Privacy Policy
Privacy Policy of hahaostory.com
1. Purpose of Personal Information Processing
HAHAO (hereinafter 'Company') processes personal information for the following purposes. The personal information being processed is not used for purposes other than the following, and if the purpose of use changes, we will take necessary measures such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
- Service provision: Providing services such as worldview generation, trend analysis, and archive exploration
- Member management: Identity verification, personal identification, and prevention of fraudulent use by bad members in relation to membership service use
- Customer inquiry response: Processing customer inquiries and complaints
Information Collected When Logging in with Google Account
When logging in through Google OAuth 2.0, we access the following Google user data:
- Email address (email): Collected for user account identification and service provision
- Name (name): Collected for personalized service provision and user identification
- Profile picture (picture): Collected for displaying user profile
- Google User ID (sub): Collected for account linking and user identification
The collected information is used solely for the purposes of user authentication, account creation and management, and personalized service provision.
2. Processing and Retention Period of Personal Information
The Company processes and retains personal information within the period of retention and use of personal information in accordance with laws and regulations, or within the period of retention and use of personal information agreed upon when collecting personal information from the information subject.
- Member information: Until membership withdrawal (However, if investigation or inquiry is in progress due to violation of related laws, until the end of such investigation or inquiry)
- Service usage records: 3 years (Communications Secrets Protection Act)
- Records on contracts or subscription withdrawal: 5 years (Electronic Commerce Act)
- Records on payment and supply of goods: 5 years (Electronic Commerce Act)
3. Provision of Personal Information to Third Parties
The Company processes personal information of information subjects only within the scope specified in Article 1 (Purpose of Personal Information Processing), and provides personal information to third parties only in cases corresponding to Article 17 of the Personal Information Protection Act, such as consent of the information subject or special provisions of laws.
4. Rights and Obligations of Information Subjects and How to Exercise Them
Information subjects may exercise their rights such as requesting access, correction, deletion, and suspension of processing of personal information in accordance with Article 35 of the Personal Information Protection Act. Rights can be exercised through written documents, e-mail, facsimile transmission (FAX), etc. to the Company, and the Company will take action without delay.
5. Personal Information Protection Officer
The Company is responsible for overseeing all matters related to personal information processing, and has designated a personal information protection officer as follows to handle complaints and damage relief of information subjects related to personal information processing.
6. Measures to Ensure Safety of Personal Information
The Company takes the following measures to ensure the safety of personal information: Administrative measures (establishment and implementation of internal management plans, regular employee training, etc.), Technical measures (management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs), Physical measures (access control to computer rooms, data storage rooms, etc.).
Last Updated: 12/29/2025