Privacy Policy
Hood Company ('the Company') complies with the relevant laws and regulations of the Republic of Korea regarding the collection, use, and provision of personal information as an information and communications service provider. The Company actively protects users’ rights, including the right to control their own personal information.
1. Consent to the Collection of Personal Information
The Company may collect personal information from users through the following channels. When a user clicks the consent button within the service or saves information through account settings, the user is deemed to have consented to the collection of personal information.
- Website, mobile app, customer support center, email, phone, 1:1 inquiry, surveys, event participation
2. Personal Information Collected
Routineday
| Type | Collection Method | Items Collected | Purpose of Collection | Retention Period |
|---|---|---|---|---|
| Required | Account registration | Email, password or OAuth provider identifier | Account creation and management, service provision and improvement, support, marketing messages (only if consented) | Until account deletion |
Quotely
This service is available without account registration, and no account-related personal information is collected.
Common
The following information may be automatically generated and collected during service use:
- Service usage records, access logs, cookies, advertising identifiers (ADID/IDFA), device information, etc.
3. Purpose of Use of Personal Information
Service Provision and Payment Processing
Provision of content and services, payment and billing, delivery of goods or invoices, cross-device synchronization, identity verification for financial transactions, payment processing and settlement.
User Management
Identity verification, confirmation of membership intent, prevention of fraudulent use and unauthorized access, retention of records for dispute resolution.
Marketing and Advertising
Provision of event/promotion information, sending of advertising messages (phone, SMS, email, push notifications with consent), service and advertisement customization based on demographics, frequency analysis, statistical analysis of service usage.
4. Cookies for Web Service Operation
Cookies
Cookies are small text files sent to a user's browser when visiting a website and stored on the user’s device.
Purpose of Use
Cookies store user preferences to provide personalized and convenient services. Through cookies, the server maintains user settings and provides customized content. Cookies may also be used to provide optimized advertisements based on usage patterns and visit history.
Cookie Opt-out
Users may choose to allow or block cookies through their web browser settings under “Settings > Privacy > Cookies and other site data.” Blocking cookies may result in limitations in using certain login-required services.
5. Provision of Collected Personal Information
The Company does not provide personal information to third parties without the user’s prior consent, except in the following cases permitted by law:
- When requested by investigative or government agencies through lawful procedures
- When required by other applicable laws
6. Retention and Destruction of Personal Information
Personal information is destroyed without delay when a user withdraws their account or withdraws consent, or when the purpose of use has been fulfilled. However, certain information is retained for a specified period in accordance with relevant laws.
Retention Under Applicable Laws
| Data Retained | Legal Basis | Retention Period |
|---|---|---|
| Records of contracts or withdrawal of offers | Consumer Protection Act in Electronic Commerce | 5 years |
| Records of payments and supply of goods/services | Consumer Protection Act in Electronic Commerce | 5 years |
| Records of user complaints or dispute handling | Consumer Protection Act in Electronic Commerce | 3 years |
| Ledgers and evidence for all tax-related transactions | Basic National Tax Act | 5 years |
| Records of electronic financial transactions | Electronic Financial Transactions Act | 5 years |
| Service access logs | Protection of Communications Secrets Act | 3 months |
Retention Based on Internal Policy
| Data Retained | Reason | Retention Period |
|---|---|---|
| User identifiers, fraudulent use history, sanction details | Prevention of repeated misuse | 3 years |
7. Procedures and Methods of Destruction
When personal information is no longer required, the Company destroys the data as follows:
Destruction Procedure
- Information entered during subscription or service use is retained for a limited period based on internal policies and legal requirements, then permanently destroyed.
- Information is not used for any purpose other than those prescribed by law.
Destruction Method
- Electronic files are permanently deleted using technical methods that prevent recovery.
- Printed documents are shredded or incinerated.
8. Outsourcing of Personal Information Processing
The Company entrusts the processing of certain personal information to external specialized service providers for optimal service operation.
Domestic Processing Contractors
| Contractor | Purpose of Processing | Retention Period |
|---|---|---|
| AWS | Server operation for service delivery | Until account deletion, service termination, or contract termination |
Overseas Processing Contractors
| Contractor | Contact | Country | Transfer Time & Method | Purpose of Use | Retention Period |
|---|---|---|---|---|---|
| Amplitude | privacy@amplitude.com | USA | Transferred via network during use | Analytics and usage statistics | Until account deletion |
| Sentry | security@sentry.io | USA | Transferred via network during use | Error monitoring, service stability | Until account deletion |
| privacy@google.com | USA | Transferred via network during use | Authentication, analytics, ads | Until account deletion |
9. Rights and Obligations of Users
Users may request access, correction, deletion, or suspension of processing of their personal information at any time. Requests may be made through email or customer support channels, and the Company will respond promptly. However, if specific data is legally required to be retained, deletion may not be possible.
10. Technical and Administrative Measures for Personal Information Protection
Protection Against Hacking
The Company uses best practices to protect personal information from hacking, computer viruses, and unauthorized access. Encryption and secure transmission methods are applied to prevent leakage or damage.
Minimization and Training of Personnel
Only authorized personnel are granted access to personal information. Access is controlled through individual credentials, which are regularly updated. Ongoing training is conducted to ensure compliance with privacy regulations.
Efforts for Enhanced Protection
The Company reviews the implementation of its privacy policy and internal guidelines. If issues are identified, corrective actions are taken immediately. The Company is not responsible for issues caused by a user’s negligence or causes not attributable to the Company.
11. Other Information
-
Users may submit complaints or inquiries regarding personal information to the Company’s designated privacy officers. The Company will respond promptly and sufficiently.
- Department: Customer Support Team
- Name: Dongmin Seo
- Email: contact@hood.am
-
Users may also contact the following organizations for further assistance:
- Personal Information Dispute Mediation Committee: kopico.go.kr
- Personal Information Infringement Report Center: privacy.kisa.or.kr
- Supreme Prosecutors’ Office: spo.go.kr
- National Police Agency: ecrm.cyber.go.kr/minwon/main
12. Duty of Notification
This policy may be revised from time to time. Changes will be announced on this page. For significant changes affecting user rights, the Company will provide notice at least 30 days in advance and may request renewed consent if necessary.
Effective Date: October 12, 2025