Privacy Policy
Twolinecloud Co., Ltd. (hereinafter “the Company”) is committed to protecting the rights and freedoms of individuals whose personal information we handle. We comply with the Personal Information Protection Act (PIPA) and all applicable laws and regulations to ensure that personal data is processed lawfully and managed securely.
In accordance with Article 30 of PIPA, we publish this Privacy Policy to inform individuals about how their personal information is collected, used, and protected, and to provide a clear and accessible channel for addressing any privacy-related concerns.
Article 1. Categories, Purposes, and Retention Periods of Personal Information
The Company collects and processes personal information only for the specific purposes described below. We will not use the information for any other purpose. If a change in purpose becomes necessary, we will take the required steps — including obtaining separate consent — as set out in Article 18 of PIPA.
Personal information is retained only for the period agreed upon at the time of collection or as required by applicable law. Once the retention period has expired or the processing purpose has been fulfilled, the information is destroyed without delay.
| Category | Information Collected | Purpose | Retention Period |
|---|---|---|---|
| Website Contact Form (Contact Us) | [Required] Company name, contact person's name, phone number (mobile/landline), email address [Optional] Job title, referral source |
Responding to customer inquiries | 3 years |
| Consulting Service Inquiry | [Required] Company name, contact person's name, phone number, email address, inquiry details [Optional] Service of interest, inquiry channel |
Consulting and service proposals | 3 years |
| Newsletter Subscription | [Required] Email address [Optional] Name, company name |
Sending newsletters | Until unsubscribed |
| Marketing & Promotional Communications (with consent) |
[Required] Company name, name, email address, phone number | Announcing seminars, services, and promotions | 3 years or until consent withdrawn |
Article 2. Disposal of Personal Information
When personal information is no longer necessary — due to the expiration of the agreed retention period or the fulfillment of its processing purpose — it is destroyed without delay. In cases where applicable law requires continued retention beyond this period, the information is moved to a separate database or storage location and kept isolated.
The following table outlines legal retention obligations:
| Legal Basis | Records Retained | Retention Period |
|---|---|---|
| Commercial Act | Important business books and records relating to commercial activities | 10 years |
| Commercial Act | Vouchers and similar documents | 5 years |
| Act on Consumer Protection in Electronic Commerce |
Records on contracts and withdrawal of subscription | 5 years |
| Records on payment and supply of goods or services | 5 years | |
| Records on consumer complaints or dispute resolution | 3 years | |
| Records on labeling and advertising | 6 months | |
| Framework Act on National Taxes | Books and supporting documents for all transactions as required by tax laws | 5 years |
| Protection of Communications Secrets Act |
Website access logs (connection records) | 3 months |
Disposal is carried out through the following procedures and methods:
Disposal Procedure
The Company identifies personal information subject to disposal and carries out the destruction process upon approval from the Chief Privacy Officer.
Disposal Methods
- Electronic files: Permanently deleted using technical methods that prevent recovery or reconstruction.
- Physical documents: Shredded using a document shredder or destroyed by incineration.
Article 3. Sharing Personal Information with Third Parties
The Company processes personal information only within the scope described in Article 1 and does not share it with third parties except where required by the individual’s consent or where specifically permitted under Articles 17 and 18 of PIPA.
At this time, we do not share any user personal information with third parties. If third-party sharing becomes necessary in the future, we will obtain separate consent from the individuals concerned and update this Privacy Policy accordingly.
Article 4. Outsourcing of Personal Information Processing
The Company does not currently outsource any personal information processing activities to third parties.
If outsourcing becomes necessary in the future, we will update this Privacy Policy without delay to disclose all relevant details.
Article 5. Cross-Border Transfer of Personal Information
The Company does not currently transfer personal information outside of South Korea. If an international transfer becomes necessary, we will notify affected individuals and update this Privacy Policy in compliance with Article 28-8 of PIPA.
Article 6. Rights of Data Subjects and How to Exercise Them
Individuals whose personal information we process (data subjects) may exercise the following rights at any time, in accordance with Article 41(1) of the Enforcement Decree of PIPA:
- Right to access their personal information
- Right to correct inaccurate information
- Right to request deletion of their information
- Right to request suspension of processing
Article 7. Security Measures for Personal Information
The Company has implemented the following technical, administrative, and physical safeguards to protect personal information:
1. Regular Internal Audits
We conduct periodic internal audits to verify that personal information is being handled securely and in compliance with our policies.
2. Minimizing Access and Training Staff
Access to personal information is restricted to a minimal number of designated employees. All authorized personnel receive privacy and security training.
3. Internal Data Protection Plan
We maintain and enforce an internal management plan for the secure handling of personal information.
4. Technical Defenses Against Cyber Threats
To guard against hacking, viruses, and other cyber threats, we deploy security software, perform regular updates and inspections, and install our systems in access-controlled environments with both technical and physical monitoring.
5. Encryption
Personal information, including passwords, is stored and managed in encrypted form. Sensitive data in transit and at rest is protected using encryption and file-locking mechanisms.
6. Access Log Retention and Tamper Prevention
Access logs for personal information systems are retained for at least one year. Security measures are in place to prevent unauthorized modification, theft, or loss of these logs.
7. Access Control
We manage access rights to our personal information databases through a controlled grant, modification, and revocation process. Intrusion prevention systems are in place to block unauthorized external access.
8. Physical Security for Documents
Physical documents and storage media containing personal information are kept in secure, locked storage.
9. Restricted Physical Access
We maintain dedicated storage facilities for personal information and have established access control procedures to restrict entry to authorized personnel only.
Article 8. Use of Cookies
The Company uses cookies to provide personalized services. Cookies are small text files sent by the web server to your browser and stored on your device (computer or mobile).
Why We Use Cookies
We use cookies to understand how visitors interact with our website — including visit frequency, time spent, and areas of interest — in order to improve our services and deliver more relevant content.
Managing Your Cookie Preferences
You have the choice to allow or block cookies through your browser settings. Here's how to manage cookies in common browsers:
[Desktop Browsers]
- Chrome: Settings > Privacy and Security > Cookies and Other Site Data
- Edge: Settings > Cookies and Site Permissions > Manage and Delete Cookies and Site Data
[Mobile Browsers]
- Chrome (mobile): Browser Settings > Privacy and Security > Clear Browsing Data
- Safari: Device Settings > Safari > Advanced > Block All Cookies
※ Note: Disabling cookies may limit access to certain personalized features of our website.
Article 9. Behavioral Information
The Company does not collect, use, or share behavioral information (also known as online behavioral advertising data).
Article 10. Chief Privacy Officer
The Company has designated a Chief Privacy Officer (CPO) who is responsible for overseeing all personal information processing activities and for handling privacy-related inquiries, complaints, and remedies.
- Name : Hyunwoong Beom
- Title : Senior Staff
- Department : Marketing Team
- Phone : +82-02-529-0750
- Email : hw.beon@twolinecloud.com
If you have any privacy-related questions, complaints, or concerns arising from your use of our services, please reach out to the CPO or the relevant department. We will respond promptly.
Article 11. Requesting Access to Personal Information
You may submit a request to access your personal information under Article 35 of PIPA to the department listed below. We will make every effort to process your request as quickly as possible.
- Department : Marketing Team
- Phone : +82-02-529-0750
- Email : hw.beon@twolinecloud.com
Article 12. How to Seek Remedies for Privacy Violations
If you believe your privacy rights have been violated, you may seek resolution or advice through the following organizations:
- Personal Information Dispute Mediation Committee: 1833-6972 (no area code) | www.kopico.go.kr
- Personal Information Infringement Report Center (KISA): 118 (no area code) | privacy.kisa.or.kr
- Supreme Prosecutors’ Office: 1301 (no area code) | www.spo.go.kr
- National Police Agency: 182 (no area code) | ecrm.police.go.kr
Individuals who believe their rights or interests have been infringed by a decision or inaction of a public institution regarding a request under Articles 35 (access), 36 (correction/deletion), or 37 (suspension of processing) of PIPA may file an administrative appeal in accordance with the Administrative Appeals Act.
For more information on the administrative appeals process, please visit the Central Administrative Appeals Commission at www.simpan.go.kr.
Article 13. Changes to This Privacy Policy
This Privacy Policy is effective as of March 16, 2026.
Any changes to this policy will be announced on our website prior to taking effect. We encourage you to review this policy periodically to stay informed of how we protect your personal information.
