Privacy/Data Policy
inline AI (Inline AI) transactions and the handling of all responsibilities, content viewing, exchanges, refunds, complaints, etc., are managed by Elements Co., Ltd. For further inquiries, please contact contact@elements.im.
Elements Co., Ltd. (hereinafter referred to as the "Company") complies with the information and communication network use promotion laws, personal information protection laws, protection of communication secrets laws, telecommunications business laws and other laws related to personal information protection that information and communication service providers must adhere to, with regards to the inline AI (Inline AI) service (hereinafter referred to as the "Service") provided by the "Company." They hereby establish a privacy policy based on the relevant laws to make every effort to protect the rights and interests of all individuals using the "Service," both members and non-members (hereinafter referred to as "Users"). Additionally, the Company publicly discloses its privacy policy on websites and applications for easy access at any time.
1. Purpose of Collection and Use of Personal Information
The "Company" utilizes the collected personal information for the following purposes:
Matters concerning membership registration and communication: Verification of member identity, prevention of illegal subscriptions, confirmation of membership intent, age verification, grievance consultation and processing, notifications, etc.
Matters concerning service provision: Payment, use of individual services, issuance of cash receipts, authentication during financial transactions, etc.
Matters concerning events and marketing, data surveys: Delivery of promotional information, statistical surveys on service usage, etc.
Provision of other services, etc.
2. Categories and Methods of Collecting Personal Information
Mandatory information when registering via SNS-linked accounts (Kakao):
Login information identifier, mobile phone number, Kakao account email
In the course of using the service, information such as the following may be automatically generated and collected:
Connection environment and device information (browser, OS, screen size, device ID), IP address, cookies, visit date and time, records of unauthorized use, service usage records, etc. may be automatically generated and collected.
In the course of using paid services, the following payment information may be collected:
During credit card payment: Mobile phone number, card company name, card number, etc.
During mobile phone payment: Mobile phone number, telecom company, payment approval number, etc.
During account transfer: Mobile phone number, bank name, account number, etc.
During direct bank deposit: Mobile phone number, bank name, account information, contact details, etc.
When using other payment methods: Mobile phone number, contact information, email, payment information, etc.
During refund processing: Mobile phone number, bank for account, account number, account holder's name, email
During the issuance of cash receipts: Mobile phone number, cash receipt card number
The "Company" uses the personal information of users only within the scope and purpose disclosed in "1. Purpose of Collection and Use of Personal Information" and "2. Categories and Methods of Collecting Personal Information," and does not exceed these limits or disclose personal information to external parties without prior consent from the "User."
However, exceptions are made in the following cases:
When the "User" has given prior consent
When statistically necessary for the preparation of statistics, academic research, or market research and when provided in a form where specific individuals cannot be identified
When reasons related to the transfer or merger of business occur (However, if such reasons arise, the Company will notify users in advance as per the procedures and methods stipulated by applicable laws and will grant users the right to revoke their consent to the transfer of personal information.)
In cases where there are special legal regulations
3. Retention and Use Period of Personal Information
The personal information of users, in principle, is destroyed without delay when the purpose of collection and use of personal information is achieved. However, the following information is retained for the specified period due to the reasons below.
Reasons for information retention according to internal company policy
Reason for retaining records of fraudulent use: Prevention of unauthorized use
Retention period: 1 year
Reasons for information retention according to relevant legislation
Records related to contract or withdrawal of subscription
Retention basis: Law concerning consumer protection in e-commerce, etc.
Retention period: Up to 5 years
Records related to payment and supply of goods, etc.
Retention basis: Law concerning consumer protection in e-commerce, etc.
Retention period: Up to 5 years
Records related to electronic financial transactions
Retention basis: Law on electronic financial transactions
Retention period: Up to 5 years
Records related to consumer complaints or dispute resolution
Retention basis: Law concerning consumer protection in e-commerce, etc.
Retention period: Up to 3 years
4. File Data Storage and Processing Methods
All file data imported by the “User” into the “Service” is utilized on the server only as needed and is not permanently stored on the “Company's” server. The “Company” manages the “User's” file data in the following specific manner:
Namespace Separation
All file data of each “User” is stored within their own namespace.
Access to each namespace is restricted to its owner, and data is not shared between namespaces.
Data Random Obfuscation
All file data is stored in a form of random text blocks that are obfuscated (unreadable).
The obfuscated random text is used solely for deducing responses to the “User's” requests, and the text within the files themselves is not stored as data.
Therefore, there is no risk of any personal or sensitive information being leaked externally.
Zero Data Retention
The “Company” has entered into a Zero data retention agreement with AI model suppliers such as OpenAI and Anthropic, ensuring no document/file records are retained.
All AI systems operate in data centers based in the Eastern United States and Seoul, South Korea.
No suppliers from other regions, particularly from Greater China, are used.
5. Personal Information Destruction Procedure and Method
The personal information of "Users" is, in principle, destroyed without delay once the purpose of collection and use of the personal information has been achieved. The procedures and methods of personal information destruction by the "Company" are as follows.
Destruction Procedure
Information entered by "Users" for purposes like membership registration is transferred to a separate database and destroyed following internal policies and other relevant laws (refer to the retention and usage period) for information protection reasons.
Destruction Method
Personal information stored in electronic file form is deleted using technical methods that make the records irrecoverable.
6. User Rights and How to Exercise Them
Method for Deleting Local File Data
"Users" can delete file data within the "Service" by uninstalling the "Service" from their local computer at any time.
"Users" can individually delete files within the "Service" at any time.
Since this is no different from deleting files on the user's local computer, deletion can be done at the user's convenience at any time.
In the Case of Membership Withdrawal
The "Company" deletes all forms of data immediately upon a "User's" withdrawal.
7. Installation/Operation and Rejection of Automated Personal Information Collection Devices
In handling personal information of "Users," the "Company" is taking technical and managerial measures to secure safety by preventing personal information from being lost, stolen, leaked, altered, or damaged.
Password Encryption
Service member account IDs and passwords are stored and managed in an encrypted form, known only to the individual member, and the confirmation and modification of personal information are possible only by the individual who knows the password.
Measures Against Hacking, etc.
The "Company" makes every effort to prevent the personal information of members from being leaked or damaged due to hacking or computer viruses.
We back up data frequently in preparation for personal information damage, use the latest antivirus programs to prevent leakage or damage of users' personal information or data, and ensure that personal information is safely transmitted over the network through encrypted communications.
Furthermore, we control unauthorized access from outside using an intrusion prevention system and strive to equip all possible technical devices to ensure security systemically.
Minimizing and Training Handling Staff
The "Company" restricts personal information handling staff to a minimum of responsible personnel, assigns separate passwords that are regularly updated, and constantly emphasizes compliance with the "Company's" personal information handling policy through continuous education of staff.
Operation of Dedicated Personal Information Protection Organization
We are also working to immediately correct and rectify any issues found through the dedicated internal personal information protection organization to check compliance with and implementation of the "Company's" personal information handling policy by responsible personnel.
However, the "Company" bears no responsibility for issues arising from the user's own negligence or problems on the internet leading to the leakage of personal information such as ID, password, resident registration number, etc.
8. Technical/Managerial Protection Measures for Personal Information
Contact Information for the Person Responsible for Personal Information Management
"Users" may report all privacy-related complaints incurred while using the company's services to the person responsible for the management of personal information or the relevant department.
The "Company" will swiftly and sufficiently respond to the reports of "Users."
Person Responsible for Personal Information Management
Name: Juwon Song
Position: CTO
Company: Elements Inc.
Phone: 070-4138-4000
Email: contact@elements.im
For further reports or consultations regarding personal information infringement, please contact the agencies below.
Personal Information Infringement Report Center: 118 (no area code) (http://privacy.kisa.or.kr)
Personal Information Dispute Mediation Committee: 1833-6972 (http://kopico.go.kr)
Supreme Prosecutors' Office Cyber Investigation Division: 1301 (no area code), cid@spo.go.kr (http://spo.go.kr)
National Police Agency Cyber Safety Bureau: 182 (no area code) (http://cyberbureau.police.go.kr)
Other
Please note that "inline AI (Inline AI) Privacy Policy" does not apply to activities of collecting personal information by websites linked to the Company.
Duty of Notification
If there are any additions, deletions, or modifications to the current privacy policy, they will be notified at least 7 days prior to the revision through the website's "Announcements." However, in the case of significant changes to user rights such as collection and use of personal information and provision to third parties, notifications will be made at least 30 days in advance.