|---|---|
| Member information | Retained for 30 days after withdrawal, then destroyed |
| Service usage records / access logs | 3 months (Korean Communications Privacy Act) |
| Misuse records | 1 year |
If required by law, data will be retained for the statutory period and then destroyed.
Article 4 (Provision of Personal Data to Third Parties)
The Company does not provide personal data to external parties, except in the following cases:
- When the user has given prior consent
- When required by law or requested by investigative authorities
Article 5 (Outsourcing of Personal Data Processing)
| Outsourcee | Outsourced Tasks |
|---|---|
| Google LLC | Advertising display and processing of advertising identifiers (Google AdMob) |
※ If outsourcing partners are added or changed, users will be notified at least 7 days prior to implementation.
Article 6 (User Rights)
Users may request to view, correct, delete, suspend processing of their personal data, or withdraw membership at any time.
Article 7 (Destruction of Personal Data)
- Electronic files: Permanently deleted using irrecoverable methods
- Paper documents: Shredded or incinerated
Article 8 (Measures to Ensure Security of Personal Data)
- Passwords stored using one-way encryption
- Data encryption, access control, intrusion detection systems
- Regular security audits
Article 9 (Advertising Identifier Notice)
Advertising identifiers are used for personalized advertising.
- Android: Settings > Google > Ads > "Delete Advertising ID"
- iOS: Settings > Privacy & Security > Apple Advertising
Article 10 (App Permission Notice)
| Permission | Purpose | Required |
|---|---|---|
| Internet / Network state | Service communication | Required |
| Camera | QR code scanning | Optional |
| Advertising ID | Advertising display and measurement | Optional |
Article 11 (Data Protection Officer)
- Name: Saw
- Email: Policy@bukcs.com
Article 12 (Remedies for Rights Infringement)
- Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
- Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)
- Cyber Bureau of the National Police Agency: 182 (ecrm.cyber.go.kr)
- Singapore Personal Data Protection Commission (PDPC): +65-6379-3131 (www.pdpc.gov.sg)
Article 13 (Changes to Privacy Policy)
Any additions, deletions, or modifications to this policy will be announced at least 7 days prior to implementation.
SKX