HOTCONNECT

AIO PROJECT - Privacy Policy

Privacy Policy

Hotconnect (the “Company”) values users’ personal information in connection with the provision of the AIO PROJECT service (the “Service”) and complies with applicable laws and regulations, including the Personal Information Protection Act (PIPA) of Korea. This Privacy Policy explains the purposes and methods of collecting and using personal information, as well as the measures taken to protect it.

1. Items and Methods of Collection of Personal Information

1) Items Collected

The Company may collect the following personal information to provide the Service:

  • Required Information
    • Account registration: Email (ID), password (stored in encrypted form), nickname (or name)
    • Service use: Access logs, IP address, device information, browser information, cookies, and usage history
  • Optional Information
    • Profile image
    • Customer support/inquiries: Name, email address, inquiry details (including attachments)
  • Payment Information (when using paid services)
    • Payment date and time, payment method, payment amount, product name, transaction identifier (e.g., TID)
    • ※ Sensitive payment information such as credit card numbers is processed directly by the payment gateway (PG) provider and is not stored by the Company.

2) Methods of Collection

  • Information directly entered by users during account registration and service use
  • Automatically collected information (logs, cookies, etc.)
  • Information collected during customer inquiries/support requests

2. Purposes of Use of Personal Information

The Company uses collected personal information for the following purposes:

  1. Member registration, identity verification, and account management
  1. Service provision (e.g., PPT/script/image generation) and service improvement
  1. Subscription/payment processing and refunds
  1. Handling customer inquiries and dispute resolution
  1. Prevention of fraudulent use, security, and ensuring service stability
  1. Service operation, including delivering notices and announcements

3. Retention and Use Period of Personal Information

In principle, the Company destroys personal information without delay once the purpose of collection and use has been achieved.

However, the Company may retain certain information for a specific period as required by applicable laws.

  1. Member information: Until account deletion/withdrawal
  1. Retention under consumer protection laws such as the Act on Consumer Protection in Electronic Commerce:
    • Records on contracts/withdrawal of subscription (cancellation): 5 years
    • Records on payments and supply of goods/services: 5 years
    • Records on consumer complaints and dispute resolution: 3 years
  1. Access logs under the Protection of Communications Secrets Act: 3 months

4. Provision of Personal Information to Third Parties

The Company does not provide users’ personal information to third parties in principle.

Exceptions may apply in the following cases:

  1. Where the user has given prior consent
  1. Where disclosure is required under applicable laws or pursuant to lawful requests by authorities

5. Outsourcing of Personal Information Processing

For smooth service operation, the Company may outsource certain personal information processing tasks to third parties, including:

  • Payment processing: Polar
  • Image hosting: Cloudflare

When outsourcing, the Company enters into necessary agreements and manages/supervises outsourced vendors to ensure appropriate safeguards for personal information protection.

6. Rights of Users and Legal Representatives

Users may exercise the following rights regarding their personal information at any time:

  1. Request access to personal information
  1. Request correction or deletion
  1. Request suspension of processing
  1. Withdraw consent and request account deletion/withdrawal

Such requests may be submitted through customer support or the Company’s personal information contact point.

7. Destruction Procedures and Methods

  1. Destruction procedures: After the purpose of collection and use is fulfilled, personal information is either moved to a separate database and stored for a certain period (if required) before destruction, or destroyed immediately.
  1. Destruction methods:
    • Electronic files: Permanently deleted in a non-recoverable manner
    • Printed materials: Shredded or incinerated

8. Measures to Ensure Security of Personal Information

The Company takes the following measures to protect personal information:

  • Administrative measures: Establishment of internal management plans, employee training
  • Technical measures: Password encryption, access controls, and log management

9. Use of Cookies

The Company may use cookies to provide personalized services.

Users may refuse the storage of cookies through browser settings.

(However, refusal of cookies may limit certain features of the Service.)

10. Contact for Personal Information Inquiries

11. Duty to Notify Changes

This Privacy Policy may be amended in accordance with changes in laws or Company policies. In such cases, the Company will notify users through the Service’s announcements or notices.

  • Effective Date: January 15, 2026
  • Last Updated: January 15, 2026