Privacy Policy

Last updated: March 2, 2026

Easy to understand privacy practices.

We protect your privacy. This policy explains how we handle your information in simple terms.

Information We Collect

Basic Information

Profile Info: Name, email, nationality, visa type
Job Seeker: Resume, education, work experience, qualifications
Employer: Company name, business registration number, industry, workforce size

Payment Info

Processed securely through PG (KG Inicis) or Stripe
We do NOT store your card numbers — payment providers handle them

Sensitive Information (Separate Consent)

Criminal record info: For specific visa evaluations (e.g., E-7) — deleted immediately after evaluation
Health info: For specific job types (construction, food processing) — deleted after hiring decision
You can decline sensitive info collection without losing access to basic services

Automatic Collection

IP address, cookies, access time, device info (for security and service improvement)

How We Use Your Information

To create and manage your account
To match you with jobs or candidates via visa matching
To process payments and refunds (via PortOne V2 / Stripe)
To send you important service notifications
To improve our platform and user experience
To prevent fraud and ensure security
To provide visa diagnosis services

Information Sharing

Job application info shared with the employer you apply to
Payment gateway: PortOne V2 (Korea) — payment processing orchestration
Payment processor: KG Inicis (domestic) or Stripe (international)
OAuth login: Kakao Corp., Google LLC, Apple Inc., Meta Platforms Inc. — social login authentication only
Cloud hosting: AWS (Seoul region server + Lightsail)
Email delivery: AWS SES
Notifications: Kakao Corp. (KakaoTalk Alimtalk, Phase 2)
Development support: Yedangin Co., Ltd. (Myanmar) via encrypted VPN/SSH
Required by law or to protect rights
We NEVER sell your personal information

International Data Transfer

Yedangin Co., Ltd. (Myanmar): Platform development and maintenance — Items transferred: source code, anonymized test data (no personal info in production); Purpose: software development support; Retention: project duration; Transfer method: encrypted VPN/SSH
Stripe, Inc. (USA): International payment processing with PCI DSS Level 1 certification
Google LLC (USA): OAuth login authentication
Apple Inc. (USA): OAuth login authentication
Meta Platforms Inc. (USA): OAuth login authentication
AWS (USA headquarters / Seoul region servers): Cloud infrastructure and email services
All transfers use encrypted communication (SSL/TLS, SSH, VPN)
Contracts with all providers include privacy protection obligations
IMPORTANT: International data transfer requires separate consent at sign-up (Personal Information Protection Act §17). This consent is collected as a mandatory item distinct from general data collection consent.
Consent categories at sign-up: (1) [Required] Terms of Service, (2) [Required] Personal Data Collection & Use, (3) [Required] International Data Transfer, (4) [Optional] Marketing Communications

Data Retention

Active accounts: While you use our service
After withdrawal: Account recoverable for 90 days (soft delete); minimal identifiers (email hash, activity logs) retained up to 6 months for fraud prevention, then permanently deleted
Visa diagnosis results: 1 year after completion
Payment/transaction records: 5 years (e-commerce law)
Consumer complaint records: 3 years
Login records: 3 months (telecommunications law)
System logs (request/error logs): 90–180 days for security monitoring
Inactive accounts: Separated after 1 year of inactivity
Sensitive info (criminal records): Deleted IMMEDIATELY after evaluation — never retained
Sensitive info (health data): Deleted immediately after hiring decision
You can request deletion of your data anytime

Your Privacy Rights

See what information we have about you
Correct inaccurate information
Delete your account and data
Request to stop processing your information
Withdraw consent (including sensitive info consent) at any time
Rights can be exercised by you or an authorized representative
We respond within 10 days of receiving your request

Security

Encrypted data transmission (SSL/TLS) and storage (AES-256)
Passwords hashed with bcrypt (one-way encryption)
Secure payment processing (we don't store card details)
Sensitive info encrypted at rest and in transit
Firewall and intrusion detection systems (24/7)
Minimum-privilege access control for all personnel
Regular security audits and monitoring

Cookies

Essential cookies: Required for login and basic functions
Preference cookies: Remember your settings
Analytics cookies: Help us improve services
You can control cookies in your browser settings

Automated Decision-Making

Our visa matching engine automatically evaluates which visa holders can be hired for each job posting. This affects which jobs you see and which candidates employers can access
You have the right to know that automated visa matching is being used
You have the right to request an explanation of how the matching decision was made
You have the right to request human review of an automated decision
Automated matching results are reference information only; final visa decisions are made by the Immigration Office
To exercise these rights, contact our privacy officer at pch0675@naver.com

Chief Privacy Officer (CPO)

CPO: Park Chanho (박찬호), CEO
Email: pch0675@naver.com
Phone: 070-8095-4474
The CPO is responsible for handling all privacy-related inquiries, complaints, and data subject requests
Response to privacy inquiries: within 10 business days

Information We Collect

Basic Information

Profile Info: Name, email, nationality, visa type
Job Seeker: Resume, education, work experience, qualifications
Employer: Company name, business registration number, industry, workforce size

Payment Info

Processed securely through PG (KG Inicis) or Stripe
We do NOT store your card numbers — payment providers handle them

Sensitive Information (Separate Consent)

Criminal record info: For specific visa evaluations (e.g., E-7) — deleted immediately after evaluation
Health info: For specific job types (construction, food processing) — deleted after hiring decision
You can decline sensitive info collection without losing access to basic services

Automatic Collection

IP address, cookies, access time, device info (for security and service improvement)

How We Use Your Information

To create and manage your account

To match you with jobs or candidates via visa matching

To process payments and refunds (via PortOne V2 / Stripe)

To send you important service notifications

To improve our platform and user experience

To prevent fraud and ensure security

To provide visa diagnosis services

Information Sharing

Job application info shared with the employer you apply to

Payment gateway: PortOne V2 (Korea) — payment processing orchestration

Payment processor: KG Inicis (domestic) or Stripe (international)

OAuth login: Kakao Corp., Google LLC, Apple Inc., Meta Platforms Inc. — social login authentication only

Cloud hosting: AWS (Seoul region server + Lightsail)

Email delivery: AWS SES

Notifications: Kakao Corp. (KakaoTalk Alimtalk, Phase 2)

Development support: Yedangin Co., Ltd. (Myanmar) via encrypted VPN/SSH

Required by law or to protect rights

We NEVER sell your personal information

International Data Transfer

Yedangin Co., Ltd. (Myanmar): Platform development and maintenance — Items transferred: source code, anonymized test data (no personal info in production); Purpose: software development support; Retention: project duration; Transfer method: encrypted VPN/SSH

Stripe, Inc. (USA): International payment processing with PCI DSS Level 1 certification

Google LLC (USA): OAuth login authentication

Apple Inc. (USA): OAuth login authentication

Meta Platforms Inc. (USA): OAuth login authentication

AWS (USA headquarters / Seoul region servers): Cloud infrastructure and email services

All transfers use encrypted communication (SSL/TLS, SSH, VPN)

Contracts with all providers include privacy protection obligations

IMPORTANT: International data transfer requires separate consent at sign-up (Personal Information Protection Act §17). This consent is collected as a mandatory item distinct from general data collection consent.

Consent categories at sign-up: (1) [Required] Terms of Service, (2) [Required] Personal Data Collection & Use, (3) [Required] International Data Transfer, (4) [Optional] Marketing Communications

Data Retention

Active accounts: While you use our service

After withdrawal: Account recoverable for 90 days (soft delete); minimal identifiers (email hash, activity logs) retained up to 6 months for fraud prevention, then permanently deleted

Visa diagnosis results: 1 year after completion

Payment/transaction records: 5 years (e-commerce law)

Consumer complaint records: 3 years

System logs (request/error logs): 90–180 days for security monitoring

Inactive accounts: Separated after 1 year of inactivity

Sensitive info (criminal records): Deleted IMMEDIATELY after evaluation — never retained

Sensitive info (health data): Deleted immediately after hiring decision

You can request deletion of your data anytime

Your Privacy Rights

See what information we have about you

Correct inaccurate information

Delete your account and data

Request to stop processing your information

Withdraw consent (including sensitive info consent) at any time

Rights can be exercised by you or an authorized representative

We respond within 10 days of receiving your request

Security

Encrypted data transmission (SSL/TLS) and storage (AES-256)

Passwords hashed with bcrypt (one-way encryption)

Secure payment processing (we don't store card details)

Sensitive info encrypted at rest and in transit

Firewall and intrusion detection systems (24/7)

Minimum-privilege access control for all personnel

Regular security audits and monitoring

Automated Decision-Making

Our visa matching engine automatically evaluates which visa holders can be hired for each job posting. This affects which jobs you see and which candidates employers can access

You have the right to know that automated visa matching is being used

You have the right to request an explanation of how the matching decision was made

You have the right to request human review of an automated decision

Automated matching results are reference information only; final visa decisions are made by the Immigration Office

To exercise these rights, contact our privacy officer at pch0675@naver.com