Privacy Policy

Effective Date: April 10, 2026

Article 1 (Purpose and Items of Personal Information Processing)

Baerae Co., Ltd. (hereinafter "Company") collects and processes users' personal information for the following purposes. Personal information being processed shall not be used for purposes other than those set forth below, and if the purpose of use changes, the Company will take necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

1. Member Registration and Management

목적: Identity verification, conclusion and performance of service agreements, prevention of fraudulent use

수집항목: Email address, social login identifier (Kakao, Google, Apple, etc.), phone number

2. Information Automatically Generated and Collected During Service Provision

목적: Maintaining and improving service quality, error analysis, security management

수집항목: Access date and time, access logs, service usage records, visit records, device information (OS, device model, app version, advertising identifier, IP address, cookies or similar identifiers), error logs, performance logs, push notification settings

3. Items Collected When Using the Digital Asset Inquiry Service

목적: Integration with digital asset exchanges and provision of asset status inquiry services

수집항목: Name of digital asset exchange

4. Marketing Purposes (Optional Collection)

목적: Providing information on events and promotions and offering benefits

수집항목: Marketing consent status, additional information collected upon event participation (subject to separate notice and consent)

Article 2 (Retention and Processing Period of Personal Information)

The Company processes and retains personal information within the retention and processing period stipulated by applicable law, or within the period consented to by the user at the time of collection.

② 각각의 개인정보 처리 및 보유기간은 다음과 같습니다.

  1. Information related to member registration and management: until membership withdrawal
  2. Automatically collected information from service provision: until membership withdrawal
  3. Information related to the digital asset inquiry service: until membership withdrawal
  4. Information related to marketing purposes: until the relevant event ends or membership withdrawal

In accordance with the Company's internal policies, the minimum amount of information necessary for the prevention of fraudulent use, security response, and dispute prevention may be stored separately for a certain period.

Article 3 (Provision of Personal Information to Third Parties)

As a principle, the Company does not provide users' personal information to external parties. However, the following cases are exceptions.

  1. Where the user has given separate prior consent
  2. Where there is a special provision in applicable law, or where there is a lawful request from an investigative authority, supervisory authority, or other relevant authority
  3. Where necessary for statistical compilation, academic research, or market research, and where the information is provided in a form that cannot identify a specific individual

Article 4 (Entrustment of Personal Information Processing)

The Company may entrust part of its personal information processing operations to external specialized firms for the smooth provision of services. In such cases, the Company takes necessary measures in accordance with applicable law.

The scope of entrusted operations and the entrusted parties may change, and any such changes will be communicated through this Policy or a separate notice.

Article 5 (Procedure and Method for Destruction of Personal Information)

When personal information becomes unnecessary due to the expiration of the retention period, achievement of the processing purpose, or similar reasons, the Company destroys the relevant personal information without delay.

Personal information in electronic file format is deleted using methods that prevent recovery or restoration, and personal information recorded or stored in paper documents is destroyed by shredding or incineration.

Article 6 (User Rights and How to Exercise Them)

Users may at any time request access to, correction of, deletion of, or suspension of processing of their personal information, and may withdraw consent previously given.

Users may request account unlinking, membership withdrawal, or withdrawal of marketing consent through the in-app settings, customer support center, or other methods guided by the Company.

However, immediate deletion or suspension of processing of certain information may be restricted in accordance with applicable law.

Article 7 (Measures to Ensure Security of Personal Information)

The Company takes administrative, technical, and physical measures to ensure the security of personal information.

The Company implements measures including access rights management, establishment of internal management plans, retention of access records, encryption, operation of security programs, and minimum access control for authorized personnel.

Article 8 (Installation and Operation of Automatic Data Collection Devices Such as Cookies)

The Company may use cookies or similar technologies to provide users with more convenient services. Users may refuse the storage of cookies through browser or device settings; however, in such cases, certain services may be restricted.

Article 9 (Data Protection Officer and Contact Information)

The Company has designated a Data Protection Officer to take overall responsibility for the handling of personal information processing matters, and to address user inquiries, complaints, and requests for remedies related to personal information.

  • 성명: Junghyun Kim
  • 직책: Data Protection Officer
  • 연락처: 010-4306-0030, privacy@baerae.com

Inquiries, complaints, and requests for remedies related to personal information may be submitted to the officer above.

Article 10 (Remedies for Infringement of Rights)

If you require relief or consultation regarding personal information infringement, you may contact the following organizations.

Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)

  • 홈페이지: privacy.kisa.or.kr
  • 전화: 118 (no area code)

Personal Information Dispute Mediation Committee

  • 홈페이지: www.kopico.go.kr
  • 전화: 1833-6972 (no area code)

Supreme Prosecutors' Office

  • 홈페이지: www.spo.go.kr
  • 전화: 1301 (no area code)

National Police Agency Cyber Investigation Bureau

  • 홈페이지: ecrm.cyber.go.kr
  • 전화: 182 (no area code)

Article 11 (Changes to the Privacy Policy)

When the Company amends this Privacy Policy, it will continuously disclose the timing of the changes and their effective date, as well as the amended content, and will publish a comparison of the before and after versions so that users can easily review the changes.

부칙

This Privacy Policy is effective from April 10, 2026.