Privacy Policy
Effective date: June 4, 2026 (revised: removed undeployed PostHog item — behavior analysis consolidated into first-party analytics)
1. Personal Information Collected and Collection Methods
Seosa (the "Service") collects the following personal information to provide the Service.
- Required items: email address, name (nickname), profile image (information provided when linking a Google account)
- Automatically collected items: service usage records, access logs, access IP, cookies, device information (browser type, OS), screen resolution, error logs (including error messages, stack traces, originating URLs, and immediately preceding user action history; body text input areas are masked).
Collection method: automatically collected during social login via Google OAuth 2.0
2. Purpose of Collection and Use
- Member identification and confirmation of registration intent
- Service provision and content management
- Credit billing and payment record management
- Service improvement and new feature development
- Service error detection and stability improvement (self-hosted server error monitoring)
- Service usage statistics analysis and marketing performance measurement (Google Analytics)
- Service quality improvement through analysis of usage records and payment conversion (first-party analytics)
- Customer inquiry and complaint handling
3. Retention and Use Period
Personal information is destroyed immediately upon membership withdrawal. However, where retention is required by applicable law, it is retained for the relevant period.
- E-commerce records: 5 years
- Access logs: 3 months
- Error logs (error fingerprint, stack traces): 90 days
4. Provision to Third Parties
Seosa does not provide personal information to third parties without the user's consent, except where requested under applicable law.
5. Outsourcing of Personal Information Processing
5-1. Processors
- Google Cloud Platform (Cloud Run, Singapore): service infrastructure operation and self-hosted error monitoring — error messages, stack traces, originating URLs, and browser information are stored on our own instance (destroyed after 90 days)
- Supabase: database hosting
- OpenAI / Google AI: AI content generation processing (text entered by the user may be transmitted to AI models)
- Google (Google Analytics / GTM): service usage statistics analysis and marketing performance measurement
- Polar (Polar Software Inc., USA): payment processing and tax Merchant of Record — upon purchase, email, name, payment method information, and IP are transmitted to Polar
5-2. Cross-Border Transfer of Personal Information (PIPA §28-8)
For service provision, personal information is transferred overseas as follows.
| Recipient | Country | Items Transferred | Purpose | Retention / Use Period |
|---|---|---|---|---|
| Google LLC (Cloud Run) | Singapore | Email, name, IP, cookies, device information, usage records, error logs (error messages, stack traces, originating URLs, browser information) | Service infrastructure operation and error monitoring | Until membership withdrawal / error logs for 90 days |
| Supabase Inc. | Singapore | Email, name, profile image, registration date, usage records, payment history, created content, error fingerprint | Database hosting | Until membership withdrawal (or the legally required retention period) |
| Polar Software Inc. | USA | Email, name, payment method information, IP, country | Payment processing and Merchant of Record tax filing | Per Polar's privacy policy (transaction records retained for 5 years under E-Commerce Act §6) |
| OpenAI, L.L.C. | USA | Input text | AI content generation | Per OpenAI's policy |
| Google LLC | USA | Input text, usage statistics | AI content generation, analytics | Per Google's policy |
If you do not wish your information to be transferred overseas, you may discontinue use of the Service by withdrawing your membership.
6. User Rights and How to Exercise Them
Users may at any time request access to, correction of, deletion of, or suspension of processing of their personal information. You may request deletion of your personal information by withdrawing your membership.
7. Use of Cookies and Tracking Technologies
Seosa uses cookies and similar tracking technologies for the following purposes.
- Essential cookies: cookies strictly necessary for service operation, such as maintaining login sessions
- Analytics cookies: collection of service usage statistics via Google Analytics
- Functional cookies: storing user settings (theme, etc.)
You may refuse cookie storage through your browser settings; however, blocking essential cookies may limit your use of the Service.
8. Measures to Ensure the Security of Personal Information
- Encrypted transmission of personal information (HTTPS/TLS)
- Access privilege management and restriction
- Regular security reviews
9. Privacy Officer and Business Information
The business operating the Service and the privacy officer are as follows. For privacy-related inquiries, please contact us using the details below.
- Company: 더블제이스튜디오
- Representative / Privacy Officer: 이우진
- Business Registration Number: 116-30-02197
- Address: 서울특별시 강동구 성내로6가길 118, 501호
- Email: doublejstudio21@gmail.com
- Phone: 010-4022-3794
10. Changes to This Privacy Policy
This policy applies from its effective date, and any changes will be announced within the Service. This English version is a translation provided for convenience; in the event of any conflict with the Korean version, the Korean version prevails.