Legal
Effective Date: January 1, 2026
Last Updated: March 29, 2026
IQHub Co., Ltd. (hereinafter 'Company') establishes and discloses this Privacy Policy pursuant to Article 30 of the Personal Information Protection Act (PIPA) to protect the personal information of data subjects and to handle related grievances promptly and smoothly.
The Company processes personal information for the following purposes. Personal information being processed will not be used for any purpose other than the following, and if the purpose of use changes, necessary measures such as obtaining separate consent will be taken in accordance with Article 18 of the Personal Information Protection Act.
The Company processes and retains personal information within the retention and use period stipulated by law or agreed upon when collecting personal information from data subjects.
| Purpose | Retention Period |
|---|---|
| Consultation and Inquiry Handling | 3 years after completion |
| Contract Performance and Service Delivery | 5 years after contract termination (Commercial Act, Art. 33) |
| E-commerce Records | 5 years (E-Commerce Act, Art. 6) |
| Consumer Complaints and Dispute Resolution | 3 years (E-Commerce Act, Art. 6) |
The Company processes personal information only within the scope specified in Article 1 (Purposes of Processing Personal Information) and provides personal information to third parties only in cases falling under Articles 17 and 18 of the Personal Information Protection Act, such as with the consent of the data subject or under special provisions of law.
The Company currently does not provide personal information of data subjects to third parties.
The Company entrusts personal information processing as follows for smooth personal information business processing.
| Trustee | Entrusted Tasks |
|---|---|
| Amazon Web Services, Inc. | Cloud server operation and data storage |
| Email Service Provider | Email delivery services |
When concluding entrustment contracts, the Company specifies in documents such as contracts the prohibition of processing personal information for purposes other than the entrusted tasks, technical and administrative protective measures, restrictions on re-entrustment, supervision and management of trustees, and liability for damages, in accordance with Article 26 of the Personal Information Protection Act, and supervises whether trustees process personal information safely.
Data subjects may exercise the following personal information protection rights against the Company at any time.
Rights may be exercised against the Company in writing, by email, or by fax in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act, and the Company will take action without delay.
If a data subject requests correction or deletion of personal information due to errors, the Company will not use or provide the personal information until the correction or deletion is completed. Rights may also be exercised through a legal representative or an authorized agent. In this case, a power of attorney in accordance with Annex Form No. 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.
The Company processes the following categories of personal information.
| Purpose | Required Items | Optional Items |
|---|---|---|
| Consultation Requests and Inquiries | Name, email address, phone number, company name | Position, inquiry content |
| Service Contracts and Delivery | Name, email address, phone number, company name, business registration number | Department, position |
| Automatically Collected (Website Use) | IP address, cookies, visit date/time, service usage records | - |
When personal information becomes unnecessary due to the expiration of the retention period or achievement of the processing purpose, the Company destroys the personal information without delay.
The Company selects personal information for which a reason for destruction has arisen and destroys it with the approval of the Company's Personal Information Protection Officer.
The Company takes the following technical, administrative, and physical measures necessary to ensure security in accordance with Article 29 of the Personal Information Protection Act.
The Company designates staff who handle personal information and limits them to those in charge, implementing measures to minimize personal information management.
The Company establishes and implements internal management plans for the safe processing of personal information.
To prevent personal information leakage and damage caused by hacking or computer viruses, the Company installs security programs, performs periodic updates and inspections, installs systems in areas with controlled external access, and technically and physically monitors and blocks unauthorized access.
Users' personal information passwords are encrypted for storage and management, so only the user knows them. Important data uses separate security functions such as encrypting files and transmitted data or using file locking functions.
Records of access to personal information processing systems are retained and managed for at least one year. However, if processing personal information of 50,000 or more data subjects, or processing unique identification information or sensitive information, records are retained and managed for at least two years.
The Company takes necessary measures for access control to personal information through granting, changing, and revoking access rights to database systems that process personal information, and uses intrusion prevention systems to control unauthorized external access.
The Company uses 'cookies' that store and retrieve usage information to provide personalized services to users.
Cookies are small pieces of information sent by the server (http) operating the website to the user's computer browser and may be stored on the hard disk of the user's PC.
Cookies are used to understand the visit and usage patterns of each service and website visited by users, popular search terms, and whether secure connections are used, in order to provide users with optimized information.
Users have the right to choose whether to install cookies. Therefore, users can allow all cookies, go through confirmation each time a cookie is saved, or refuse to save all cookies by setting options in their web browser.
※ Refusing to save cookies may cause difficulties in using personalized services.
How to set (Internet Explorer): Tools at the top of the web browser > Internet Options > Privacy
The Company designates a Personal Information Protection Officer as follows to take overall responsibility for personal information processing and to handle complaints and remedy damages related to personal information processing by data subjects.
Name: IQHub Representative
Position: Chief Executive Officer
Email: contact@iqhub.co
Data subjects may contact the Personal Information Protection Officer and the relevant department for all personal information protection-related inquiries, complaints, and damage remedies arising from the use of the Company's services (or business). The Company will respond and take action without delay.
Data subjects may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency's Personal Information Infringement Report Center, etc. to receive relief for personal information infringement. For other reports and consultations on personal information infringement, please contact the following agencies.
| Agency | Phone | Website |
|---|---|---|
| Personal Information Dispute Mediation Committee | 1833-6972 | www.kopico.go.kr |
| Personal Information Infringement Report Center (KISA) | 118 | privacy.kisa.or.kr |
| Supreme Prosecutors' Office Cyber Crime Investigation Unit | 02-3480-3573 | www.spo.go.kr |
| National Police Agency Cyber Safety Bureau | 182 | cyberbureau.police.go.kr |
This Privacy Policy is effective from January 1, 2026. Previous versions of the Privacy Policy can be found below.
View Previous Version (N/A)
