Privacy Policy

Deeping Source, Inc. (hereinafter referred to as the “Company”) legally processes and protects the personal information of the subjects in accordance with Article 30 of the Personal Information Protection Act (“PIPA”) and manages it safely. In order to ensure that grievances in this regard can be handled promptly and smoothly, we establish and disclose the Privacy Policy as follows.

Article 1 (Purpose of Processing Personal Information)

The Company processes personal information for the following purposes. The personal information processed in principle will not be used for any purpose other than the following purposes, and if the purpose of use is changed, the Company will take necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.

Article 2 (Processing and Retention Period of Personal Information)

The Company shall process and retain personal information within the period of retention and use of personal information in accordance with laws and regulations or within the period of retention and use of personal information agreed upon when collecting personal information from the information subject.

Article 3 (Personal Information Items Processed)

The Company processes the following personal information items

  1. Personal Information Processing Items
  1. Collection Methods

The Company collects personal information in the following ways

※ IP address, cookies, MAC address, mobile device information (app version, OS version), service usage history, visit history, bad usage history, etc. may be automatically generated and collected and used in the process of using the Company’s Service.

Article 4 (Destruction of Personal Information)

  1. The Company shall destroy the personal information without delay when the personal information becomes unnecessary, such as the lapse of the personal information retention period or the achievement of the purpose of processing.
  2. If the personal information must continue to be preserved in accordance with other laws and regulations even when the personal information retention period agreed to by the information subject has elapsed or the purpose of processing has been achieved, the personal information shall be transferred to a separate database (DB) or preserved in a different storage location.
  3. The Company is required to continue to retain personal information in accordance with other laws and regulations as follows:
  1. The procedures and methods for destroying personal information are as follows.

Article 5 (Consignment of Personal Information Processing)

  1. The Company consigns personal information processing tasks as follows for smooth personal information processing.
  1. When entering into an consignment contract, the Company specifies in documents such as contracts the prohibition of processing personal information other than for the purpose of performing the entrusted services, taking technical and administrative protection measures, restrictions on re-consignment, management supervision of the consignee, and responsibilities such as compensation for damages, and the Company also supervises whether the consignee processes personal information safely.

Article 6 (Overseas Transfer of Personal Information)

The Company transfers the personal information of the information subject to other business operators overseas as follows in order to provide smooth Service. If you do not want to transfer your personal information overseas, you can refuse by not agreeing to the collection, use, or provision of personal information to a third party, or by requesting the company to stop the overseas transfer, but if you refuse, you may not be able to use the Service.

Transferee (contact information
Country where the personal information is transferred
Transfer method/timing
Transferee’s purpose of use of personal information
Items of transferred personal information
Period of time of retention and use
Amazon Web Services, Inc.(
The United States
From time to time, as needed, over information and communication networks
Data storage
Same as Article 3 (Items of Personal Data Processed)
Same as Article 2 (Processing and retention period of personal information)

Article 7 (Rights of Users and Legal Representatives and Method of Exercise)

  1. The User may exercise the right to view, correct, delete, or suspend the processing of personal information at any time against the Company.

※ Requests for access to personal information about children under the age of 14 must be made directly by a legal representative, and information subjects who are minors over the age of 14 may exercise their rights regarding the personal information by themselves or through a legal representative.

  1. The exercise of rights may be made to the Company in writing, by e-mail, or by facsimile transmission (FAX) in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and the Company will take action without delay.
  2. The exercise of rights may also be made through an agent, such as the legal representative of the User or a person who has been delegated such right. In this case, the information subject must submit a power of attorney in the form of Attachment No. 11 to the “Notification on Personal Information Processing Method (No. 2020-7)”.
  3. Requests for access to personal information and suspension of processing may restrict the rights of the information subject pursuant to Article 35 (4) and Article 37 (2) of the Personal Information Protection Act.
  4. A request for correction and deletion of personal information cannot be made if the personal information is specified as the subject of collection in other laws.
  5. The Company shall verify that the person making the request, such as a request for access in accordance with the rights of the User, a request for correction or deletion, or a request for suspension of processing, is the person or a legitimate representative.

Article 8 (Measures to Ensure the Protection of Personal Information)

The Company takes the following measures to ensure the protection of personal information.

  1. Administrative measures: Establishment and implementation of internal management plans, regular employee training, etc.
  2. Technical measures: Management/limitation of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs, etc.
  3. Physical measures: Access control of computer rooms, data storage rooms, etc.

    Article 9 (Installation, Operation and Rejection of Cookies)

    1. The Company uses ‘cookies’ to store and retrieve user information to provide individualized services to users.
    2. Cookies are small amounts of information sent to the user’ computer browser by the server (HTTP) used to operate the Website and are also stored on the hard disk of the user’s computer.

    Article 10 (Personal Information Protection Manager)

    The Company is responsible for the processing of personal information in general, and designates a personal information protection manager as follows to handle complaints and damage relief of information subjects related to the processing of personal information.

    1. The person in charge of personal information protection
    2. Name: Kim Tae-Hoon
    3. Position: Representative
    4. Contact information:

    ※ It will be connected to the department in charge of personal information protection.The User may contact the personal information protection manager and the department in charge regarding the exercise of rights such as all personal information protection-related inquiries, complaints, damage relief, and requests for access to personal information that occurred while using the Company’s Service. The Company will respond to and handle inquiries from the User without delay.

    Article 11 (Remedies for Infringement of Rights and Interests of the User)

    The User may apply for relief, consultation, etc. for remedies against personal information infringement to the following organizations. Please contact the following organizations for reporting and counseling on other personal information infringement.

    1. Personal Information Infringement Report Center (operated by the Korea Internet and Security Agency)
    1. Personal Information Dispute Mediation Committee
    1. Cybercrime Investigation Division of the Supreme Prosecutors’ Office: 02-3480-3573 (
    2. National Police Agency Cyber Security Bureau : 182 (

    Article 12 (Enforcement and Change of Privacy Policy)

    1. This Privacy Policy are effective from July 17, 2023.