Privacy Policy

NadooModoo, Inc. (the "Company") values the privacy of its customers who use the Nadoo.io service (the "Service") and complies with relevant laws, such as the "Act on Promotion of Information and Communications Network Utilization and Information Protection" and the "Personal Information Protection Act." This Privacy Policy outlines how the Company collects, uses, provides, and destroys personal data, and what measures it takes to protect the rights of its customers.

Article 1 (Types and Methods of Personal Data Collection)

The Company collects the following personal data for service provision:

1. Data collected upon member registration and service use: ID, password, email address, name, contact information.
2. Data collected for paid service use: Payment information (credit card details, bank account details, etc.).
3. Data automatically generated during service use: IP address, cookies, visit date and time, service usage records, and improper usage records.
4. Data collected for customer inquiries and complaints: Name, contact information, email address, etc.

Article 2 (Purpose of Personal Data Collection and Use)

The Company uses the collected personal data for the following purposes:

1. Service Provision: Providing AI-based website building and management services, processing payments and refunds for paid services.
2. Member Management: Identity verification, prevention of fraudulent use by malicious members, confirmation of membership withdrawal intent.
3. Service Improvement and New Service Development: Improving the service through statistical analysis and providing customized services.
4. Marketing and Advertising: Providing information on new services and events, and delivering personalized advertisements.

Article 3 (Provision and Delegation of Personal Data)

1. Provision to Third Parties: The Company, in principle, does not provide customers' personal data to external parties. However, personal data may be provided only when the customer has given prior consent or when a special provision exists in the law.
2. Delegation of Personal Data Processing: For smooth service provision, the Company entrusts personal data processing to external specialized companies as follows. These companies comply with relevant personal data protection laws as per their contract.
   • Featurebase: Managing customer inquiries and feedback within the service.
   • AWS (Amazon Web Services): Managing servers and databases for service operation.
3. Third-Party Service Integration: The Company's Service may include features that integrate with third-party websites, products, applications, or services that the Company does not own or operate. The Company is not responsible for the content or privacy practices of these third parties. This Privacy Policy does not apply to your activities on these third-party services or any information you provide to them. We strongly encourage you to review the privacy policies of these services before providing any information to them.

Article 4 (Retention and Usage Period of Personal Data)

The Company processes and retains personal data for a period defined by law or for a period to which the customer has consented at the time of data collection. Upon membership withdrawal, the collected personal data will be destroyed without delay, unless retention is required by relevant laws.

Article 5 (Procedure and Method of Personal Data Destruction)

The Company destroys personal data without delay after the retention period has expired or the purpose of processing has been fulfilled.

1. Destruction Procedure: Personal data subject to destruction is selected, and after approval by the Company's Personal Data Protection Officer, the data is destroyed.
2. Destruction Method: Personal data stored in electronic file formats is deleted using a technical method that makes it irrecoverable. Personal data recorded on paper is destroyed by shredding or incineration.

Article 6 (Rights of Customers and Legal Representatives and How to Exercise Them)

1. Customers may exercise their rights to view, correct, delete, or suspend the processing of their personal data at any time.
2. For the protection of personal data of children under the age of 14, their legal representatives can exercise the rights to view, correct, delete, or suspend the processing of the child's personal data.
3. Rights can be exercised by contacting the Company in writing, by phone, email, or fax, and the Company will take action without delay.

Article 7 (Installation, Operation, and Refusal of Automated Personal Data Collection Devices)

1. The Company may use cookies to store and retrieve customer information. Cookies are small files sent by the server to the user's computer browser.
2. Customers have the right to choose whether to install cookies and can adjust their browser options to accept all cookies, be notified each time a cookie is saved, or refuse all cookies.

Article 8 (Personal Data Protection Officer)

To protect customer personal data and handle related complaints, the Company has designated a Personal Data Protection Officer and a dedicated team.

• Personal Data Protection Officer: Lim Hee Eun
• Contact: 82-2-557-4423

Article 9 (Measures to Secure Personal Data)

The Company takes the following measures to securely manage customer personal data:

1. Technical Measures: Encryption for secure storage and transmission of personal data, installation and regular updates of security programs.
2. Administrative Measures: Minimizing and educating staff who handle personal data, and operating a dedicated personal data protection team.
3. Physical Measures: Access control to the physical location where personal data is stored.

Article 10 (Obligation to Notify of Policy Changes)

This Privacy Policy may be changed in accordance with relevant laws and the Company's internal policies. Any changes will be announced on the Service website.

Last Updated on August 27, 2025.