Privacy Policy

Privacy Policy

In order to protect the personal information of the ADTREE(hereinafter referred to as "Service") users, ADTREEInc. (hereinafter referred to as “ADTREE” or the “Company”) complies with the privacy protection regulations under the relevant laws, such as the “Act on the Promotion of Information and Communications Network Utilization and Information Protection, etc.” and the “Personal Information Protection Act”, and has the following Privacy Policy. When there is any revision to the Privacy Policy, ADTREEshall make relevant notification via email.

※ This policy is effective from Marvh 18, 2026.

1. Purpose of Processing Personal Information

ADTREE processes personal information for the following purposes. The Company does not use processed personal information for any other purpose than the following, and if a purpose of use is to be changed, it shall seek prior consent.

  1. Website membership registration and management
    The Company processes personal information for the purposes of confirming intention to register as a member, performing identification to provide membership services, maintaining and managing membership, preventing fraudulent use of the services, making various notices, handling grievances, and maintaining records for dispute settlement.

  2. Handling civil affairs
    The Company processes personal information for the purposes of verifying the identity of complainants, verifying complaints, making contacts and notifications for fact investigation, and notifying the processing results.

  3. Providing goods or services
    The Company processes personal information for the purposes of providing services, contents, and customized services and settling fee payment accounts.

2. Processing, Use, and Retention Periods of Personal Information

  1. Personal information items
    Email, password, company name, phone number (if entered), name, job/title (if entered), access country/city (if disclosed), access time zone (if disclosed), language used in browser (if disclosed), browser type/version (if disclosed), OS type/version of PC (if disclosed)

  2. Collection method
    Membership registration on ADTREE website: Information directly entered by users on the websites is collected.
    Information is collected using access IP addresses and user agent of the browser.

If it is necessary to retain personal information in accordance with the related laws and regulations, such information is retained for a certain period of time. The processing, use, and retention periods of personal information are as follows.

Personal Information Collected and Retained
Related Statute
Retention Period
Website visit records
Protection of Communications Secrets Act
3 months
 
Records of consumer complaints and dispute handling
Protection of Communications Secrets Act
3 years
 
Records of contracts, subscription withdrawal, etc.
Act on the Consumer Protection in Electronic Commerce, etc.
5 years
 
Records of payment, supply of goods, etc.
Act on the Consumer Protection in Electronic Commerce, etc.
5 years
 
Records of tax payment
Framework Act on National Taxes
5 years
 

3. Outsourcing of Personal Information Processing

  1. In order to facilitate the handling of personal information, ADTREE outsources personal information processing tasks as follows.

Outsourcee
Outsourced Task
Intercom
Membership management and handling of civil affairs
 
Mailchimp
For sending email to customers
 

  1. When signing an outsourcing contract, ADTREE specifies matters such as prohibition of personal information processing for other purposes than conducting the outsourced duties, technical and administrative protection measures, restriction on subcontract, management and supervision of the outsourcee, indemnification for damages and other liabilities, etc. in accordance with Article 26 of the Personal Information Protection Act and supervises the outsourcee for safe handling of personal information.

  2. In case of any change in the contents of the outsourced tasks or the outsourcee, the Company shall without delay disclose such change through this Privacy Policy

4. Rights and Duties of Information Subject and Legal Representative and Methods of Exercising Them

As a personal information subject, the user can exercise the following rights.

  1. The information subject may at any time exercise the right to access, correct, or delete his/her personal information or request discontinuance of personal information processing to ADTREE .

  2. The user can exercise the rights under Paragraph 1 by documents, email, fax, etc. according to Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and ADTREE shall take actions accordingly without delay.

  3. The information subject may exercise the rights under Paragraph 1 through his/her legal representative, trustee, or other authorized agents. In this case, the user shall submit a power of attorney produced on the form in Annex 11 of the Enforcement Rules of the Personal Information Protection Act.

  4. The information subject’s right to request suspension of personal information access or processing may be limited pursuant to Article 35, Paragraph 5 and Article 37, Paragraph 2 of the Personal Information Protection Act.

  5. Correction or deletion of personal information may not be requested if such personal information is specified to be subject to collection in other laws or regulations.

  6. ADTREE performs verification of whether the requester of viewing, correcting or deleting personal information or suspending processing of such information is the information subject or his/her rightful agent.

5. Destruction of Personal Information

In principle, ADTREE shall destroy personal information without delay when the purpose of processing the personal information is achieved. The procedure, time, and method of destruction are as follows.

  1. Procedure of destruction
    The information entered by the user is transferred to a separate DB (separate documents in the case of data on paper) after achieving the purpose and is stored for a certain period of time or immediately destroyed according to the internal policy and other related statutes. Here, the personal information transferred to the DB shall not be used for any other purpose than what is required by the laws.

  2. Time of destruction
    Personal information of the user shall be destroyed within five days after the end date of the retention period or within five days after the date on which it is acknowledged that processing of such personal information is no longer necessary due to reasons such as fulfillment of the purpose of personal information processing, discontinuation of the service, closing of the business, etc.

  3. Method of destruction
    Information in the form of electronic files shall be destroyed by using a technical method that renders it impossible to reproduce the information.

6. Matters Concerning Installation, Operation, and Rejection of Automatic Personal Information Collection Devices

  1. ADTREE uses “cookies” to save and retrieve the usage information to provide the individually customized service.

  2. Cookies are a small amount of information that the server (http) used to run a website sends to the user's computer browser and are sometimes stored in the hard disk of the user's computer.
    1)  Purpose of using cookies: Cookies are used to provide optimized information to the user by identifying visits, usage types, search terms, and secure access status, etc. regarding the services and websites used by the user.
    2)  Installation, operation, and rejection of cookies: The user can refuse to save cookies through the web browser option setting. C. If the user refuses to save cookies, he/she may experience difficulties in using customized services.

7. Privacy Officers

  1. AB180 designates privacy officers to be in charge of handling personal information, dealing with complaints of the information subject related to personal information processing, and providing damage relief.

  2. The information subject can make inquiries to the privacy officers or the departments in charge regarding personal information protection, complaint handling, damage relief in using the service (or regarding business) of AB180. AB180 shall respond to and handle inquiries from the information subject without delay.

Classification
Name
Relevant Department
Email
Chief Information Security Officer / Data Protection Officer
junghoo Choi
Security & Privacy Division
[email protected]
 

8. Change in Privacy Policy

This Privacy Policy shall start to be effective on the enforcement date, and in case there is any addition, deletion, or correction of provisions in accordance with the relevant statutes and policies, the Company shall notify the details seven days before implementation of the change.

9. Measures to Ensure Safety of Personal Information

  1. Periodic self-audit
    In order to ensure safety in handling personal information, the Company conducts self-audit on a regular basis (once a quarter).

  2. Minimization and training of personnel handling personal information
    The Company designates persons who handle personal information and minimizes such personnel size by limiting assignment of such tasks to managers only.

  3. Establishment and implementation of internal management plan
    The Company establishes and implements internal management plans for safe handling of personal information.

  4. Technical measures against hacking, etc.
    To prevent personal information leak or damage caused by hacking, computer viruses, etc. the Company installs security programs, performs periodic updates and inspections, installs systems in areas where access from outside is restricted, and performs technical and physical monitoring and blocking.

  5. Encryption of personal information
    The Company encrypts the user's personal information for storage and management so that only the user can know the information and uses separate security functions for handling important data such as encrypting files and transmitted data and using file locking.

  6. Storage of access records and prevention of forgery and falsification
    The Company keeps and manages the access records in the personal information processing system for at least 2 years and uses security functions to prevent forgery, falsification, theft, and loss of the access records.

  7. Restriction on access to personal information
    The Company controls access to personal information by granting, modifying, and canceling access rights to the database system that processes personal information and blocks unauthorized access from outside using an intrusion prevention system.

  8. Blocking of unauthorized access
    The Company has a separate physical storage area for personal information and has an established access control procedure in operation for the area.

10. Request for Viewing Personal Information

  1. The information subject may request viewing of personal information pursuant to Article 35 of the Personal Information Protection Act to the following department. AB180 shall promptly process such a request for viewing personal information by the information subject.

    - Department: Security & Privacy Division
    - Person in charge: junghoo Choi
    - Contact: [email protected]

11. Remedies for Infringement on Rights of Information Subjects

The following are separate organizations from ADTREE , and if you are not satisfied with ADTREE 's handling of privacy complaints, damage relief results, etc. or need further assistance, you can contact these organizations.

Personal Information Infringement Report Center (operated by the Korea Internet and Security Agency)
1)  Services: Personal information infringement report, consultation (through application)
2)  Website: privacy.kisa.or.kr
3)  Phone: 118 (without area code)
4)  Address: 58324) Personal Information Infringement Report Center, 3F, 9, Jinheung-gil, Naju-si, Jeollanam-do, Republic of Korea

Personal Information Dispute Mediation Committee
1)  Services: Mediation of personal information disputes (through application) and collective disputes (civil resolution)
2)  Website: www.kopico.go.kr
3)  Phone: (without area code) 1833-6972
4)  Address: (03171) 4F, Central Government Complex, 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea

Cyber Crime Investigation Team of the Supreme Prosecutors' Office: 02-3480-3573 (www.spo.go.kr)
National Police Agency Cyber Bureau:182http://cyberbureau.police.go.kr