Privacy Policy
Last Updated: January 14, 2026
1. General Provisions
Verbsync ("Company") complies with relevant laws including the Act on Promotion of Information and Communications Network Utilization and Information Protection, and the Personal Information Protection Act, and considers the protection of users' personal information to be very important. This Privacy Policy provides information about the items of personal information collected, processing purposes, retention and use periods, etc. in the process of using the Verbsync service ("Service") provided by the Company.
2. Items and Methods of Personal Information Collection
2.1 Collection Items
Required Items:
- Email address (account identification and login)
- Password (stored encrypted)
- Name or nickname
Automatically Collected Items:
- IP address, access logs, cookies, service usage records
- Device information (browser type, OS information)
Information Generated During Service Use:
- Project information (project name, description, etc.)
- Translation keys and translation value data
- API keys (stored encrypted)
- Allowed domain list
- Team member information (when using team plans)
2.2 Collection Methods
- Direct input during membership registration and service use
- Automatically generated and collected during service use
- Information provided when contacting customer support
3. Purpose of Personal Information Processing
- Service Provision: Member management, project and translation data management, API service provision
- Service Improvement: Usage statistics analysis, service quality improvement, new feature development
- Customer Support: Inquiry response, technical support, notice delivery
- Security: Prevention of unauthorized use, account security management, domain-based access control
- Billing: Payment processing and receipt issuance for paid plans
4. Retention and Use Period of Personal Information
The Company processes and retains personal information within the period of retention and use of personal information under applicable laws or the period of retention and use of personal information agreed upon when collecting personal information from the data subject.
- Member Information: Until membership withdrawal (however, if preservation is required by law, it will be kept for the required period)
- Service Usage Records: 3 years (Communications Secrets Protection Act)
- Payment Information: 5 years (Electronic Commerce Act)
- Records on Contracts or Withdrawal of Subscription: 5 years (Electronic Commerce Act)
When a member withdraws, personal information is deleted immediately, but information subject to the above retention period will be kept for that period even after withdrawal.
5. Provision of Personal Information to Third Parties
In principle, the Company does not provide users' personal information to third parties. However, exceptions are made in the following cases:
- When the user has given prior consent
- When required by law or when requested by investigative agencies in accordance with procedures and methods prescribed by law for investigative purposes
- When provided to external service providers within the minimum scope necessary for service provision (e.g., payment processing, email sending)
6. Entrustment of Personal Information Processing
The Company may entrust personal information processing tasks to external specialized companies for service improvement as follows:
| Consignee | Entrusted Work |
|---|---|
| Cloud Infrastructure Provider | Server operation and data storage |
| Payment Processing Company | Payment processing for paid plans |
| Email Sending Service | Email verification and notification sending |
When entrusting, the Company specifies in the contract matters such as prohibition of personal information processing for purposes other than the entrusted work, technical and administrative protection measures, restriction of re-entrustment, and management and supervision of the consignee in accordance with the Personal Information Protection Act.
7. Rights and Obligations of Data Subjects and Methods of Exercise
Users may exercise the following rights at any time:
- Request for access to personal information
- Request for correction or deletion of personal information
- Request for suspension of personal information processing
- Membership withdrawal (including request for deletion of personal information)
The exercise of the above rights may be made to the Company in writing, by email, or by facsimile transmission (FAX), and the Company will take action without delay.
8. Destruction of Personal Information
The Company destroys personal information without delay when it becomes unnecessary due to the expiration of the retention period or achievement of the processing purpose. The procedures and methods of destruction are as follows:
- Destruction Procedure: Information entered by users is moved to a separate database (or separate documents in case of paper) after the purpose is achieved and destroyed after being stored for a certain period or immediately in accordance with internal policies and other relevant laws.
- Destruction Method: For information in electronic file format, technical methods that cannot reproduce records are used. Personal information printed on paper is destroyed by shredding with a shredder or incineration.
9. Personal Information Protection Officer
The Company is responsible for overseeing personal information processing tasks and has designated a Personal Information Protection Officer as follows to handle complaints and damage relief related to personal information processing:
Personal Information Protection Officer
Email: verbsync@gmail.com
Data subjects may contact the Personal Information Protection Officer regarding all inquiries, complaints, and damage relief related to personal information protection that occur while using the Company's services.
10. Measures to Ensure Personal Information Security
The Company takes the following measures to ensure personal information security:
- Administrative Measures: Establishment and implementation of internal management plans, regular employee training, etc.
- Technical Measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs
- Physical Measures: Access control to computer rooms, data storage rooms, etc.
- Encryption: Passwords are stored encrypted, and API keys are managed encrypted.
- Domain Restriction: API access is allowed only from allowed domains to prevent unauthorized access.
11. Operation and Rejection of Cookies
The Company uses cookies to provide personalized and customized services to users. Cookies are small text files stored in the user's browser when visiting the website.
Purpose of Cookie Use:
- Maintaining login status
- Analysis of service usage patterns
- Collection of statistics for service improvement
Users have the right to choose whether to install cookies, and can set cookie acceptance or blocking in their web browser settings. However, if cookie installation is rejected, there may be difficulties in using the service.
12. Changes to Privacy Policy
This Privacy Policy will be notified through the service's notice board from 7 days before the implementation date when there are additions, deletions, or modifications to the content due to changes in laws, policies, or security technology.