Loading...
Loading...
APIOZ (hereinafter the Company) establishes and discloses this Privacy Policy as follows in accordance with Article 30 of the Personal Information Protection Act, in order to protect the personal information of data subjects and to handle related complaints promptly and smoothly.
The Company may process the following personal information to provide its services. 1. Membership registration and account management information: first name, last name, email address, password (stored in encrypted form), phone number, country code 2. Order and reservation information: ordered products, product type (rental/luggage delivery/shopping), quantity, reservation number, pickup date/time, return date/time, collection date/time, delivery/pickup location information, order type, delivery option, delivery address, special requests 3. Uploaded materials: passport photos, hotel reservation confirmations, and other images or documents directly uploaded by users 4. Additional input information: flight information, memos, inquiry details 5. Payment information: payment method, payment status, transaction identifiers, payment amount, refund-related information 6. Automatically collected information: access logs, IP address, device and browser information, access date/time, cookies, browser storage (localStorage) information, and UTM attribution information
The Company processes personal information within the scope of the following purposes. 1. Member identification, login, account management, and identity verification 2. Product orders, reservation creation, payment processing, and refund processing 3. Rental pickup and return, luggage delivery operations, and delivery of general products 4. Order inquiries, reservation inquiries, customer inquiry responses, complaint handling, and dispute response 5. Prevention of improper use, service quality improvement, statistical analysis, and security management 6. Fulfillment of legal obligations
In principle, the Company destroys personal information without delay once the purpose of processing has been achieved. However, the Company may retain the following records as required by applicable laws. 1. Records on contracts or withdrawal of offers: 5 years 2. Records on payment and supply of goods, etc.: 5 years 3. Records on consumer complaints or dispute handling: 3 years 4. Records on display and advertising: 6 months 5. Communication confirmation data such as access records: 3 months Even if membership withdrawal or account deletion is requested, information that must be retained under applicable laws will be stored separately for the required period and then destroyed.
In principle, the Company does not provide a data subject’s personal information to third parties. However, exceptions may apply in the following cases. 1. The data subject has given prior consent 2. There is a special provision under law or provision is necessary to fulfill a legal obligation 3. Provision is clearly necessary for the interests of life, body, or property
The Company may entrust part of its personal information processing tasks to external parties as follows for smooth service provision. 1. Payment processing: Toss Payments, Eximbay 2. Cloud/authentication/storage operations: Supabase 3. Delivery/logistics/operations cooperation: Kakao Quick 4. Notification sending and customer response systems: When entering into an entrustment agreement, the Company clearly defines and manages/supervises matters such as the processor’s safety measures, restrictions on sub-entrustment, and supervision obligations in accordance with personal information protection laws.
If personal information is transferred overseas in the course of overseas payment processing or use of global infrastructure, the Company will provide prior notice or obtain necessary consent regarding the recipient, country of transfer, date/time and method of transfer, transferred items, purpose of use, retention period, and method of refusal in accordance with applicable laws. If any actual overseas transfer currently occurs, the following information will be separately confirmed and stated. 1. Recipient: [Company name] 2. Country of transfer: [Country] 3. Transferred items: [Items] 4. Purpose of transfer: [Purpose] 5. Retention and use period: [Period]
The Company may use cookies or browser storage (localStorage) to maintain shopping carts, store order preferences, provide login convenience, and improve services. Non-member carts and certain order preference information may be stored on the user’s device for a certain period. Users may refuse cookie storage or delete stored information through browser settings, but some services may be restricted as a result.
The Company destroys personal information without delay when the retention period has expired or the processing purpose has been achieved. Information in electronic file format is deleted using technical methods that make recovery impossible, and paper documents are destroyed by shredding, incineration, or similar methods.
Data subjects may request the Company to provide access to, correct, delete, suspend processing of, or withdraw consent for personal information. Members may request account deletion, and the Company will process such requests to the extent that there is no legal retention obligation. Rights may be exercised in writing, by email, through customer service inquiries, or by other methods designated by the Company, and the Company will take action without delay.
The Company takes the following measures to ensure the security of personal information. 1. Minimization and management of access privileges 2. Encrypted storage of passwords 3. Encryption of transmission sections (HTTPS) 4. Retention of access records and security inspections 5. Security updates and vulnerability response 6. Establishment and operation of an internal management plan
Due to the characteristics of products or services, the Company may request verification materials such as passport photos, hotel reservation confirmations, and flight information. The Company processes such materials only within the scope of order confirmation, delivery and pickup verification, customer support, and dispute response, and destroys them without delay after the purpose has been achieved or retains them in accordance with applicable laws. The Company endeavors to minimize the collection of unnecessary information.
Business name: APIOZ Department in charge: Personal Information Protection Team Email: kjs9486838@apioz.co.kr Phone: +82-10-2174-6838 Address: 4F, 147 Yanghwa-ro, Mapo-gu, Seoul (Donggyo-dong)
Data subjects may contact the following organizations if they need to report or consult on personal information infringement. 1. Personal Information Infringement Report Center: 118 without area code 2. Personal Information Dispute Mediation Committee: 1833-6972 3. Cyber investigation-related departments of the Supreme Prosecutors’ Office and the Korean National Police Agency
This Privacy Policy may be amended due to changes in laws, services, or internal policies. If there are material changes, the Company will notify users through the Site before the changes take effect.
This Privacy Policy is effective as of April 10, 2026.