Privacy Policy for kokoAI

Effective Date: January 1, 2025

kokoAI (“the Company”, “we”, “our”, or “us”) values your privacy and complies with applicable data protection laws, including the Personal Information Protection Act of Korea and international standards. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services.

1. Information We Collect

We may collect the following types of personal information:

1) Account Creation (Google & Apple Sign-In)

  • We provide Google and Apple sign-in options for registration and login.
  • Depending on your consent, we may collect:
    • From Google Sign-In: name, email address, profile photo (optional)
    • From Apple Sign-In: name, email address (if you choose “Hide My Email,” only the relay email is shared)
  • We do not collect or store your Google or Apple account passwords. Authentication is handled securely by the respective providers.

2) During Service Use

  • Voice input and chat history (for AI conversation practice)
  • Learning activity data (grammar corrections, quiz results, feedback logs)
  • Device and technical information: IP address, OS, browser/app version, cookies, log data

3) For Paid Services (if applicable)

  • Payment information (partial card number, billing details, transaction history)

2. Purpose of Collection and Use

Your personal information is used for the following purposes:

  • Authenticate users via Google/Apple login
  • Provide Korean learning services (AI conversations, corrections, feedback)
  • Manage accounts and ensure secure access
  • Personalize and improve learning content
  • Process payments and refunds for paid services
  • Respond to inquiries and provide customer support
  • Analyze usage patterns to enhance service quality
  • Send marketing or event notifications (only with your consent)

3. Retention and Deletion of Data

  • Your personal data is deleted immediately upon account termination.
  • However, certain data may be retained as required by law:
    • Contracts and withdrawal records: 5 years (E-Commerce Act)
    • Payment and transaction records: 5 years (E-Commerce Act)
    • Customer complaints and dispute records: 3 years (E-Commerce Act)
    • Log data: 3 months (Communications Privacy Protection Act)

4. Sharing Personal Information with Third Parties

  • We do not share personal information with third parties without your consent, except:
  • When required by law or requested by government authorities through legal procedures

5. Entrusted Processing of Personal Information

We may entrust certain operations to trusted third-party providers:

  • Authentication: Google LLC, Apple Inc.
  • Cloud Infrastructure: Amazon Web Services (AWS), Google Cloud Platform (GCP)
  • Payment Processing: Stripe, Apple/Google In-App Payments

All entrusted parties are contractually required to process personal data securely.

6. User Rights

You have the right to:

  • Access, correct, or delete your personal information
  • Request suspension of data processing
  • Withdraw consent and delete your account
  • Exercise these rights by contacting us at jaylee8864@gmail.com

7. Safeguards for Personal Information

We take technical and organizational measures to protect your data:

  • Encryption of sensitive information during storage and transmission
  • Strict access control limited to authorized personnel
  • Regular security monitoring and audits

8. Cookies and Log Data

  • We use cookies and log data to improve user experience and analyze service usage.
  • You may refuse cookies by adjusting your browser settings; however, some features may not function properly.

9. Data Protection Officer

  • Name: Jake Lee
  • Position: CEO / Data Protection Officer
  • Email: jaylee8864@gmail.com
  • Contact: (to be updated with company number if available)

10. Changes to This Privacy Policy

  • This Privacy Policy is effective as of January 1, 2025.
  • Any updates or changes will be notified through our website and in-app notices.