Loading...
Loading...
APIOZ (hereinafter, the “Company”) establishes and discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act in order to protect the personal information of data subjects and to promptly and smoothly handle any related grievances.
The Company may process the following personal information for the provision of services: 1. Membership registration and account management information: first name, last name, email address, password (stored in encrypted form), phone number, country code 2. Order and reservation information: ordered items, product type (rental / luggage delivery / shopping), quantity, reservation number, pickup date and time, return date and time, collection date and time, delivery / pickup location information, order type, delivery option, delivery address, special requests 3. Uploaded materials: passport photos, hotel reservation confirmations, and other images or documents directly uploaded by users 4. Additional input information: flight information, notes, inquiry details 5. Payment information: payment method, payment status, transaction identifiers, payment amount, refund-related information 6. Automatically collected information: access logs, IP address, device and browser information, access date and time, cookies, browser storage (localStorage) information, UTM referral information
The Company processes personal information for the following purposes: 1. Member identification, login, account management, identity verification 2. Product orders, reservation creation, payment processing, refund processing 3. Rental pickup and return, luggage delivery operations, general product delivery 4. Order inquiry, reservation inquiry, customer support, complaint handling, dispute response 5. Prevention of fraudulent use, service quality improvement, statistical analysis, security management 6. Compliance with legal obligations
In principle, the Company destroys personal information without delay once the purpose of processing has been achieved. However, the following information may be retained as required by applicable laws: 1. Records regarding contracts or withdrawal of offers: 5 years 2. Records regarding payment and supply of goods, etc.: 5 years 3. Records regarding consumer complaints or dispute resolution: 3 years 4. Records regarding labeling and advertising: 6 months 5. Communication confirmation data such as access records: 3 months Even if a member withdraws membership or requests account deletion, information subject to statutory retention obligations shall be stored separately for the required period and then destroyed.
In principle, the Company does not provide the personal information of data subjects to third parties. However, exceptions apply in the following cases: 1. Where the data subject has given prior consent 2. Where specifically required by law or necessary for compliance with legal obligations 3. Where clearly necessary to protect life, body, or property interests
For the smooth provision of services, the Company may outsource part of its personal information processing operations to external parties as follows: 1. Payment processing: Toss Payments, Eximbay 2. Cloud / authentication / storage operations: Supabase 3. Delivery / logistics / operational cooperation: Kakao Quick 4. Notification delivery and customer support systems: When entering into outsourcing agreements, the Company clearly stipulates and manages matters such as measures to ensure safety, restrictions on re-outsourcing, and supervisory obligations in accordance with personal information protection laws.
If personal information is transferred overseas in the course of overseas payment processing or the use of global infrastructure, the Company shall notify data subjects in advance of, or obtain any necessary consent regarding, the recipient, destination country, date and method of transfer, items transferred, purpose of use, retention period, and method of refusal in accordance with applicable laws. If there are items currently involving actual overseas transfer, the following information shall be separately finalized and stated below: 1. Recipient: [Company Name] 2. Destination Country: [Country Name] 3. Items Transferred: [Items] 4. Purpose of Transfer: [Purpose] 5. Retention and Use Period: [Period]
The Company may use cookies or browser storage (localStorage) in order to maintain shopping carts, store order preferences, provide login convenience, and improve services. Non-member shopping carts and some order preference information may be stored on the user’s device for a certain period. Users may refuse the storage of cookies or delete stored information through their browser settings; however, restrictions may apply to the use of some services.
The Company destroys personal information without delay when the retention period has expired or the purpose of processing has been achieved. Information in electronic file form shall be deleted using technical methods that make recovery impossible, and paper documents shall be destroyed by shredding, incineration, or other such methods.
Data subjects may request the Company to provide access to, correction of, deletion of, suspension of processing of, or withdrawal of consent regarding their personal information. Members may request account deletion, and the Company shall process such requests within the scope not subject to statutory retention obligations. Such rights may be exercised in writing, by email, through customer service inquiries, or by other methods designated by the Company, and the Company shall take action without delay.
The Company takes the following measures to ensure the security of personal information: 1. Minimization of access rights and access control management 2. Encrypted storage of passwords 3. Encryption of transmission sections (HTTPS) 4. Retention of access records and security inspections 5. Security updates and vulnerability response 6. Establishment and operation of an internal management plan
Due to the nature of the products or services, the Company may request verification materials such as passport photos, hotel reservation confirmations, and flight information. The Company processes such materials only within the scope necessary for order verification, delivery and pickup validation, customer support, and dispute response, and destroys them without delay after the purpose has been achieved or retains them in accordance with applicable laws. The Company strives to minimize the collection of unnecessary information.
Business Name: APIOZ Department in Charge: Personal Information Protection Officer Email: kjs9486838@apioz.co.kr Phone Number: +82-10-2174-6838 Address: 4th Floor, 147 Yanghwa-ro (Donggyo-dong), Mapo-gu, Seoul, Republic of Korea
If a data subject needs to file a report or seek consultation regarding personal information infringement, they may contact the following organizations: 1. Personal Information Infringement Report Center: 118 (without area code) 2. Personal Information Dispute Mediation Committee: 1833-6972 3. Cyber investigation-related departments of the Supreme Prosecutors’ Office and the National Police Agency
This Privacy Policy may be revised in accordance with changes in laws, services, or internal policies. If there are significant changes, the Company shall provide notice through the Site before such changes take effect.
This Privacy Policy shall enter into force on April 10, 2026.