Privacy Policy

Foreedom Inc. ("Company") establishes and discloses this Privacy Policy in accordance with the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection to protect users' personal information and to handle related complaints promptly and smoothly.

Article 1 (Purpose of Collecting and Using Personal Information)

The Company collects and uses personal information for the following purposes. Collected personal information will not be used for purposes other than those specified below, and if the purpose of use changes, necessary measures such as obtaining separate consent will be taken.

Member Registration and Management

Verification of membership intent, identification/authentication for membership services, maintenance/management of membership status, prevention of fraudulent use, various notifications

Service Provision

University information provision, inquiry services, favorite university saving, personalized services

Administrator Member Management

Administrator identity verification, authorization for university information registration/management, university email verification

Marketing and Advertising

New service development and personalized services, event and promotional information (with separate consent), service usage statistics and analysis

Complaint Handling

Identity verification of complainant, confirmation of complaint details, contact/notification for fact-finding, notification of processing results

Article 2 (Personal Information Collected and Collection Methods)

1. Personal Information Items Collected

Category	Collected Items
General Member (Required)	Email, password, name, nationality
General Member (Optional)	Contact number, universities of interest, preferred major
Administrator Member (Required)	Email (university email), password, name, affiliated university, department, contact number
Administrator Member (Optional)	None
Automatically Collected During Service Use	IP address, cookies, service usage records, visit records, access logs, device information (browser type, OS, etc.)

2. Personal Information Collection Methods

Direct input by users during registration and service use
Automatic collection during service use (cookies, access logs, etc.)

Article 3 (Retention and Use Period of Personal Information)

The Company processes and retains personal information within the retention/use period specified by law or agreed upon when collecting personal information from the data subject.

Retained Information	Retention Period	Legal Basis
Member Information	Until membership withdrawal	However, may be retained until the relevant period for dispute resolution or legal compliance even after withdrawal
Records on Contracts or Subscription Withdrawal	5 years	Act on Consumer Protection in Electronic Commerce
Records on Payment and Supply of Goods	5 years	Act on Consumer Protection in Electronic Commerce
Records on Consumer Complaints or Dispute Resolution	3 years	Act on Consumer Protection in Electronic Commerce
Website Visit Records	3 months	Protection of Communications Secrets Act

Article 4 (Provision of Personal Information to Third Parties)

In principle, the Company does not provide users' personal information to third parties. However, exceptions apply in the following cases:

When the user has given prior consent
When required by law or requested by investigative agencies following legal procedures and methods

※ Currently, UNIVijob does not provide personal information to third parties. If third-party provision becomes necessary in the future, separate consent will be obtained.

Article 5 (Entrustment of Personal Information Processing)

The Company entrusts personal information processing as follows for smooth service provision:

Contractor	Contracted Tasks	Retention Period
Supabase Inc.	Cloud database and authentication service provision	Until termination of service agreement
Vercel Inc.	Web hosting and service infrastructure provision	Until termination of service agreement

When entering entrustment contracts, the Company clearly specifies compliance with personal information protection regulations, confidentiality of personal information, prohibition of third-party provision, responsibility for incidents, and return or destruction of personal information upon termination, and supervises the processor to safely process personal information.

Article 6 (Overseas Transfer of Personal Information)

Personal information may be transferred overseas due to cloud service use:

Recipient	Country	Transferred Items	Purpose	Retention Period
Supabase Inc.	United States	Member information (email, name, etc.)	Cloud database service provision	Until termination of service agreement

These companies comply with international standards for personal information protection, and the Company transfers personal information following legitimate procedures.

Article 7 (Destruction of Personal Information)

The Company destroys personal information without delay when it becomes unnecessary due to expiration of retention period or achievement of processing purpose.

1. Destruction Procedure

Information entered by users is transferred to a separate DB (or separate documents for paper) after achieving its purpose and stored for a certain period according to internal policies and relevant laws, or destroyed immediately.

2. Destruction Methods

Electronic files: Deleted using technical methods that prevent record reproduction
Paper documents: Shredded or incinerated

Article 8 (Rights and Obligations of Users and Legal Representatives)

Users (or legal representatives) may exercise the following personal information protection rights against the Company at any time:

Request for personal information access
Request for correction in case of errors
Request for deletion
Request for processing suspension

The above rights can be exercised through written request, email, etc. to the Company, and the Company will take action without delay.

When a user requests correction or deletion of personal information errors, the Company will not use or provide such personal information until correction or deletion is completed.

Article 9 (Installation, Operation, and Rejection of Automatic Personal Information Collection Devices)

The Company uses 'cookies' that store and retrieve usage information to provide personalized services to users.

1. What are Cookies?

Cookies are small pieces of information sent by the server operating the website to the user's computer browser and stored on the user's computer hard disk.

2. Purpose of Using Cookies

Analyzing access frequency and visit times of members and non-members to improve services
Understanding user interests and providing personalized services
Providing automatic login functionality

3. How to Reject Cookie Settings

Users have the option to install cookies. You can allow all cookies, confirm each time cookies are saved, or refuse to save all cookies through web browser options.

However, if you refuse to save cookies, some services requiring login may be difficult to use.

Article 10 (Measures to Ensure Personal Information Security)

The Company takes the following measures to ensure personal information security:

Administrative Measures

Establishment and implementation of internal management plans, regular employee training

Technical Measures

Access authority management for personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs

Physical Measures

Access control to computer rooms and data storage facilities

Member passwords are encrypted for storage and management, so only the member can know them, and important data uses separate security functions such as file encryption and file locking for files and transmitted data.

Article 11 (Personal Information Protection Officer)

The Company designates the following Personal Information Protection Officer to be responsible for personal information processing and to handle user complaints and damage relief related to personal information processing:

Personal Information Protection Officer

Manager: Officer in Charge
Department: Personal Information Protection Team
Email: service@vijob.net
Phone: Please contact via email

Users can contact the Personal Information Protection Officer for any inquiries, complaints, or damage relief related to personal information protection arising from using the Company's services. The Company will respond to and process user inquiries without delay.

Article 12 (Remedies for Infringement of Rights)

Users may apply for dispute resolution or consultation with the following organizations for relief from personal information infringement:

Personal Information Dispute Mediation Committee

Phone: 1833-6972

www.kopico.go.kr

Personal Information Infringement Report Center

Phone: 118

privacy.kisa.or.kr

Supreme Prosecutors' Office Cyber Investigation Division

Phone: 1301

www.spo.go.kr

National Police Agency Cyber Bureau

Phone: 182

ecrm.police.go.kr

Article 13 (Changes to Privacy Policy)

This Privacy Policy is effective from the effective date, and if there are additions, deletions, or corrections of changes according to laws and policies, they will be announced through notice 7 days before the changes take effect.
However, significant changes to user rights will be announced at least 30 days in advance.

Supplementary Provisions

This Privacy Policy is effective from September 1, 2025.

Effective Date: September 1, 2025