Privacy Policy

UCSS (hereinafter “we” or “the Company”) respects your privacy. We have established certain standards regarding how we collect, handle, store, and protect your personal information. The personal information we collect when you use the Service is managed in accordance with this Privacy Policy.

As a fundamental principle, we collect only the minimum information necessary for the operation of the Service. We do not collect browsing history, data content, or DNS queries. However, when you use our Korean servers, we may collect certain data pursuant to legal obligations.

This Privacy Policy applies in conjunction with our Terms of Service (hereinafter “the Terms”). When you agree to the Terms, you are deemed to have simultaneously agreed to this Privacy Policy (hereinafter “the Privacy Policy”). The latest version of this Privacy Policy is available at any time on this Site.

Article 1: Handling of Personal Information

We collect your personal information to the extent necessary for the provision of the Service and the App, payment processing, fraud prevention, support, and other business operations. This Article sets forth the categories of information we collect, the purposes of use, retention periods, and provision to third parties.

Account Creation

The name, email address, and IP address you provide when registering for the Service. These are necessary for account creation, password recovery, and to exclude registration from invalid regions. Your email address is used for the following purposes:

Retention Period: Throughout the duration of your account. After account termination, we retain your information for the longer of the retention period prescribed by applicable laws or the statute of limitations relating to contractual or transactional rights and obligations.

Social Login

When you use social login services (such as Google, X (formerly Twitter), or Naver), your account data is automatically collected by each respective platform. We will not use this information for any purpose other than enabling your login.

Identity Verification

Information collected by identity verification platforms (e.g., Stripe), bank payment proof, and phone numbers. These are necessary to verify your identity when providing business plans, high-value services, or processing applications that may conflict with our policies. We will not use this information for any purpose other than identity verification.

For information on how each platform handles personal data, please refer to their respective privacy policies.

Retention Period: Until the purpose of identity verification has been achieved. However, where a retention period is prescribed by applicable laws, such period shall apply.

Payment

Information automatically collected by credit card payment processors (e.g., Stripe). This includes the purchase amount, IP address of the payer, name, and credit card information. For information on how each payment processor handles personal data, please refer to their respective privacy policies.

In accordance with Article 6 of the Terms, in order to respond to chargeback disputes and to defend our legitimate rights, we may obtain information regarding your transactions held by payment processors, acquiring banks, card issuers, and payment network operators, and provide such information to relevant parties.

Retention Period: The retention period prescribed by applicable laws (such as tax-related laws).

Communications

To control communication volume and maintain high-quality communication, we collect the following technical information:

This information is used for the operation of the Service, enforcement of the refund policy under Article 4 of the Terms, management of the Fair Use Policy (FUP) under Article 8 of the Terms, and fraud prevention.

Retention Period: For the period necessary for the operation of the Service.

For Korean servers only, in accordance with the Korean “Enforcement Rule of the Protection of Communications Secrets Act,” we collect the following information and retain it for a maximum of 90 days. We are obligated to provide information from Korean servers upon issuance of a warrant by Korean investigative authorities. However, we do not record such information on servers in other regions.

Handling of Connection Information

Connection information necessary for the use of the Service (such as subscription URLs) constitutes confidential data linked to your account, which we manage strictly. The treatment of any leakage, public disclosure, or sharing of connection information with third parties by you is governed by Article 7 of the Terms.

Customer Support

To improve the quality of support, we retain the content of support inquiries submitted through the Site or the Service together with our responses. We may retain your email address and any additional information you submit, depending on the method of contact.

For support, we may use third-party platforms such as Slack. For the personal information collected by such platforms, please refer to their respective privacy policies.

Retention Period: The period necessary to maintain and improve support quality and to prevent recurrence of issues following resolution.

Affiliate Program

When you participate in our Affiliate Program, we require submission of the registrant’s name, email address, referral method, and remittance information. We may share remittance information with payment processing operators to the extent necessary for the payment of affiliate rewards. For specific terms, please refer to the Affiliate Terms.

Restrictions on Sharing with Third Parties, Processing Entrustment, and Legal Disclosure

Except as set forth in this Privacy Policy, we will not share, sell, or transfer your personal information to third parties.

In providing the Service, we may entrust the handling of personal information, to the extent necessary, to server hosting providers, data center operators, payment processors, identity verification service providers, customer support platform providers, and other legitimate business contractors. We contractually require such contractors to implement appropriate security management measures.

By way of exception, if our Service is used for child pornography, phishing or spam, or any other serious crime, and a legally valid warrant is issued, we are obligated to disclose the relevant personal information to Korean legal authorities. The personal information we collect is managed exclusively by us, including systems and servers owned by our group subsidiaries.

Article 2: Protection of Personal Information

We strictly manage the personal information we collect. To prevent loss, misuse, alteration, unauthorized access, and leakage of personal information, we implement physical, technical, and organizational security measures. We do not use physical media such as paper to manage your personal information.

Physical Measures

The servers we use are housed in data centers with robust security. The core servers used for the Service are servers assembled with parts sourced through our partner company and installed in data centers operated under the highest level of management systems. The network connected to the data center is also contracted directly by us and connected to the server-related equipment.

Technical Measures

We protect your personal information through multi-layered defenses, including firewalls, intrusion detection and prevention systems, and isolated databases. Data is encrypted both at rest and in transit using the latest encryption technology. The infrastructure we use is regularly updated, and we continuously monitor for vulnerabilities.

Organizational Measures

We limit access to your personal information to personnel who require it for their duties, and we restrict the access rights of each such person to the minimum necessary scope. Personnel are bound by confidentiality obligations, and we conduct education and awareness training regarding information security. We also contractually require our business contractors to implement equivalent security management measures.

Response to Data Breaches

In the unlikely event that we determine a leak, loss, or other security breach of your personal information has occurred or is likely to have occurred, we will, in accordance with applicable laws, promptly conduct necessary investigations and remedial actions, and notify the relevant authorities and affected customers.

Limitations of Security Measures

While we take every reasonable measure based on the latest security technologies, no technology can provide complete protection, and no company can guarantee absolute security. The foregoing does not guarantee 100% the security of personal information collected by us through the Service. For the scope of our liability related to your use of the Service, please refer to Articles 11 and 12 of the Terms.

Article 3: Cookies

We may use cookies (Cookies), mobile identifiers, and other similar technologies for the provision of the Service and for analyzing usage. While cookies contain information regarding your access to the Service, they do not contain information that directly identifies an individual.

What Cookies Are

Cookies are text files used to store information about your access to a website on your device. By enabling cookies, we can record settings such as login state and language preferences, and provide certain functionality. The cookies we use may change due to service updates or improvements.

Types of Cookies We Use

We use the following types of cookies according to their purpose:

Some information obtained through cookies may be transmitted to processing contractors (such as analytics providers and affiliate management providers) referred to in Article 1 “Restrictions on Sharing with Third Parties, Processing Entrustment, and Legal Disclosure.”

Retention Period: The retention period of cookies varies depending on their type and purpose. Session cookies are deleted when you close your browser, while persistent cookies are retained for a predetermined period or until manually deleted.

Mobile Identifiers and Other Technologies

On mobile devices, in addition to cookies, advertising identifiers (such as IDFA and ADID) and other similar technologies may be used. These do not contain information that directly identifies an individual, but may enable identification on a per-device basis.

Management of Cookies

You may control, delete, or block cookies at any time through your browser or device settings. However, if you disable strictly necessary cookies, certain functions of the Service may not operate properly.

Article 4: Third-Party Products

The links displayed on our Site or within the Service may include external applications, websites, services, or products that we do not own or manage (hereinafter collectively, “Third-Party Products”). Each Third-Party Product is subject to its own terms of use and privacy policy.

Provision of Personal Information to Third Parties

When you use Third-Party Products, personal information may be provided directly by you to such third parties. We are not involved in the collection, use, storage, or other handling of your personal information by such Third-Party Products, and such handling falls outside the scope of this Privacy Policy. Before using any Third-Party Product, please review the terms of use and privacy policy of each respective third party.

Distinction from Processing Contractors

In this Article, “Third-Party Products” refers to external products and services that you use at your own discretion. The handling of personal information by processing contractors that we engage for the provision of the Service (such as server hosting providers, payment processors, and identity verification service providers) is governed by Article 1 “Restrictions on Sharing with Third Parties, Processing Entrustment, and Legal Disclosure.”

Scope of Liability

For the scope of our liability regarding the content, quality, safety, and privacy protection status of Third-Party Products, please refer to Article 11 of the Terms.

Article 5: Users from the European Union (EU) and the European Economic Area (EEA)

We respect the privacy rules established by each jurisdiction. The General Data Protection Regulation (hereinafter “GDPR”) of the European Union (hereinafter “EU”) and the European Economic Area (hereinafter “EEA”) requires us to explain to EU/EEA customers how we collect and process personal information.

This Article sets forth the matters applicable to customers residing in the EU/EEA under the GDPR.

Legal Basis for Processing Personal Data

In accordance with Article 6 of the GDPR, we collect and process the personal data disclosed in this Privacy Policy on one of the following legal bases, depending on the circumstances:

You may withdraw your consent at any time. Withdrawal takes effect only prospectively and does not affect the lawfulness of processing carried out before the withdrawal.

International Data Transfers

We are located in the Republic of Korea, and your personal data may be transferred outside the EU/EEA (to the Republic of Korea or other regions) for the provision of the Service. The Republic of Korea has obtained an adequacy decision under the GDPR from the European Commission (2021), and such transfers are conducted on a lawful basis.

Your Rights

Customers residing in the EU/EEA have the following rights with respect to the personal information we handle, under the GDPR. Please note that these rights may be subject to specific exceptions or limitations prescribed by applicable laws.

Procedure for Exercising Rights

To exercise the above rights, please contact us at the contact information set forth in Article 8 “Contact Us.” For matters relating to the GDPR, you may also contact our Data Protection Officer (DPO) directly.

You may also exercise these rights through an agent duly authorized by you. In such case, a power of attorney signed by you must be submitted to us.

Identity Verification

To ensure your privacy and security, we may take reasonable measures to verify your identity, such as sending a confirmation message to your registered email address, verifying login to your account, or other reasonable measures.

Response Period and Fees

We will respond to your requests within one month of receipt, in accordance with applicable laws. If the complexity or number of requests requires additional time to respond, we may extend this period as reasonably necessary, and we will notify you of the reasons for any such delay.

The exercise of these rights is, in principle, free of charge. However, if requests are manifestly unfounded or repetitive, we may, to the extent permitted by applicable laws, charge a reasonable fee or refuse to act on the request.

Limitations on the Exercise of Rights

The exercise of the above rights may be restricted, to the extent permitted by applicable laws, in the following cases:

Article 6: Use by Minors

We do not provide a service intended for use by minors. We do not knowingly collect personal information from any person under 18 years of age, or any person who has not reached the legal age of majority in their place of residence (hereinafter “Minors”). Minors are requested not to submit personal information to us.

If we become aware that personal information of a Minor has been submitted to us, we will promptly delete the relevant data, in principle within one month from the date of awareness.

If you believe that a Minor is using our Service, or that a Minor has submitted personal information to us, please notify us at the contact information set forth in Article 8 “Contact Us.” We will respond appropriately to inquiries from parents or legal representatives.

Article 7: Changes to the Privacy Policy

We may amend this Privacy Policy from time to time due to changes in applicable laws, changes in the content of the Service, or other business circumstances.

If an amendment has a material effect on your rights or obligations, we will, prior to the effective date of the amendment, notify you by means of an announcement on this Site, by email, or by other reasonable means.

The amended Privacy Policy shall take effect upon being posted on this Site. Your continued use of the Service and access to this Site shall be deemed your agreement to the amended Privacy Policy.

The date of the latest revision of this Privacy Policy is shown at the end of this Privacy Policy.

Article 8: Contact Us

For any inquiries regarding this Privacy Policy, or if you wish to exercise your rights relating to privacy, please contact us at the following:

General Inquiries

Email: [email protected]

Inquiries to the GDPR / Data Protection Officer (DPO)

In compliance with the GDPR, you may also contact our Data Protection Officer (DPO) directly with any inquiries regarding this Privacy Policy.

Email: [email protected]

Last Updated: 2026/05/25