READINGTREE establishes and discloses this Privacy Policy to protect users' personal information and handle related concerns promptly and smoothly, in accordance with Article 30 of the Personal Information Protection Act.
Article 1 (Purpose of Personal Information Processing)
READINGTREE processes personal information for the following purposes. The collected personal information will not be used for purposes other than those listed below. If the purpose of use changes, consent will be obtained in accordance with Article 18 of the Personal Information Protection Act.
Membership registration and management
To confirm the user’s intent to register, and to manage and maintain membership.
Provision of goods or services
To provide services and content, and to handle payment and billing.
Marketing and advertising
For new service development, personalized services, event and promotional notifications, service effectiveness checks, frequency analysis, and usage statistics.
Article 2 (Processing and Retention Period of Personal Information)
1. READINGTREE processes and retains personal information within the retention and usage period agreed upon by the user or as required by law.
2. The retention periods for each type of information are as follows:
Membership registration and management
Retained from the consent date until the user withdraws or loses membership eligibility.
Basis: Act on Promotion of Information and Communications Network Utilization and Information Protection
Provision of goods or services
Retained until service is terminated and data is deleted without delay.
Basis: Act on Consumer Protection in Electronic Commerce
Related law: Records of credit information – 3 years
Marketing and advertising
Retained until service is terminated and data is deleted without delay.
Basis: Act on Promotion of Information and Communications Network Utilization and Information Protection
Article 3 (Items of Personal Information Processed)
1. READINGTREE processes the following personal information:
Required during sign-up: Login SNS identifier (provided by Apple or Google), profile name
Automatically collected during service use: Device info (model, OS), app settings, metadata, service usage records
When using paid services: Purchase history provided by open market operators
When handling complaints: Relevant and additional information needed for resolution
Article 4 (Provision of Personal Information to Third Parties)
1. READINGTREE processes personal information only within the scope of Article 1 and provides it to third parties only with consent or when legally required under Articles 17 and 18 of the Personal Information Protection Act.
2. READINGTREE does not currently share personal information with third parties.
Article 5 (Outsourcing of Personal Information Processing)
1. READINGTREE outsources the following tasks for efficient personal information processing:
Data processing related to service use
Outsourced to: Google Analytics, Google Cloud Platform (Firebase)
Purpose: Identity verification, development of new services, personalized services, event and promotional offers
Duration: Until membership withdrawal
2. In compliance with Article 26 of the Personal Information Protection Act, contracts prohibit misuse, specify technical/managerial protection, restrict re-outsourcing, and ensure supervisory and damage responsibilities.
3. Any changes to outsourcing partners or tasks will be disclosed via this policy without delay.
Article 6 (Destruction of Personal Information)
1. READINGTREE promptly destroys personal information when the retention period expires or the purpose is fulfilled.
2. If continued retention is required by law despite purpose fulfillment, data is moved to a separate database or stored differently.
3. Destruction methods:
Procedure: Identify and destroy data when the reason arises.
Method: Use irreversible technical methods for digital files.
Article 7 (Rights and Obligations of Data Subjects and Legal Representatives)
1. Data subjects may request access, correction, deletion, or suspension of their personal information at any time.
2. Requests can be made via written form, email, or fax per Article 41 of the Enforcement Decree of the Personal Information Protection Act.
3. Legal representatives may act on behalf of data subjects with proper documentation.
4. Access and processing suspension may be limited under Articles 35(4) and 37(2) of the Act.
5. Deletion cannot be requested where other laws require data collection.
6. READINGTREE verifies the identity or representation before processing requests.
Article 8 (Measures to Ensure Security of Personal Information)
READINGTREE implements the following security measures:
Access restrictions: Grant, modify, or delete database access rights; block unauthorized access using firewall systems.
Technical measures: Install and update security programs, place systems in controlled areas, monitor and block intrusions.
Article 9 (Remedies for Rights Infringement)
Data subjects may contact the following organizations for complaints or dispute resolution:
Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)