Terms of Service Content Creation Guide

DirtCarrot Privacy Policy

DirtCarrotLab (hereinafter "the Company") values users’ personal information and, in accordance with the Personal Information Protection Act and related laws, has established and publicly disclosed the following privacy policy to securely manage and protect personal data.

Purpose of Processing Personal Information

The Company processes personal information for the following purposes:

  1. Identifying members and providing services
  2. Preventing fraudulent use and managing records (Retention period: 2 years)
  3. Preventing duplicate social logins (Duplicate identification information: retained permanently)
  4. Providing personalized services and utilizing information for marketing

Personal Information Collected and Retention Period

Category Collected Items Retention and Use Period
Required Social login identifier code, Nickname 1 year after membership withdrawal
Optional Profile picture 30 days after membership withdrawal
Automatically Collected Service usage records, access logs, cookies, IP address, device information, connection timestamps, tokens, etc. 1 year after membership withdrawal

Provision of Personal Information to Third Parties

  1. The Company does not provide users’ personal information to third parties in principle. However, if a partnership is established, personal information may be provided after prior notice and obtaining consent.
  2. Currently, there are no partner companies receiving personal information.

Outsourcing of Personal Information Processing

  1. The Company may entrust personal information processing to external specialized service providers when necessary for service operation. Entrustment is conducted after prior notice and obtaining consent.
  2. Currently, there are no outsourced providers.

Rights of Data Subjects and How to Exercise Them

  1. Data subjects may request access to, correction of, deletion of, or suspension of processing of their personal information.
  2. Such rights can be exercised by editing member information or withdrawing membership via the My Page section within the app.
  3. The personal information of children under the age of 14 is not collected in principle, and registration is not possible without the consent of a legal guardian.

Procedures and Methods for Destroying Personal Information

  1. The Company will promptly destroy personal information when the retention period has expired or processing purposes have been achieved.
    1. Electronic files: Deleted using irreversible technical methods
    2. Paper documents: Shredded or incinerated

Measures to Ensure the Safety of Personal Information

The Company takes the following measures to protect personal information:

  1. Managing and minimizing access permissions
  2. Applying encryption technologies
  3. Installing security programs and conducting regular inspections
  4. Establishing internal management plans and conducting training

Installation, Operation, and Rejection of Cookies

  1. The Company provides personalized services by analyzing user access information and usage patterns through cookies.
  2. Cookies expire when the browser is closed or the user logs out. Cookies identify devices but do not personally identify individuals.
  3. Users can refuse or delete cookie storage through browser settings.
  4. How to configure cookie settings:
    1. Chrome: Settings > Privacy and security > Cookies and other site data
    2. Edge: Settings > Cookies and site permissions
    3. Safari: Settings > Privacy > Block all cookies

Personal Information Protection Officer and Contact for Access Requests

  1. Chief Security Officer (CPO)