Privacy Policy
Privacy Policy
Date of Notice: July 22, 2025
Effective Date: July 22, 2025
Stephow Co., Ltd. (hereinafter the “Company”) complies with the Personal Information Protection Act and all relevant privacy regulations and guidelines to ensure the safe protection of users’ personal information.
“Privacy Policy” means the guidelines that the Company must observe to protect users’ valuable personal information so that users can safely use the services.
This Privacy Policy applies to the Wissly AI services provided by the Company.
1. Collection of Personal Information
The Company collects only the minimum personal information necessary during the process of membership registration and service use.
Category | Items Collected | Purpose of Use |
|---|---|---|
Membership Registration | Email, password, name, contact information, company name, affiliation/department | Confirm membership intent, identify users, prevent duplicate registration, deliver notices, marketing use |
Account Recovery | ID recovery, password reset, identity verification | |
1:1 Inquiry | Email, company name, name, contact information | Customer support, error resolution |
Service Provision | Provide optimized services, notify of new services, service guidance tailored to user characteristics, usage statistics | |
Event Participation | Email, company name, contact person’s name, contact information | Event operation, winner announcement, prize delivery |
Service Contracts & Billing | Organization name, primary registrant’s name and mobile number, sub-user email accounts, proof of affiliation | Paid service use, tax invoice issuance |
Automatically Collected During Service Use | Service usage records, fraudulent usage records, visit time, access logs, cookies, IP address, device information (OS, screen size, device ID, phone model, device name) | Identity verification, service statistics, fraud prevention |
2. Methods of Collecting Personal Information
The Company notifies users and obtains consent before collecting personal information, except in cases permitted by law, such as:
When necessary to fulfill a contract with the data subject or take steps at the request of the data subject before entering into a contract.
When additional consent is obtained from the user for optional services or event participation.
Personal information may also be collected through:
Automatic generation during the use of PC web/app or mobile web/app (e.g., device information, IP address, cookies, logs).
User input through web pages for identity verification and personalized service use.
3. Provision of Personal Information to Third Parties
The Company does not provide personal information to third parties without separate consent from the user, unless required by law.
4. Entrustment of Personal Information Processing
The Company entrusts certain tasks to the following service providers:
Trustee | Entrusted Task | Retention Period |
|---|---|---|
AWS | IT system operation | Until membership withdrawal or end of contract |
Toss Payments | Purchase and payment (domestic) | Until membership withdrawal or end of contract |
ChannelTalk | Customer support, sales, and marketing | Until membership withdrawal or end of contract |
Login services | Until membership withdrawal or end of contract | |
Stibee | Email transmission | Until membership withdrawal or end of contract |
If there are changes to the entrusted tasks or service providers, the Company will disclose such changes without delay via this Privacy Policy.
5. Overseas Transfer of Personal Information
Recipient | Country | Time & Method | Items Transferred | Purpose & Retention Period |
|---|---|---|---|---|
Amazon Web Services, Inc. (Contact: aws-korea-privacy@amazon.com) | Japan (Tokyo region) | Transmitted via network upon membership registration | Personal information collected during service use | Service provision, until membership withdrawal or end of contract |
Users may refuse overseas transfers, but refusal may limit service availability.
6. Cookies and Automatic Collection Devices
Cookies are small text files sent by the server to the user’s browser to store usage preferences and visit records, enabling faster and more convenient website use. Cookies do not store personally identifiable information (e.g., name, phone number). Users may choose to disable cookie collection.
Cookie Settings:
Internet Explorer: Tools > Internet Options > Privacy > Settings
Chrome: Settings > Advanced > Privacy & Security > Content Settings > Cookies
7. Retention and Use Period of Personal Information
The Company destroys personal information without delay when the purpose of collection is achieved or retention expires.
To prevent abuse such as repeated membership withdrawal and re-registration or fraudulent use of another person’s name, the Company retains name, email, contact information, and company name for 6 months after withdrawal, and device ID/IP for 12 months.
In accordance with relevant laws, the Company may retain certain data in a separate database for the periods below:
Retained Information | Legal Basis | Retention Period |
|---|---|---|
Records of contracts or withdrawal | Act on Consumer Protection in Electronic Commerce | 5 years |
Records of payment and supply of goods | Same as above | 5 years |
Records of complaints or disputes | Same as above | 3 years |
Website visit logs | Communications Secrets Protection Act | 3 months |
Event participation records | User consent | During event prize transaction |
Inactive accounts (no login for 1 year) are converted to dormant accounts, and related data is securely separated.
8. Destruction of Personal Information
When retention expires or purposes are achieved, personal information is destroyed without delay.
Electronic data is permanently deleted using technical methods, and paper documents are shredded.
9. Users’ and Legal Representatives’ Rights
Users may request to access, correct, delete, or suspend processing of their personal information under the law.
While corrections are pending, the Company will not use or provide such information.
Users may withdraw consent or request membership withdrawal at any time.
These rights may also be exercised through a legal representative.
10. Security Measures
The Company applies the following measures to prevent loss, theft, leakage, alteration, or damage of personal information:
Technical Measures: Password protection, encryption, SSL, antivirus, firewalls, intrusion detection, vulnerability scanning.
Administrative Measures: Access limited to minimum personnel (customer support, privacy manager, necessary staff), regular audits, clear responsibility in HR processes.
Physical Measures: Access controls to offices and server rooms, restricted security zones, access logs.
The Company is not responsible for damages caused by user negligence or insufficient internet security.
11. Privacy Officer
For privacy-related inquiries, complaints, or suggestions, please contact:
Service | Person/Department | |
|---|---|---|
Wissly AI Service | Privacy Officer: Sungwook Hwang, CEO | ceo@stephow.me |
Wissly AI Service | Responsible Department: Jihyung Cha, CTO | cto@stephow.me |
External Authorities:
Personal Information Infringement Report Center: http://privacy.kisa.or.kr, 118
Supreme Prosecutors’ Office Cybercrime Investigation Division: http://www.spo.go.kr, 1301
National Police Agency Cyber Bureau: http://cyberbureau.police.go.kr, 182
12. Scope of Application
This Privacy Policy applies to Wissly AI services. If redirected to other websites through links, their respective policies apply, and users should review them separately.
13. Amendments to the Privacy Policy
The Company publishes this Privacy Policy on Wissly AI services for easy access.
If revised due to legal or service changes, updates will be posted, effective 7 days after posting.
For significant changes (e.g., collected items or purposes of use), the Company will notify at least 30 days in advance.
Previous versions of the Privacy Policy will remain accessible.