Privacy Policy

SKAI Intelligence Inc. (hereinafter referred to as "SKAI Intelligence" or the Company) collects only the minimum necessary personal data required for service use. The Company informs users of the data collection process and obtains their consent at the time of processing personal data. Certain data, such as IP addresses, visit timestamps, cookies, service usage records, and system environment information (e.g., operating system, browser), may be automatically generated and collected during service use.

When Submitting Inquiries:

· Collected Data: (Required) Company name, department, name, email, mobile phone number

· Purpose of Collection: Processing inquiries

· Retention Period: Until consent is withdrawn (except for data retained as required by relevant laws)

When Downloading Documents or Products:

· Collected Data: (Required) Company name, department, name, email, mobile phone number

· Purpose of Collection: Processing downloads

· Retention Period: Until consent is withdrawn (except for data retained as required by relevant laws)

When Participating in Events or Promotions:

· Collected Data: (Required) Company name, department, name, email, mobile phone number

· Purpose of Collection: Event and promotion management

· Retention Period: Immediately deleted upon completion of the event or promotion (except for data retained as required by relevant laws)

To enhance service quality, the Company may delegate personal data processing to third parties. In compliance with applicable laws, the Company ensures that necessary measures are in place for secure data management in outsourcing agreements and monitors the safety of personal data handling by subcontractors.

Delegated Services:

· Formspree: CRM system operation for user data management, web service operation and management

· Stibee: CRM system operation for user data management, inquiry system management

· Café24: Storage of user data and system operation data

In accordance with Article 28-8(1) of the Personal Information Protection Act, the Company transfers personal data abroad. If a user does not wish for their data to be transferred internationally, they may request discontinuation of the transfer through the Data Protection Officer or the responsible department. However, if you refuse the cross-border transfer, your ability to use the service may be restricted.

· Recipient: HubSpot Inc.

· Destination Country: United States

· Data Protection Officer Contact: Hubspot Inc, https://preferences.hubspot.com/privacy (opens in new window)

· Transfer Method & Timing: Transmitted via network when the user accesses the service

· Transferred Data: Name, contact information, email, vision-related information, purchase-related information, inquiry details

· Purpose of Transfer: CRM system operation for user data management and inquiry processing, technical support for the CRM system

· Retention & Usage Period: Stored until user account deletion or service termination, after which the data will be promptly deleted

The Company promptly disposes of personal data once the purpose of its collection and use has been fulfilled. The procedure is as follows.

· Disposal Procedure: Personal data is transferred to a separate database (or a physical storage file for printed documents) and retained for a designated period in accordance with internal policies and relevant laws before being permanently deleted. Data moved to a separate database will not be used for any purpose unless required by law.

· Disposal Methods: Printed personal data is shredded or incinerated. Electronic files containing personal data are permanently deleted using irreversible technical methods.

While using the Company's services, additional information may be collected and stored through cookies and similar tracking technologies. A cookie is a small text file sent by a server operating a website to a user's browser and stored on the user's hard drive.

1. Purpose of Cookies and Similar Technologies

Cookies and similar technologies analyze the access frequency, visit duration, and total visit count of both members and non-members, and utilize 'sessions' to provide users with a faster web experience.

2. Cookie Management and Opt-Out Options

Users have the right to choose whether to allow cookies. Accordingly, they can configure their web browser settings to allow all cookies, receive a prompt each time a cookie is stored, or reject all cookies. However, if users choose to reject cookies, they may experience difficulties in accessing certain services. (The configuration methods are as follows.)

· Edge: Settings menu (top right) > Cookies and site permissions

· Chrome: Settings > Privacy and security > Site settings > Cookies and site data

· Firefox: Options > Privacy & Security > Cookies and Site Data

· Safari: Preferences > Privacy > Manage Website Data

· Internet Explorer: Tools > Internet Options > Privacy > Advanced

The Company takes the following technical measures to ensure the security of users' personal data and to prevent loss, theft, leakage, alteration, or damage.

1. Establishment and Implementation of an Internal Personal Data Management Plan The Company establishes and enforces an 'internal personal data management plan' in accordance with the 'Personal Data Security Measures Standards'.

2. Minimization of Authorized Personnel and Employee Training The number of personnel authorized to handle personal data is minimized, and regular training sessions are conducted to enhance security awareness.

3. Access Controls Access rights to database systems handling personal data are managed to restrict unauthorized access both internally and externally.

4. Retention and Prevention of Tampering with Access Logs Records of access to personal data processing systems (access logs) are maintained in compliance with legal requirements, and security measures are implemented to control and prevent unauthorized alteration or forgery of access records.

5. Encryption of Personal Data Sensitive personal data is encrypted during storage and transmission to enhance security and prevent unauthorized access.

6. Installation and Regular Updates of Security Programs Security programs are installed and periodically updated and inspected to prevent data breaches caused by hacking, computer viruses, or other cyber threats.

7. Access Control to Restricted Data Storage Areas Locations where personal data is stored are designated as restricted access zones, with physical access strictly controlled to prevent unauthorized entry.

The Company assumes overall responsibility for the processing of personal data and has designated the following Personal Data Protection Officer and Personal Data Management Representative to handle inquiries, complaints, and requests for remedies related to personal data processing.

Data Protection Officer

· Department: GEN-AI AE TEAM

· Position: Team Leader

· Name: Danny Jo

· Email: danny@skaiintelligence.co.kr

Data Management Department

· Department: GEN-AI AE TEAM

· Position: Manager

· Name: Hyunsoo Moon

· Email: moonhs@skaiintelligence.co.kr

1. Data subjects have the right to request access, correction, deletion, restriction of processing, withdrawal of consent, and may also object to automated decision-making or request an explanation regarding such decisions (hereinafter referred to as "exercise of rights").

2. The exercise of rights may be conducted through written requests, email, fax, or other official means as prescribed under Article 41(1) of the Enforcement Decree of the Personal Information Protection Act. The Company will promptly process such requests.

3. A data subject's legal representative or a delegated proxy may also exercise these rights on behalf of the data subject. In this case, a power of attorney must be submitted using the format specified in Annex No. 11 of the Public Notice on Personal Data Processing Methods.

4. A data subject's right to request access or restriction of processing may be limited under Articles 35(4) and 37(2) of the Personal Information Protection Act.

5. If personal data is explicitly designated for collection under other laws, the data subject cannot request its deletion.

6. If the data subject has previously consented to automated decision-making or has been notified in advance through a contract, they cannot refuse the automated decision but may still request an explanation or review of the decision.

7. The Company verifies the identity of the individual or their authorized representative before processing any request to exercise rights.

Data subjects may request access to their personal data in accordance with Article 35 of the Personal Information Protection Act by contacting the designated department below. SKAI Intelligence will make every effort to process such requests promptly and efficiently.

· Department: Marketing Communications Team (For SKAI Intelligence content downloaders and newsletter subscribers)

· Scope: Customers submitting inquiries

· Department: GEN-AI AE TEAM

· Position: Team Leader

· Name: Danny Jo

· Email: danny@skaiintelligence.co.kr

If a data subject has any concerns or complaints regarding the protection of their personal data while using the Company's services, they may report the issue to the Personal Data Protection Officer or the Personal Data Management Representative. The Company will respond promptly and appropriately. If further consultation is required, data subjects may also contact the following external agencies for assistance:

· KISA Privacy Infringement Center (privacy.kisa.or.kr (opens in new window) / Dial 118)

· Supreme Prosecutor's Office Cybercrime Division (www.spo.go.kr (opens in new window) / Dial 1301)

· National Police Agency Cyber Bureau (cyberbureau.police.go.kr (opens in new window) / Dial 182)

This Privacy Policy may be amended as necessary due to changes in legislation, government policies, or the Company's internal policies. Any modifications, additions, or deletions will be announced via the Company's official website.

Effective Date of this Privacy Policy: February 24, 2025