MaroStory (hereinafter referred to as the "Company") values the personal information of the data subjects who use all services provided by the Company (hereinafter referred to as the "Service") and complies with relevant laws and regulations. This policy explains how users' personal information is collected, used, and protected.
Article 1 (Personal Information Items Collected)
The Company may collect the following personal information to provide services.
1. Upon Membership Registration and Account Linkage
- Required: Email address, password
- Optional: Nickname, profile image
2. Additional Information Collected Upon Using Specific Services
For some services such as fortune-telling and Saju, the following information may be additionally collected.
- Gender, date of birth, time of birth, place of birth
3. Information Automatically Collected Upon Using Services
- Device information (model name, OS version, app version)
- Log information (IP, access date and time, usage records)
- Advertising ID (GAID, IDFA, etc.)
4. Upon Payment and Use of Paid Services
- Payment records (payment history within the store)
- Ad viewing history (for providing rewarded advertisements)
Article 2 (Method of Collecting Personal Information)
The Company collects personal information in the following ways:
- Direct entry by the user when running the service and signing up
- Social login linkage such as Google/Apple
- Automatic collection during service use
- Customer center inquiries and event participation
Article 3 (Purpose of Using Personal Information)
The Company uses the collected personal information for the following purposes:
| Purpose | Details |
|---|---|
| Service Provision | Provision of content, provision of results such as fortune-telling, Saju, and dream interpretation |
| Member Management | Login, user identification, change of member information, account management |
| Customized Content Provision | AI recommendations and result analysis according to personal information |
| Advertising and Marketing | Provision of rewarded advertisements and analysis based on statistics |
| Customer Support | Inquiry response, error handling, delivery of announcements |
Article 4 (Retention and Usage Period of Personal Information)
The Company immediately destroys the information after the purposes of collecting and using personal information are achieved.
However, the following information may be stored for a certain period in accordance with relevant laws and regulations.
- Records on labels/advertisements, contract contents and performance according to the Electronic Commerce Act: 5 years
- Records on consumer complaints or dispute handling: 3 years
Article 5 (Provision of Personal Information to Third Parties)
The Company does not provide personal information to third parties without the user's consent. However, the following cases are exceptions:
- When requested in accordance with laws and regulations
- When the user has agreed in advance
Article 6 (Consignment of Personal Information Processing)
The Company may consign the processing of personal information to the following external companies to provide services.
| Consignee | Contents of Consignment |
|---|---|
| Firebase (Google) | Authentication, push notifications, analysis, cloud storage |
| Supabase | User DB storage and authentication processing |
| Google AdMob | Ad transmission and rewarded ad operation |
| OpenAI / Gemini | Provision of AI-based interpretation functions (anonymized when transmitting text) |
Article 7 (Rights of the User)
Users can inquire or modify their personal information at any time, and can withdraw their consent to the collection and use of personal information through membership withdrawal.
Upon membership withdrawal, all personal information is immediately deleted, and is stored only when storage is required by laws and regulations.
Article 8 (Technical/Managerial Measures for Personal Information Protection)
- Personal information is encrypted and stored, and managed safely.
- Passwords are stored using one-way encryption and are not decrypted.
- Administrator access rights are limited to the minimum, and internal access history is also recorded and managed.
- The service maintains data security during transmission through HTTPS communication.
Article 9 (Cookies and Advertising Identifiers)
The service may collect advertising identifiers (GAID, IDFA, etc.) to provide user-customized advertisements. Users can refuse this through device settings.
Article 10 (Personal Information of Children Under 14)
The Company does not intentionally collect personal information of children under 14, and takes immediate deletion measures upon confirmation.
Article 11 (Chief Privacy Officer)
The Company designates a Chief Privacy Officer as follows to take overall responsibility for tasks related to personal information processing and to handle complaints and damage relief of data subjects related to personal information processing.
Chief Privacy Officer
Officer: [Name of person in charge or "Representative"]
Email: snow@marostory.com
Inquiries can be submitted through customer support within each service or via the email above.
Article 12 (Notification of Change)
This policy may be revised after prior notice according to changes in laws, policies, or service contents, and will be guided through announcements or pop-ups within the service.
Inquiries Regarding Personal Information
Service Name: All services provided by MaroStory
Company: MaroStory
Email: snow@marostory.com
Department in Charge: Development Team
Privacy Infringement Report Center
If you need to report personal information infringement, you can report it to the following organizations:
- Personal Information Protection Commission: privacy.go.kr / 182
- Personal Information Infringement Report Center: privacy.go.kr / 182
- Supreme Prosecutors' Office Cybercrime Investigation Unit: www.spo.go.kr / 02-3480-3571
- National Police Agency Cyber Terror Response Center: www.netan.go.kr / 182
Announcement Date: June 3, 2025
Effective Date: June 10, 2025