친구친구 Privacy Policy

Effective Date: January 1, 2025

Constacts, Inc (hereinafter "the Company") values the privacy of its users and complies with the Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, and other related laws and regulations regarding personal information protection.

Through this Privacy Policy, the Company informs users about the purposes and methods of using the personal information they provide, and the measures taken to protect personal information.

1. Personal Information We Collect

The Company collects the following personal information for membership registration, smooth service provision, and customer consultation:

Information Collected During Membership Registration

Category	Items Collected	Purpose of Collection
Required Information	Phone number	User identification, account creation, login authentication

Information Automatically Collected During Service Use

Service usage records, access logs, cookies, device information (OS version, device model)
IP address, access date and time

Analytics Information (Firebase Analytics)

The Company uses Firebase Analytics to improve app services and understand user behavior. The following information is automatically collected:

Automatically Collected Information

Device Information: Device model, operating system version, language settings
App Usage Information: Screen views, app launches, session duration
Technical Information: App version, network status

Event-Based Collection

Login/Sign-up events (timing only, no credentials)
Message sending events (type only: text/image - content is NOT collected)
Subscription purchase information
Permission grant/denial status (notifications, contacts)

Third-Party Service Provider

Analytics data is processed through Firebase (Google LLC). This data is used solely for:

Service improvement and user experience enhancement
Usage pattern analysis
Error monitoring and performance optimization

We do NOT:

Sell your data to third parties
Use your data for marketing purposes without consent
Collect Identifier for Advertisers (IDFA) or use tracking for advertising

Analytics Data Retention

Firebase Analytics data: Up to 14 months (Firebase default setting)
When you delete the app, no new data will be collected

Your Control Over Analytics

You have the right to opt-out of analytics data collection. You can disable analytics in the app settings at any time.

2. Purpose of Collecting and Using Personal Information

The Company uses the collected personal information for the following purposes:

Membership Management

User identification and authentication
Membership registration and maintenance
Prevention of unauthorized use and fraudulent transactions
Processing membership withdrawal and related notifications

Service Provision

Providing messaging services
Providing chat room creation and management functions
Providing image and file sharing services
Handling customer complaints and inquiries

Service Improvement and Development

Service usage statistics and analysis
Development of new services and features
Service improvement and quality enhancement

3. Retention and Use Period of Personal Information

In principle, the Company shall immediately destroy personal information when the purpose of collecting and using personal information has been achieved. However, the following information shall be retained for the specified period for the reasons stated below:

Information Retained in Accordance with Internal Policy

Fraudulent use prevention and investigation: 1 year
Records of user complaints and dispute resolution: 3 years

Information Retained in Accordance with Related Laws

Information	Retention Period	Legal Basis
Records on contracts or withdrawal of subscription	5 years	Act on Consumer Protection in Electronic Commerce
Records on payment and supply of goods	5 years	Act on Consumer Protection in Electronic Commerce
Records on consumer complaints or dispute resolution	3 years	Act on Consumer Protection in Electronic Commerce
Records on display and advertising	6 months	Act on Consumer Protection in Electronic Commerce
Access logs and connection records	3 months	Protection of Communications Secrets Act

4. Procedures and Methods for Destroying Personal Information

In principle, the Company shall immediately destroy personal information when the purpose of collecting and using personal information has been achieved.

Destruction Procedures

Information entered by users for membership registration and other purposes is transferred to a separate database (or separate file cabinet for paper documents) after achieving its purpose and is destroyed after being stored for a certain period in accordance with internal policies and other related laws (refer to retention and use period).

Destruction Methods

Personal information stored in electronic file format is deleted using technical methods that make recovery impossible
Personal information printed on paper is shredded or incinerated

5. Provision of Personal Information to Third Parties

In principle, the Company does not provide users' personal information to third parties. However, exceptions are made in the following cases:

When users have given prior consent
When there are special provisions in laws or regulations
When required for investigation purposes in accordance with the procedures and methods prescribed by laws and regulations

Third-Party Service Providers

The Company shares limited information with the following third-party service providers for service operation purposes:

Service Provider	Purpose	Information Shared	Data Location
Google LLC (Firebase Analytics)	App usage analytics, service improvement	Device ID, app usage patterns, technical diagnostics	United States (compliant with international data transfer regulations)

These service providers are contractually obligated to protect your data and use it only for the specified purposes. For more information about how Google processes your data, please visit Google's Privacy Policy.

6. Consignment of Personal Information Processing

The Company does not consign the processing of users' personal information to external companies. If consignment becomes necessary in the future, the Company will notify users in advance and obtain consent if required by law.

7. Rights of Users and Legal Representatives

Users and their legal representatives may exercise the following rights regarding personal information protection at any time:

Request to view personal information
Request correction if there are errors
Request deletion
Request suspension of processing

To exercise the rights in Paragraph 1, users may submit a request in writing, via email, or fax to the Company, and the Company will take action without delay.

If users request correction or deletion of errors in personal information, the Company will not use or provide the personal information until the correction or deletion is completed.

8. Technical and Managerial Measures for Personal Information Protection

The Company takes the following technical and managerial measures to ensure safety when processing users' personal information:

Managerial Measures

Establishment and implementation of internal management plan
Minimization and education of personnel handling personal information
Regular employee training

Technical Measures

Encryption of personal information
Installation and operation of hacking and virus prevention systems
Access control and authority management
Storage of access records and prevention of forgery and alteration

Physical Measures

Access control to locations where personal information is stored

9. Installation, Operation, and Refusal of Automatic Personal Information Collection Devices

The Company uses "cookies" that store and retrieve user information from time to time.

Purpose of Using Cookies

To analyze usage patterns of services visited by users and provide customized services

Refusal of Cookie Installation

Users have the option to refuse cookie installation. Therefore, users can allow all cookies, check each time a cookie is saved, or refuse to save all cookies by setting options in their web browser.

10. Personal Information Protection Officer

The Company has designated a Personal Information Protection Officer as follows to take overall responsibility for personal information processing-related tasks and handle complaints and remedy damages of data subjects related to personal information processing:

Personal Information Protection Officer

Department: Customer Support Team
Email: privacy@constacts.com

Users may report all personal information protection-related inquiries, complaint handling, and damage relief arising from the use of the Company's services to the Personal Information Protection Officer. The Company will promptly respond to and handle user reports.

11. Remedies for Infringement of Rights

Users may contact the following organizations for relief from personal information infringement:

Personal Information Dispute Mediation Committee

Website: www.kopico.go.kr
Phone: (without area code) 1833-6972

Personal Information Infringement Report Center

Website: privacy.kisa.or.kr
Phone: (without area code) 118

Supreme Prosecutors' Office Cyber Investigation Department

Website: www.spo.go.kr
Phone: (without area code) 1301

National Police Agency Cyber Safety Bureau

Website: cyberbureau.police.go.kr
Phone: (without area code) 182

12. Changes to Privacy Policy

This Privacy Policy may be amended in accordance with changes in laws, policies, or security technologies. If amendments are made, the Company will announce them through notices on the Service.

This Privacy Policy is effective from January 1, 2025.

Constacts, Inc