Privacy Policy

Effective Date: April 29, 2025

Xsailr, Inc. ("we," "our," or "the Company") respects and protects your privacy.
We comply with all applicable privacy laws, including the Personal Information Protection Act (PIPA), the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Children's Online Privacy Protection Act (COPPA).

This Privacy Policy explains what personal information we collect, why we collect it, how we use it, and how you can exercise your rights.

1. Information We Collect

We collect personal information in the following ways:

• When you create an account:
• Via social login: social media ID (or email address), name (or nickname), profile image
• Via email signup: email address, password, name (or nickname)
• Automatically during usage:
• Device information (model, OS version, device ID, advertising ID)
• IP address, cookies, usage history, error logs
• App push permissions and session data
• When making payments:
• Credit card, bank account information, telecom billing data (if applicable)
• When participating in events or promotions:
• Additional information may be collected with separate notice and consent.

2. How We Use Your Information

We use your personal information for the following purposes:

• To create and manage your account
• To authenticate your identity
• To provide and optimize our services
• To process payments for paid services
• To communicate with you about service updates, promotions, and support
• To prevent fraud, misuse, and ensure user safety
• For analytics, service improvement, and development of new features
• To deliver personalized content and advertising (with opt-out option)

You can opt-out of receiving marketing communications at any time by contacting us.

3. Cookies and Tracking Technologies

We use cookies and similar tracking technologies, including Firebase Analytics, to:

• Analyze app usage and improve service performance
• Provide personalized content and targeted marketing

You can manage your cookie preferences through your device or browser settings.
Please note that disabling cookies may affect some service functionality.

4. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy.

Data Type	Retention Period
Account data	Until account deletion
Payment and transaction data	5 years
Customer inquiries and dispute records	3 years
Website visit history	3 months
Marketing consent records	Until consent withdrawal

If you wish to delete your account, please contact us at [email protected].

5. Data Sharing and Third-Party Service Providers

We do not sell your personal information.
However, we may share your data with trusted service providers solely for service operation and improvement, including:

• Firebase (analytics, notifications)
• AWS (server hosting)
• Cloudflare (security and performance optimization)

All service providers are contractually obligated to protect your data and comply with applicable laws.

6. International Data Transfers

Your personal information is currently stored in Seoul, South Korea.
We plan to transfer data to servers located in the United States in the future to enhance service performance.
We will take appropriate safeguards to ensure the continued protection of your personal information.

7. Security Measures

We implement administrative, technical, and physical security measures to protect your data, including:

• Encryption of sensitive information
• Access control and authorization restrictions
• Regular security updates and vulnerability assessments
• Employee training on data protection and privacy

8. Your Rights

You have the right to:

• Access your personal data
• Request correction or deletion
• Withdraw your consent at any time
• Object to the processing of your personal information for marketing purposes
• Request restriction of processing

You can exercise these rights by contacting [email protected].
We will respond promptly within the time frame required by applicable laws.

9. Children's Privacy

Our services are intended for users aged 13 and older.
We do not knowingly collect or solicit personal information from children under 13.
If we discover that we have collected information from a child under 13, we will promptly delete the data.

10. Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes in laws, technologies, or our services.
We will provide notice at least 30 days before any significant changes take effect via our app or website.

11. Contact Us

If you have any questions or concerns regarding this Privacy Policy or our data practices, please contact:

• Name: Hoon-Kyu Choi
• Position: Chief Production Officer
• Email: [email protected]