BlogImage.io Privacy Policy

1. Items Collected: The Company collects the following personal information for membership registration and service provision:

• Essential items: Email address

2. Collection Method: Information is collected when the member provides it during service membership registration.

3. The Company does not store or collect any user-generated content, such as photos or image data processed by the member through the Service, on its servers. All image processing is performed locally on the member's device.

The Company uses the collected personal information for the following purposes:

1. Member Management: User identification for membership services, confirmation of intent to join, age verification (if necessary), complaint handling and other civil ২৮service, delivery of important notices.

2. Service Provision: Provision of content, provision of paid services such as the Pro Plan and payment processing, provision of service environment based on account information.

3. Customer Inquiries: Confirmation and response to member inquiries.

1. The Company processes and retains personal information within the personal information retention and use period agreed to by the information subject when collecting personal information or within the period stipulated by law.

2. In principle, after the purpose of collecting and using personal information is achieved, the information is destroyed without delay. However, even upon membership withdrawal, the following information is retained for the period specified for the reasons below:

• Items Retained: Email address
• Basis for Retention: Prevention of re-registration by delinquent users, cooperation in investigations and disputes regarding defamation or infringement of rights.
• Retention Period: 1 year after membership withdrawal

3. If it is necessary to retain member information pursuant to the provisions of other relevant laws, the Company shall retain member information for a certain period prescribed by the relevant laws as follows:

• Records on contracts or withdrawal of offers, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
• Records on payment and supply of goods, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
• Records on consumer complaints or dispute resolution: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)
• Login records: 3 months (Protection of Communications Secrets Act)

1. The Company shall destroy the personal information without delay when the personal information becomes unnecessary, such as the expiration of the personal information retention period or achievement of the processing purpose.

2. If personal information must be continuously retained pursuant to other laws despite the expiration of the personal information retention period agreed to by the information subject or the achievement of the processing purpose, the personal information shall be transferred to a separate database (DB) or stored in a different storage location.

3. The procedure and method for destroying personal information are as follows:

• Destruction Procedure: The Company selects the personal information for which a reason for destruction has occurred and destroys the personal information with the approval of the Company's personal information protection officer.
• Destruction Method: Personal information recorded and stored in electronic file format is deleted using a technical method that makes it impossible to reproduce the record, and personal information printed on paper is shredded with a shredder or incinerated.

1. In principle, the Company does not provide personal information to external parties without the consent of the information subject. However, the following cases are exceptions:

• When separate consent has been obtained from the information subject.
• When there is a request from an investigative agency pursuant to the provisions of laws or for investigative purposes according to the procedures and methods prescribed by law.

2. The Company entrusts the handling of personal information to an external specialized company for smooth service provision and payment processing as follows:

• Entrusted Company: Paddle.com Market Ltd (hereinafter 'Paddle')
• Purpose of Entrustment: Processing Pro Plan payments, subscription management, and related customer support.
• Personal Information Provided: Email address (for Paddle's service provision and customer identification purposes).
• Retention and Use Period: Until membership withdrawal or termination of the entrustment agreement (however, if required to be retained by relevant laws, it will be retained for the period specified).

3. When concluding an entrustment agreement, the Company specifies matters concerning responsibilities such as prohibition of personal information processing beyond the purpose of entrustment, technical and managerial protective measures, restriction of re-entrustment, management and supervision of the entrusted company, and compensation for damages in documents such as contracts in accordance with Article 26 of the Personal Information Protection Act, and supervises whether the entrusted company handles personal information safely.

4. If the content of the entrusted work or the entrusted company changes, we will disclose it through this Privacy Policy without delay.

5. The Company does not directly collect or store sensitive payment information such as credit card details; all payment information is processed through Paddle's secure system.

1. The information subject may exercise rights such as requesting access, correction, deletion, or suspension of processing of personal information from the Company at any time.

2. The exercise of rights pursuant to Paragraph 1 may be made to the Company in writing, by e-mail, or by facsimile (FAX) in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and the Company shall take action thereon without delay.

3. The exercise of rights pursuant to Paragraph 1 may be done through an agent, such as a legal representative of the information subject or a person delegated by the information subject. In this case, a power of attorney in accordance with Appendix No. 11 of the 'Notification on Personal Information Processing Methods (No. 2020-7)' must be submitted.

4. Requests for access to and suspension of processing of personal information may be restricted pursuant to Article 35, Paragraph 4 and Article 37, Paragraph 2 of the Personal Information Protection Act.

5. Requests for correction and deletion of personal information cannot be made if the personal information is specified as an object of collection in other laws.

6. The Company verifies whether the person making a request for access, correction/deletion, or suspension of processing according to the rights of the information subject is the principal or a legitimate agent.

1. The Company uses 'cookies' that store and frequently retrieve usage information to provide users with personalized services.

2. Cookies are small pieces of information that the server (http) used to operate the website sends to the user's computer browser and are sometimes stored on the hard disk of the user's PC computer.

• A. Purpose of using cookies: To provide targeted marketing and personalized services by analyzing the access frequency and visit times of members and non-members, identifying users' tastes and areas of interest and tracking them, and grasping the degree of participation in various events and the number of visits.
• B. Installation, operation, and refusal of cookies: Users have the option to install cookies. Therefore, users can allow all cookies by setting options in their web browser, go through confirmation each time a cookie is saved, or refuse to save all cookies. (Example: For Internet Explorer: Possible through option settings in Tools > Internet Options > Privacy menu at the top of the web browser. For Chrome: Possible through settings in Settings menu > Privacy and security > Cookies and other site data at the top right of the web browser.)
• C. Refusing to store cookies may cause difficulties in using personalized services.

The Company takes the following measures to ensure the safety of personal information:

1. Administrative measures: Establishment and implementation of internal management plans, regular employee training, etc.

2. Technical measures: Management of access rights to personal information processing systems, installation of access control systems, installation and updating of security programs.

3. Physical measures: Access control to data storage rooms, etc. (if applicable)

In particular, the Company minimizes the risk of online leakage and infringement of user's photos or image data by processing them locally on the user's device without storing them on the server.

The Company has designated a personal information protection officer and a responsible department as follows to take overall responsibility for personal information processing, and to handle complaints and remedy damages of information subjects related to personal information processing.

• Personal Information Protection Officer
• • Name: Dongwon Shin
  • Position: CEO
  • Contact: davidshin1213@gmail.com

• Personal Information Protection Department (Assumed to be handled by the officer if no separate department)
• • Department Name: Customer Support (or handled directly by CEO)
  • Person in Charge: Dongwon Shin
  • Contact: davidshin1213@gmail.com

Information subjects may inquire with the personal information protection officer and responsible department regarding all personal information protection related inquiries, complaint handling, damage relief, etc. that occurred while using the Company's service (or business). The Company will respond to and handle inquiries from information subjects without delay.

If you need to report or consult about other personal information infringements, please contact the following organizations:

• Personal Information Infringement Report Center (privacy.kisa.or.kr / Dial 118 without area code)
• Supreme Prosecutors' Office Cybercrime Investigation Division (www.spo.go.kr / Dial 1301 without area code)
• National Police Agency Cyber Bureau (ecrm.cyber.go.kr / Dial 182 without area code)

This Privacy Policy is effective from May 1, 2025. If there are any additions, deletions, or corrections to the content due to changes in laws or policies, they will be announced through a notice on the service website at least 7 days before the changes take effect.