Korean: https://id.privatestater.com/privacy.txt English: https://id.privatestater.com/privacy-en.txt All languages other than Korean are machine-translated and may not be accurate. # Privacy Policy for the Entire PrivateStater Suite Last Updated: December 28, 2025 (Based on UTC+9 Seoul/Tokyo Time) PrivateStater takes privacy very seriously and strictly protects and transparently manages the personal information of service users in accordance with the Republic of Korea's 「Personal Information Protection Act」 and related laws and regulations. Using crawling to collect personal information, including email information, from all PrivateStater suite websites, dashboards, etc., including this Privacy Policy, may be punishable by relevant laws and regulations. # Article 1 - Items of Personal Information Collected and Retention Period ## 1. When Using PrivateStater Analytics ### Information Collected from Website Visitors - Browser type (e.g., Firefox) - Language setting (e.g., ko-KR) - Device type (e.g., Desktop) - Date of visit (e.g., 2025/05/03) - Pages visited (e.g., /blog/post1.html) - Referrer (e.g., duckduckgo.com) ※ All data is anonymized and cannot be used to identify, track, or link to individuals. ### Information Collected from Website Administrators - Registered site information: Site ID and configuration information ## 2. When Using PrivateStater ID ### Information Collected from Users **Username** Example: gpdir16 Retention Period: Deleted upon account deletion Description: A virtual name to distinguish users **Hashed Password** Example: 65c21f0... Retention Period: Deleted upon account deletion Description: Password encrypted one-way so it cannot be recovered **Email Address** Example: example@example.com Retention Period: Deleted upon account deletion Description: The user's email address **Information Collected by Paddle** https://www.paddle.com/legal/privacy ### Information Stored Internally **Session Key** Example: dj43g9q5... Retention Period: Automatically deleted upon logout or 7 days after creation Description: A randomly generated means to temporarily authenticate the user upon login **Purchased Items** Example: {"wdt": "true"} (Part of the value stored on the server) Retention Period: Information on PrivateStater servers is deleted upon account deletion; information stored on Paddle is not deleted for payment security Description: List of paid services the user has purchased or subscribed to and is licensed for, and some information about the device used for purchase for verification purposes ## 3. Information Collected When Using CheckToDo ### Information Collected from Users **Created Todos (Tasks)** Example: Prepare materials for tomorrow's meeting Retention Period: Deleted upon todo deletion and account deletion Description: Information and text of todos added by the user **Folders** Example: Work-related tasks Retention Period: Deleted upon folder deletion and account deletion Description: Information and text of folders added by the user ### Information Stored Internally **Slack Workspace** Example: {"accessToken": "xoxb-9764..."} (Part of the value stored on the server) Retention Period: Deleted upon workspace disconnection Description: Information internally generated for communication with Slack servers when integrating a Slack workspace ## 4. Information Collected When Using LocalKeys ### Information Collected from Users - Not applicable ### Information Stored Internally - Not applicable # Article 2 - User Rights and How to Exercise Them You can view, modify, or delete your account information at any time. > We are currently resolving issues related to account deletion and you will soon be able to use the regular account deletion procedure again. > Temporarily, account deletion requests can be made by sending an email to hello@privatestater.com. # Article 3 - Provision of Personal Information to Third Parties By default, PrivateStater does not provide or share collected personal information with external companies or third parties. However, it may be provided only in cases where there is a legal request, and in such cases, (if possible) an email will be sent to the user regarding the matter. # Article 4 - European Union GDPR This clause applies to residents of the European Union (EU) and the European Economic Area (EEA). ## 3. Data Storage Location By default, all data is stored on cloud servers located in Frankfurt, Germany, operated by DigitalOcean. However, it is not always processed only within the EU, and data may also be processed in countries such as the United States and the Republic of Korea. ## 4. Rights of EU Users In accordance with the GDPR, you have the following rights: - Right of Access: Request information about the data collected - Right to Rectification: Request correction of inaccurate data - Right to Erasure: Request deletion of data - Right to Restriction of Processing: Request restriction of data processing - Right to Data Portability: Request transfer of data to another service - Right to Object: Object to data processing - Right to Lodge a Complaint with a Supervisory Authority: Lodge a complaint with the data protection authority in your country You can exercise these rights by requesting via hello@privatestater.com, and we will respond within one month. Visitor data for PrivateStater Analytics is anonymized and aggregated, making individual access/deletion technically impossible. # Article 5 - Personal Information Protection Officer PrivateStater will respond promptly and sincerely to inquiries related to personal information protection. If you have any further questions, please feel free to email us at any time. ## Contact Information - Responsible Person: Jae Won Jang - Business Email: hello@privatestater.com - Personal Email: me@gpdir16.com - Country: Republic of Korea # Article 6 - Changes to the Policy By default, the Korean version is the authoritative text of this policy. The policy may be changed due to changes in laws or services.