Privacy Policy
Korea Deep Learning Co., Ltd. (hereinafter the “Company”) complies with the Personal Information Protection Act and other applicable laws and regulations. To protect the rights and interests of data subjects in connection with the use of Deep Agent (Demo/Playground) and the Company’s website, the Company establishes and discloses this Privacy Policy as follows.
Last Revised: 2025-10-17
This service does not collect information offline or store paper documents. All processing is conducted online (electronically) only.
1. Purpose of Processing · Items Collected · Retention Period
The table below describes the minimum required items by major channels operated by the Company. Additional items may be required as services are enhanced or converted to paid services. Any changes will be announced through this Policy or a separate notice.
| Channel/Service | Purpose of Processing | Items Collected (Required/Optional) | Retention & Use Period |
|---|---|---|---|
| Deep Agent (Demo) | Demo provision, performance/quality improvement, incident response, security | (Required) Uploaded documents/images/text, processing metadata (job ID, status, duration), access logs (IP, logs, User-Agent) (Optional) Email/nickname (if account-based operation) | In principle, until membership withdrawal. However, asynchronous processing, logs, and outputs follow Section 2 |
| Asynchronous API (Demo Features) | Long-running job processing, retry/failure recovery | Inference request data (input), inference result data (output), status metadata | Input: until inference completion up to 72 hours / Output: 30 days / Intermediate logs: 7 days / Metadata: 60 days |
If a user leaves the Deep Agent results page (e.g., via back navigation), the output data of that job is immediately deleted/expired and cannot be retrieved or restored thereafter. A 5-minute auxiliary expiration timer is operated to account for network failures.
2. Deep Agent Data Processing Principles
- API (non-demo) routes: Inputs and outputs are not stored and not used for model training.
- Demo/Playground: Data may be retained until membership withdrawal for service provision, improvement, R&D, and legal compliance purposes. (Policy changes will be announced.)
- Asynchronous processing: Input retained up to 72 hours, output 30 days, intermediate logs 7 days, metadata 60 days. Not used for model training (only de-identified statistics and quality monitoring).
- No caching: Result responses apply a ‘no-store’ policy, and result URLs/tokens may be single-use.
3. Legal Basis and Additional Use/Provision
- The Company processes personal information based on consent or statutory grounds pursuant to Articles 15 (Consent, etc.) and 17 (Third-Party Provision) of the Personal Information Protection Act.
- If additional use or provision beyond the original purpose is required, the Company comprehensively considers the criteria under Enforcement Decree Article 14-2 (relevance, predictability, impact on data subject’s interests, safeguards) and obtains separate consent where necessary.
- In principle, there is no provision to third parties. Information may be provided only upon lawful requests (e.g., investigative authorities), in compliance with legal procedures.
4. Outsourcing of Processing (Sub-processors)
For stable service provision, the Company may outsource part of personal information processing. In such cases, the Company enters into contracts and performs management and supervision in accordance with Article 26 of the Personal Information Protection Act.
- Marketing and customer management tools such as email delivery/CRM/weblog analytics (e.g., Brevo, Salesforce, Google Analytics, MS Clarity)
5. Overseas Transfer
Overseas transfers may occur as cloud infrastructure and certain tools may be operated by foreign service providers.
- Destination countries/providers: As announced by the respective processors
- Purpose of transfer: System operation and storage, service provision
- Retention period: Until membership withdrawal or termination of the outsourcing contract
- Right to refuse and impact: You may refuse overseas transfer; however, use of the relevant service may be restricted.
6. Destruction upon Expiration of Retention Period or Achievement of Purpose
- Upon occurrence of grounds for destruction, information is destroyed without delay.
- Electronic files: Permanently deleted in a non-recoverable manner / Paper documents: Physically destroyed (e.g., shredding)
- If retention is required by other laws, information is stored separately and destroyed upon expiration of the applicable period.
7. Rights of Data Subjects and How to Exercise Them
- Data subjects may request access, correction, deletion, suspension of processing, and withdrawal of consent at any time.
- How to request: Email/written request, etc. (identity verification required). Legal representatives or authorized agents may exercise rights with appropriate documentation.
- Access or suspension may be restricted by law, and deletion may be limited for items required to be retained under other laws.
8. Measures to Ensure Security
- Administrative: Establishment of internal management plans and training, minimization of access rights
- Technical: Encryption in transit (TLS), encryption at rest, access controls, log monitoring, vulnerability assessments
- Physical: Access control to data centers and server rooms
9. Cookies and Similar Technologies
- Currently, the service uses only essential cookies (e.g., for session maintenance) or may not use cookies. If analytics or marketing cookies are introduced, prior notice and consent will be obtained and this Policy will be updated.
10. Data Protection Officer (DPO)
For inquiries and requests to exercise rights, please contact:
- Email: koreadeep@koreadeep.com
- Phone: +82-50-2000-2300
Requests will be handled promptly. For dispute resolution or remedies, you may seek assistance from relevant authorities (e.g., Personal Information Dispute Mediation Committee +82-1833-6972, Privacy Infringement Reporting Center 118).
11. Notice of Changes
This Policy is effective as of 2025-10-17. In the event of material changes, notice will be provided on the website at least 7 days in advance (or 30 days in advance for changes unfavorable to users).
