# Privacy Policy **DOTE** (hereinafter referred to as the "Company") establishes the following policy to protect users' personal information in accordance with the "Personal Information Protection Act." This policy takes effect from January 22, 2025. --- ## 1. Purpose of Collecting and Using Personal Information The Company collects and uses personal information for the following purposes. The collected personal information will not be used for purposes other than those specified below. If the purpose of use changes, prior consent will be obtained. - **Membership Registration and Management** Personal information is processed to confirm membership intent, verify identity, and manage membership status. - **Service Provision** Personal information is processed to provide content, customized services, and authentication. - **Customer Support and Complaint Handling** Personal information is processed to respond to customer inquiries and resolve issues. --- ## 2. Collected Personal Information The Company collects the following personal information: ### 1. Required Information - Name, email, contact information, password, location Information etc. ### [Terms of Collection and Use of Location Information for Photo Capture and Travel Records] This service collects and uses users' GPS location information for the following purposes: - Record and display GPS coordinates on maps when taking photos - While the app is running, location data is stored on the user’s device at intervals of 10–60 seconds when a travel log is registered. The stored location data is transmitted to the server upon completion of the travel log to provide a location-based travel recording service. #### 1. Retention and Use Period of Location Information - GPS location information stored with captured photos is retained until the user deletes the corresponding photo. Once the photo is deleted, the location information is also immediately erased. - Location data stored locally in the app is transmitted to the server upon travel log completion. Once transferred, the location data is retained until the user deletes the travel log. When the travel log is deleted, the location data is also immediately erased. #### 2. Provision and Sharing of Location Information This service does not provide or share users’ location information with third parties without explicit consent. However, exceptions may apply if required by law or upon request from investigative agencies. #### 3. Consent and Withdrawal of Location Information Collection Users may withdraw their consent for location information collection and usage at any time. However, refusal to consent will make it impossible to use the service. #### 4. Protection and Management of Location Information The service takes necessary protective measures in compliance with relevant laws to ensure the secure management of users' location information. Technical and administrative safeguards are in place to prevent misuse, loss, theft, leakage, alteration, or damage of location data. ### 2. Optional Information - Connection logs, cookies, IP addresses, etc., generated during service usage. --- ## 3. Retention and Use Period of Personal Information The Company processes personal information within the retention and use period specified by law or agreed upon by users at the time of collection. - **Member Information**: Deleted immediately upon membership withdrawal. - **Retention under Relevant Laws**: - Records on contracts or withdrawal of offers: **5 years** - Records on electronic financial transactions: **5 years** - Records on consumer complaints or disputes: **3 years** --- ## 4. Provision of Personal Information to Third Parties The Company does not provide users' personal information to external parties by default. However, exceptions apply in the following cases: - If the user has given prior consent. - If required by law. --- ## 5. Entrustment of Personal Information Processing The Company entrusts the processing of personal information as follows: - **Entrusted Party**: [Company Name] - **Entrusted Task**: [Task Description] --- ## 6. Procedures and Methods for Destroying Personal Information The Company promptly destroys personal information when the retention period expires or when it is no longer necessary. - **Destruction Procedure**: Unnecessary personal information is deleted following internal policies and legal requirements. - **Destruction Methods**: Electronic files are permanently deleted using technical methods, and paper documents are shredded. --- ## 7. Measures to Ensure the Security of Personal Information The Company takes the following security measures to protect personal information: - **Administrative Measures**: Establishment of internal management policies, employee training, etc. - **Technical Measures**: Access control for personal information processing systems, encryption, etc. - **Physical Measures**: Access control to data storage rooms, etc. --- ## 8. Personal Information Protection Officer The Company designates a personal information protection officer responsible for overall management and handling complaints or damage relief. - **Personal Information Protection Officer**: [Name] - **Position**: [Title] - **Contact Information**: [Phone Number], [Email] --- ## 9. Users’ Rights and How to Exercise Them Users have the following rights regarding their personal information: 1. Request to access personal information. 2. Request for correction if there are errors. 3. Request for deletion. 4. Request to stop processing. These rights can be exercised via written request, email, etc., and the Company will promptly take action. --- ## 10. Changes to the Privacy Policy This Privacy Policy takes effect from the enforcement date, and any modifications due to legal amendments or internal policy changes will be announced at least seven days before implementation through notifications. --- ## Supplementary Provisions This policy takes effect on **January 22, 2025**.