Privacy Policy
Last Updated: June 20, 2025
Saisei is committed to protecting the personal information of its users and complies with all applicable laws and regulations, including the Personal Information Protection Act (개인정보보호법, PIPA) and the Act on Promotion of Information and Communications Network Utilization and Information Protection. This Privacy Policy sets forth the categories of personal information collected by Saisei, the purposes of collection and use, retention and use periods, and matters relating to disclosure to third parties, in order to safeguard the rights and interests of users.
1. Purpose of Collection
Saisei collects and uses personal information for the following purposes:
Service Provision and Contract Performance: Delivering products and services, providing content, offering personalised services, issuing contracts and invoices, identity verification, processing purchases and payments, and dispatching goods or billing statements.
Member Management: Identity verification and identification for membership-based services, preventing fraudulent use and unauthorised access by suspended members, confirming intent to register, restricting duplicate registrations, obtaining legal guardian consent when collecting personal information of children under 14, verifying the identity of legal guardians, preserving records for dispute resolution, handling complaints and other inquiries, and delivering notices.
Marketing and Advertising: Development and differentiation of new services (products), delivery of promotional information including event notifications, providing services and displaying advertisements based on demographic characteristics, analysing access frequency, and compiling usage statistics.
Technical Support and Customer Service: Processing technical support requests, responding to product-related enquiries, and collecting feedback for service improvement.
2. Information We Collect
Saisei collects the following personal information for the purposes of service provision and member management:
| Information We Collect | Required / Optional | Purpose of Use |
|---|---|---|
| Name, email address, phone number, company name, department | Required | Service provision, contract performance, customer support |
| Address, job title | Optional | Service provision, personalised information delivery |
| IP address, cookies, visit date and time, service usage records | Automatically collected | Service usage analysis, security, and prevention of fraudulent use |
In the course of using our services, information beyond the above — including service usage logs, access logs, cookies, access IP information, and payment records — may be automatically generated and collected.
3. Retention Period
As a general rule, Saisei destroys personal information without delay once the purposes of collection and use have been fulfilled. However, where retention is required by applicable law, the Company retains member information for the periods prescribed by the relevant legislation, as set out below.
Retention Periods Required by Law
- Records relating to contracts or withdrawal of offers: 5 years (Act on Consumer Protection in Electronic Commerce)
- Records relating to payment and supply of goods or services: 5 years (Act on Consumer Protection in Electronic Commerce)
- Records relating to consumer complaints or dispute resolution: 3 years (Act on Consumer Protection in Electronic Commerce)
- Records relating to advertising and labelling: 6 months (Act on Consumer Protection in Electronic Commerce)
- Transaction records prescribed by tax law: 5 years (Framework Act on National Taxes)
- Records relating to electronic financial transactions: 5 years (Electronic Financial Transactions Act)
- Service visit records: 3 months (Protection of Communications Secrets Act)
4. Disclosure to Third Parties
As a general rule, Saisei does not disclose users' personal information to third parties. Exceptions apply only in the following circumstances:
Where the user has given prior consent.
Where required by law or requested by a law enforcement authority in accordance with the procedures and methods prescribed by law for investigative purposes.
Where necessary for statistical compilation, academic research, or market research, and the information is provided in a form that does not allow identification of specific individuals.
Current Status of Third-Party Disclosures
Saisei does not currently disclose users' personal information to any third parties. Should disclosure to a third party become necessary in the future, Saisei will notify users in advance of the recipient, the purpose of disclosure, the items disclosed, and the retention and use period, and will obtain the users' consent prior to any such disclosure.
5. Your Rights
Data subjects may, at any time, exercise their rights against Saisei, including the right to access, rectify, erase, or restrict the processing of their personal information.
Rights of Data Subjects
- Right to access personal information
- Right to rectification where information is inaccurate or incomplete
- Right to erasure
- Right to restriction of processing
How to Exercise Your Rights
Rights may be exercised in writing, by email, or by facsimile (FAX) in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act (개인정보보호법 시행령). FirstWave will take action without undue delay.
Exercise Procedure
- Please contact the Privacy Officer in writing, by phone, or by email, and we will respond without undue delay.
- Where a data subject requests rectification or erasure of inaccurate personal information, Saisei will not use or disclose that information until the request has been fully processed.
- Rights may be exercised through a legal representative or an authorised agent of the data subject. In such cases, a power of attorney in accordance with Form 11 of the Notice on Personal Information Processing Methods (No. 2020-7) must be submitted.
6. Security Measures
Saisei implements the following measures to ensure the security of personal information:
Administrative Measures
Establishment and implementation of an internal management plan, regular staff training, and minimisation of personnel with access to personal information.
Technical Measures
Encryption of personal information, retention of access logs, and installation of firewalls and anti-virus software.
Physical Measures
Access controls for locations where personal information is stored, including server rooms and data storage facilities.
Destruction Procedure
Immediate destruction upon fulfilment of purpose; electronic files are permanently deleted using methods that render recovery impossible.
7. Changes to This Policy
This Privacy Policy is effective from June 20, 2025. Where additions, deletions, or corrections are made in accordance with applicable laws or policy requirements, we will provide notice through our announcements at least seven (7) days prior to the effective date of any changes.
Revision History
- June 20, 2025: Privacy Policy revised (current version)
- December 15, 2024: Privacy Officer updated
- May 10, 2024: Privacy Policy first enacted