Privacy Policy

1. JoyLabs Privacy Policy

“Privacy Policy” means guidelines that companies must follow to ensure that users can safely use services, and JoyLabs provides a privacy policy that companies must follow to ensure that users can safely use services.

JoyLabs collects and uses personal information based on the user’s consent, and actively protects the user’s rights (the right to self-determination of personal information) by providing a privacy policy in a way that is easy to understand. As part of this effort, JoyLabs provides key personal information processing related information through labeling.

• Personal Information

  [Required] Email, Password, Name (Nickname), Service Usage History, Purchase and Payment History in Service

  [Optional] Date of Birth, Gender, Phone Number, Profile Picture

  [※ The information in this section is the personal information collected when registering for “JoyLabs Account”. For more details, please refer to here.](#2-Personal Information Collection)

• Processing Purpose

  JoyLabs uses the personal information collected from users only for the purposes necessary for providing JoyLabs services, such as managing members, providing and improving services, and developing new services.

  [※ The collection purpose of the personal information collected by JoyLabs is here.](#3-Personal Information Use)

• Third-Party Provision

  Personal information may be provided to third parties for the purpose of connecting to third-party services and using third-party service provider services. JoyLabs does not provide personal information to third parties without the user’s consent, except in cases specified by law. When third-party provision occurs, JoyLabs provides personal information to the user after obtaining consent for the recipient and purpose of provision.

  [※ For more details on when personal information may be provided to third parties, please refer to here.](#4-Personal Information Provision)

• Processing Delegation

  JoyLabs may delegate some of the personal information processing tasks to external companies for the purpose of providing services. JoyLabs restricts the processing of personal information by the subcontractor beyond the purpose of the subcontracted tasks, manages and supervises the compliance of the personal information protection related laws and regulations of the subcontractor, such as applying technical and managerial protection measures and restricting re-delegation.

  [※ For more details on the entire personal information processing delegation of JoyLabs, please refer to here.](#5-Personal Information Deletion)

• Information Subject’s Rights and Obligations

  JoyLabs guarantees the rights and obligations of the information subject in the processing of personal information. JoyLabs’ service users can view or modify their personal information at any time, withdraw consent for collection, use, and provision, or request withdrawal of membership.

  [※ For more details on the information subject’s rights and obligations related to JoyLabs, please refer to here.](#6-Information Subject’s Rights and Obligations)

• Customer Service Department

  For inquiries, complaints, advice, or other matters related to personal information protection during JoyLabs service use, please contact the JoyLabs personal information protection manager and the relevant department, and we will respond and provide answers. JoyLabs will always listen to your voice and strive to provide a safer service.

  ※ For more details on the personal information processing related to JoyLabs, please refer to here.

2. Personal Information Collection

JoyLabs collects the minimum necessary personal information for service provision. During the member registration or service use process, JoyLabs collects the minimum necessary personal information for service provision through the home page or individual applications or programs.

JoyLabs collects the minimum necessary information as a required item, and additional information collected for specialized service provision is collected as an optional item, and the service use is not restricted even if the optional item is not agreed to.

[JoyLabs Account Registration]

[Required] Email, Password, Name (Nickname), Profile Picture, Service Usage History, Purchase and Payment History in Service
[Optional] Date of Birth, Gender, Phone Number

[Business/Organization JoyLabs Account Registration]

[Required] Email, Password, Business/Organization Name, Profile Picture, Representative Contact Information, Service Usage History, Purchase and Payment History in Service, Representative’s Personal Information (Name, Date of Birth, Gender, ID, Encrypted User Confirmation Value (CI), Duplicate Membership Confirmation Information (DI), Nationality), Representative Contact Information (Email Address, Phone Number)

[Self-Certification]

[Required] Name, Gender, Date of Birth, Phone Number, Telecom Operator, Nationality, Encrypted User Confirmation Value (CI), Duplicate Membership Confirmation Information (DI)

[Legal Representative Agreement]

[Required] Legal Representative Information (Name, Gender, Date of Birth, Phone Number, Telecom Operator, Nationality, Encrypted User Confirmation Value (CI), Duplicate Membership Confirmation Information (DI))

[Paid Service Use]

[Required] Credit Card Payment: Card Number (Partial), Card Company Name
[Required] Mobile Phone Number Payment: Mobile Phone Number, Payment Confirmation Number
[Required] Bank Transfer: Account Holder Name, Account Number, Bank
[Required] Gift Card Use: Gift Card Number, Corresponding Site ID

[Refund Processing]

[Required] (Domestic) Bank Transfer: Bank, Account Number, Account Holder Name, Email
[Required] (International) PayPal Use: Account Holder Name, PayPal User Name / Email Address / Phone Number (Optional)

[Cash Receipt Issuance]

[Required] Phone Number, Cash Receipt Card Number

[Customer Consultation]

Additional information may be collected for consultation processing when consulting and consulting with the customer service center.

[For more details on the personal information collected for customer consultation, please refer to here.]

The method of collecting personal information is as follows.

When collecting personal information, we generally inform the user in advance of the fact and obtain consent, and collect personal information through the following methods.

• When registering for membership and using services, the user agrees to collect personal information and directly enters information.
• When receiving personal information from affiliated services or groups.
• When consulting through the customer service center, web pages, mail, fax, phone, etc.
• When participating in events/activities conducted on-site/off-site.

During service use, device information, IP address, cookie, service use history* etc. may be automatically generated and collected.

*Service use history means information that can be automatically recorded and collected in the JoyLabs server by automatic means or by the user’s input when information is transmitted and received. Such information may or may not be personal information depending on whether it is combined with other information or how it is processed.

Service use history may include content that the user has input and shared, search terms that the user has entered, visit and access records, service improper use records, etc. For example, text, images, videos, voice, etc. of the content written by the user are stored and posted on the company’s server. At this time, information such as the content viewer, data format, publication date, etc. that is transmitted and received between the user and the viewer is also recorded on the server. JoyLabs may process information such as service use history for the purpose of providing services, and may use it with the user’s additional consent if necessary.

We receive personal information from third parties through affiliate services, linkage, etc.
For more details on the personal information received, please refer to here.

3. Personal Information Use

We use it for member management, service provision and improvement, new service development, etc.

1. Check the member identification/registration intention, check the age of the information subject
2. Check the legal representative’s consent when collecting personal information of a child under 14 years old, check the information subject when exercising the legal representative’s rights
3. Daily learning history entered by the user directly
4. Provide functions such as informing friends of activity history, searching for users, registering, etc.
5. Inquiry or complaint processing, notification of notices
6. Settlement of fees for content transmission or delivery when using paid services
7. Prevention and punishment of actions that hinder the smooth operation of the service (including account theft and improper use of accounts, etc.)
8. Use of personalized content recommendations, events, advertisements, etc. through the estimation of demographic characteristics and interests, symbols, and tendencies of users
9. Development of new services and improvement of service functions, provision of personalized services, and establishment of service environment for privacy protection
10. Service use history, access frequency, and statistics on service use

There may be cases where additional use and provision of personal information are made.
In the range related to the collection purpose and reasonably, personal information may be used or provided to third parties without the user’s consent according to the law. At this time, we comprehensively consider whether the initial collection purpose is related, whether the collected information or processing practices are reasonably related, whether the prediction of additional use or provision of personal information is possible, whether the user’s rights are infringed upon, and whether necessary measures have been taken to ensure safety such as pseudonymization or encryption.

JoyLabs can process personal information collected by pseudonymizing it so that it cannot be identified as a specific individual, for purposes such as statistical research, scientific research, and public record preservation. At this time, pseudonymous information is separated from additional information and stored and managed separately, and necessary technical and managerial protection measures are taken.
First, we limit access to pseudonymous information to a minimum number of people and manage access rights. We operate a security system to protect pseudonymous information, and regularly conduct internal audits to check whether pseudonymization and protection measures are properly implemented, and continuously reflect improvement measures. We also regularly educate employees who handle pseudonymous information.

For more details on the pseudonymization process, please refer to here.

4. Personal Information Provision

JoyLabs does not provide personal information to third parties except in cases where the user has given separate consent or is specified by law.

JoyLabs does not provide personal information to third parties without the user’s prior consent. However, when the user uses the JoyLabs account login service or uses services from external affiliated services, etc., personal information is provided to third parties after obtaining the user’s consent within the necessary range.

For more details on when personal information may be provided to third parties, please refer to here.

We delegate some of the personal information processing tasks to external companies for the purpose of providing services.
We may delegate some of the personal information processing tasks to external companies for the purpose of providing services. We limit the processing of personal information by the subcontractor beyond the purpose of the subcontracted tasks, manage and supervise the compliance of the personal information protection related laws and regulations of the subcontractor, such as applying technical and managerial protection measures and restricting re-delegation. The user can refuse to transfer personal information overseas through the customer service center. If the user refuses to transfer personal information overseas, the use of services that necessarily involve the transfer of personal information overseas may be restricted.

For more details on the entire personal information processing delegation of JoyLabs, please refer to here.

5. Personal Information Deletion

When the collection and use purposes are achieved, personal information collected is deleted immediately, and the procedure and method are as follows.
When the collection and use purposes are achieved or when a withdrawal reason such as withdrawal occurs, the method of deletion is determined by considering the form of personal information. If the electronic file form is used, it is deleted safely so that it cannot be recovered and reproduced. In other cases, such as records, printed materials, and written materials, they are shredded or burned to be deleted.

The information stored and deleted after a certain period of time is as follows.

• 1) The following information is stored and deleted after a maximum of 1 year from the date of withdrawal.
• For the purpose of sending an information email and responding to a CS inquiry, the JoyLabs account and the withdrawal information email address are encrypted and stored
• Service improper use records
• 2) The history of reporting infringement and harmful information is stored and deleted after 5 years.
• 3) The following information is stored and deleted after a certain period of time in the JoyLabs account.
• The mobile phone number is stored and deleted after 60 days through the JoyLabs account withdrawal via the customer service center web.
• The encrypted user confirmation value (CI) is stored and deleted after 1 year when the user protection measure is applied.

In addition, JoyLabs separately stores and deletes the personal information of users who have not used the service for 1 year according to the operating policy, and the separated personal information is deleted immediately after 4 years.

In addition, the personal information that must be stored for a certain period of time according to the law is as follows.

For more details on the personal information stored and deleted according to the relevant laws and regulations, please refer to here.

6. Rights and Procedures of Users and Legal Representatives

The user has the following rights regarding the processing of their personal information.

• The right to request the viewing (viewing) of personal information
• The right to request the correction of personal information
• The right to request the suspension of personal information processing
• The right to request the deletion of personal information and withdrawal of consent/withdrawal

The user can directly exercise the rights such as viewing (viewing) of personal information at any time through the following functions in the service, or request them through the customer service center (inquiry).

• View (view) and modify JoyLabs account information
• Manage services connected to the JoyLabs account
• Check the status of personal information collection, use, and provision to third parties for JoyLabs service use

When JoyLabs receives a request from the user, it processes it immediately, and does not use or provide the relevant personal information until the correction of the personal information error is completed.

If you process personal information of a child under 14 years old, you must obtain the consent of the legal representative. The legal representative can exercise the rights such as viewing, modifying, deleting, suspending processing, and withdrawing consent of the child’s personal information.
To obtain the consent of the legal representative, you can request the minimum information such as the legal representative’s name and contact information from the child, and check the consent of the legal representative through the following methods.

• The method of checking the identity of the legal representative through the mobile phone verification of the legal representative
• The method of providing a written document with the consent content to the legal representative and submitting it after signing
• The method of notifying the legal representative of the consent content and checking the consent intention through other methods similar to the above

7. Matters related to the automatic collection of personal information (installation and operation and rejection)

You can install and operate cookies for the provision of web-based services.
We use cookies to support quick and easy website use and provide customized services.
What is a cookie?
A very small text file stored on the user’s PC when the user accesses the website is sent to the user’s browser by the website.
Purpose of use
We use cookies to store and regularly call the user’s information to provide personalized and customized services. When the user visits the website, the website server reads the cookie stored on the user’s device and maintains the user’s environment settings and provides customized services. Cookies help the user access the website as set and use it conveniently. In addition, it is used to provide optimized information such as advertisements through the user’s website visit history and usage.
Cookie collection rejection
The user has the right to choose whether to install cookies, and can allow or block cookies through the cookie settings in the ‘Settings > Privacy > Cookies and Other Site Data’ path of the web browser. However, if the user refuses to install cookies, the web use may become inconvenient, and some services that require login may be difficult to use.
Allow/block cookies in web browsers

• Chrome : Web browser settings > Privacy and Security > Delete Internet usage history
• Edge : Web browser settings > Cookies and Site Permissions > Manage and Delete Cookies and Site Data

Allow/block cookies in mobile browsers

• Chrome : Mobile browser settings > Privacy and Security > Delete Internet usage history
• Safari : Mobile device settings > Safari > Advanced > Block all cookies
• Samsung Internet : Mobile browser settings > Internet usage history > Delete Internet usage history

8. Matters related to the measures for securing the stability of personal information

JoyLabs strives to protect the personal information of users.

• We encrypt the personal information of users.
  We transmit the personal information of users through encrypted communication sections, and store important information such as passwords encrypted.
• We strive to protect users from hacking and computer viruses.
  We install a system in a restricted area from the outside to prevent the leakage or damage of the personal information of users due to hacking or computer viruses. We install a system that can detect and block hackers, monitor 24 hours a day, and install a virus scanner to prevent the system from being infected with the latest malicious code or virus. We also continuously research and apply new hacking/security technologies to the service.
• We minimize the number of people who can access personal information.
  We limit the number of employees who process personal information to a minimum. In addition, we have established a systematic standard for generating and changing passwords for personal information processing systems, and regularly audit and implement measures to ensure security.
• We regularly educate employees on the protection of personal information of users.
  We regularly educate all employees who process personal information on personal information protection obligations and security through regular campaigns.
• We store personal information in a secure location with a locking device.
  We meet the domestic and international certification standards for protecting the information of users.
• We actively engage in various activities to protect the personal information of users.
  We operate a personal information management system based on Privacy by Design, and provide necessary guides to make it easier for users of all ages, including children, teenagers, and seniors, to understand the JoyLabs personal information protection policy.
  View the Teen Protection Policy in detail

JoyLabs complies with the General Data Protection Regulation (GDPR) and the laws of EU member countries (hereinafter referred to as ‘GDPR, etc.’).
When providing services to users in the European Union, the following may apply.
[Purpose and basis of processing personal information]
JoyLabs uses the personal information collected only for the purposes described in “3. Personal Information Use”, and informs the user in advance of the fact and obtains consent.
And JoyLabs may process the personal information of the user in the following cases according to GDPR, etc.

• Consent of the information subject
• In the case of concluding and performing a contract with the information subject
• In the case of complying with legal obligations
• In the case where it is necessary to process the personal information of the information subject for the major interests of the information subject
• In the case of pursuing the company’s legitimate interests (except in cases where the major interests of the information subject and rights or freedom are more important than the interests of the company)

[Guarantee of rights of users in the European Union]
According to GDPR, etc., the user can request to transfer their personal information to another manager, and can request to refuse to process their information. In addition, the user has the right to lodge a complaint with the personal information protection authority.
In addition, JoyLabs may use personal information for marketing such as events and advertisements, and obtains consent from the user in advance. The user can withdraw consent at any time if they do not want to.
The request related to the above can be made in writing, by phone, or by email to the customer service center, and will be handled immediately.
If you request correction of personal information, the relevant personal information will not be used or provided until the correction is completed.

9. Personal Information Protection Manager and Customer Complaint Handling

Responsible person: Jaehyung Jo
Email: jay.jo@hiary.ai

If you need to report or consult about other personal information violations, you can seek help through the following institutions.

Personal Information Violation Reporting Center

• 118
• https://privacy.kisa.or.kr

Cyber Investigation Division of the Supreme Prosecutors’ Office

• 1301
• https://cybercid.spo.go.kr

Cyber Investigation Division of the National Police Agency

• 182
• https://ecrm.cyber.go.kr

Personal Information Dispute Resolution Committee

• 1833-6972
• https://kopico.go.kr

10. Matters related to the revision of the previous notice

We may modify the personal information processing policy for the purpose of reflecting changes in laws and service changes. We will inform you in advance of the changes at least 7 days before the changes.

However, if there is a major change in the rights of the user, we will inform you in advance at least 30 days in advance.

JoyLabs promises to do its best to make it easier for users to use the service with more confidence.

This personal information handling policy will take effect from August 1, 2025.