Article 1 (General Provisions)

  1. This Privacy Policy explains how RILO (the "Company") processes personal information collected in the course of using the services provided by the Company (the "Service").
  2. The Company handles users' personal information with care and complies with applicable laws and regulations.
  3. This policy may be revised in accordance with applicable laws and service policies, and any changes will be announced through notices.

Article 2 (Personal Information Collected and Collection Methods)

  1. The Company may collect the following personal information to provide the Service:
    • Required information (at sign-up)
      • E-mail address (received from the social login provider)
      • Nickname (entered by the user)
      • Social login account identifier (provider type and the provider-side unique ID)
    • Automatically collected information
      • Service usage records, device information
    • Conditionally collected information
      • Gender and date of birth — received and stored only when signing up with a Google or Kakao account and only where the user has consented to their provision on the provider's side. (Not collected for Apple sign-in.)
      • Consent records — consent status for each consent item, terms version, applicable region, App Store storefront country, and a country code derived from the IP address of the sign-up request. The original IP address itself is not stored; only the country code is retained. IP-based country determination uses data from DB-IP (IP geolocation by DB-IP, db-ip.com).
    • Optional information (where provided directly by the user)
      • Photos and location tags (when uploaded by the user)
      • Other profile information set by the user (e.g. a profile image, set by the user after sign-up)
  2. The Company collects personal information through users entering it directly when signing up for or using the Service, or by receiving it from the social login provider (Google, Kakao, or Apple).
  3. Information such as device information and access records may be collected automatically in the course of using the Service.

Article 3 (Purposes of Use of Personal Information)

  1. The Company uses collected personal information for the following purposes:
    1. Providing and operating the Service (automatic log creation, check-in features, etc.)
    2. Account management and customer support
    3. Service improvement and personalized content recommendations
    4. Record keeping for compliance with legal obligations
  2. The Company uses users' personal information only within the scope permitted by law and does not use it for any other purposes.
  3. Personal information may be anonymized and then used for service improvement and statistical analysis.

Article 4 (Retention and Deletion of Personal Information)

  1. The Company retains personal information within the scope consented to by the user, and only for the period prescribed by law.
  2. Users may request account deletion and deletion of their personal information at any time, and such requests will be processed promptly upon receipt.
  3. Some data may be retained for a certain period for service operation and compliance with legal obligations.

Article 5 (Provision to Third Parties and Outsourcing of Processing)

  1. The Company does not provide users' personal information to third parties without the user's consent.
  2. However, personal information may be provided in accordance with applicable laws where requested by investigative agencies, courts, or other government authorities pursuant to law.
  3. Where necessary for the operation of the Service, the Company may outsource the processing of personal information to external parties, and will take measures to ensure that such contractors manage personal information securely.

Article 6 (Measures to Protect Personal Information)

  1. The Company applies the following security measures to protect users' personal information:
    1. Data encryption and access restrictions
    2. Internal security processes
    3. Security systems to prevent external attacks
  2. The Company restricts access to personal information to the minimum necessary and conducts internal training on personal information protection.
  3. The Company conducts regular security inspections to prevent leakage of users' personal information.

Article 7 (Users' Rights and How to Exercise Them)

  1. Users may request to access, correct, or delete their personal information, or to cease its use, at any time.
  2. Users can manage some of their personal information directly through account settings, and requests for deletion or cessation of use are accepted through customer support or by e-mail. The Company may verify the requester's identity when processing such requests.
  3. Users may withdraw their consent to the provision of personal information; upon withdrawal, use of some parts of the Service may be restricted.

Article 8 (Privacy Officer and Contact Information)

  1. The Company has designated a privacy officer and a location information manager to protect users' personal information.
  2. Their role is to protect users' personal information and location information and to handle related inquiries and complaints.
  3. The contact information of the privacy officer and location information manager is as follows:
    1. Officer in charge: Privacy Officer / Location Information Manager
    2. E-mail: plogteam.dev@gmail.com
    3. Contact: plogteam.dev@gmail.com
  4. The name, address, and representative of the business operator are as follows:
    1. Business operator: RILO
    2. Address: 435 Olympic-ro, Songpa-gu, Seoul, Republic of Korea
    3. Representative: Kim Seung Kyum

Article 9 (International Data Transfers)

  1. The Company is a business operator located in the Republic of Korea, and users' personal information may be stored and processed on servers located outside the user's country of residence (including the Republic of Korea).
  2. When handling personal information in a foreign country, the Company takes the protective measures set forth in this policy with an understanding of that country's personal information protection regime.
  3. When the Company provides personal information to a third party located in a foreign country, it will obtain the user's prior consent, except where permitted by law.

Article 10 (Changes to and Notice of the Privacy Policy)

  1. This Privacy Policy may be changed as necessary, and advance notice will be given of any significant changes.
  2. Changes to the Privacy Policy will be announced through notices within the Service, and separate notice may be given by e-mail for changes that significantly affect users' rights or obligations.
  3. Users may contact customer support with any inquiries regarding personal information protection.

Addendum

Article 1. This Privacy Policy takes effect on August 1, 2025.