Privacy
Policy
This English version is provided for reference purposes only. In case of any discrepancy between the Korean and English versions, the Korean version shall prevail.
Object (hereinafter "the Company") has established the following privacy policy to protect the personal information of data subjects in accordance with the Personal Information Protection Act of the Republic of Korea, and to handle related grievances promptly and smoothly. This policy applies to the website operated by the Company (object.so) and all mobile applications distributed by the Company through the App Store and Google Play Store (collectively, "the Services").
Purpose of Processing
The Company does not directly collect personal information through procedures such as account registration or identity verification. However, the following information may be processed for the purposes below:
- Provision and stable operation of the Services
- Analysis of Service usage statistics and quality improvement
- Diagnosis of errors and response to malfunctions
- Advertising delivery and measurement of advertising effectiveness
- Responding to user inquiries
Items Processed
The Company does not operate any procedure for directly collecting personal information. However, the following information may be automatically collected or processed through third-party SDKs.
Automatically Collected Items (Website)
- IP address, cookies, access date and time, browser type and OS, visited pages
Automatically Collected Items (Mobile Apps)
- Advertising identifiers (IDFA on iOS, ADID on Android)
- Device model, OS version, app version, language and country settings
- App usage records (event logs), crash logs (stack traces, etc.)
- IP address and IP-based estimated location (country/city level)
Items Collected upon User Inquiry
- Email address and inquiry content provided when contacting contact@object.so
Period of Processing and Retention
| Item | Retention Period |
|---|---|
| Website access logs | 1 year |
| Information collected by ad/analytics SDKs | According to each third-party service's policy |
| Email inquiry contents | 1 year after completion of inquiry handling |
Provision to Third Parties
The Company does not separately provide personal information of data subjects to third parties. However, automatically collected information may be transmitted to global SDK providers as set forth in Article 5 below.
Entrustment & Cross-Border Transfer
The Company entrusts personal information processing tasks as follows for the provision and operation of the Services. Some entrustees are located overseas.
| Entrustee | Tasks | Items | Country | Method |
|---|---|---|---|---|
| Google LLC | Advertising delivery (AdMob), usage analytics (Firebase Analytics), crash diagnostics (Firebase Crashlytics), web analytics (Google Analytics) | Advertising identifiers, device information, IP address, event logs, crash logs, cookies | United States | Network transmission |
| Kakao Corp. | Advertising delivery (kakaoAdFit) | Advertising identifiers, device information, IP address | Republic of Korea | Network transmission |
| Coupang Corp. | Affiliate marketing (Coupang Partners) — upon banner ad impression and click | Advertising identifiers, click information, referral identifiers | Republic of Korea | Network transmission |
The privacy policies of each entrustee are available at:
- Google: https://policies.google.com/privacy
- Kakao: https://www.kakao.com/policy/privacy
- Coupang: https://www.coupang.com/np/policies/privacy
Users have the right to refuse the cross-border transfers specified in this policy. Refusal may, however, limit certain functions such as advertising delivery, analytics, and crash diagnostics.
Rights of Data Subjects
Users may exercise the following rights at any time:
- Request to access personal information
- Request to correct any errors
- Request to delete
- Request to suspend processing
Rights may be exercised by sending a request to contact@object.so. The Company will take necessary measures without delay.
Procedure of Destruction
The Company destroys personal information without delay when the retention period has passed or when the purpose of processing has been achieved. Information in electronic file form is permanently deleted using methods that prevent recovery; paper documents are shredded or incinerated.
Security Measures
The Company implements the following measures:
- Management of access rights to personal information processing systems
- Encrypted transmission of personal information (HTTPS)
- Regular security inspections
Automatic Collection Devices & Refusal
1. Cookies (Website)
The Company's website uses cookies to provide personalized services and collect usage statistics. Users may refuse cookie storage as follows:
- Chrome: Settings > Privacy and Security > Cookies and other site data
- Safari: Preferences > Privacy
- Edge: Settings > Cookies and site permissions
If cookie storage is refused, some services may be difficult to use.
2. Advertising Identifiers (Mobile Apps)
Apps distributed by the Company may use advertising identifiers provided by the OS (IDFA on iOS, ADID on Android) for advertising delivery and analytics. Users may reset advertising identifiers or refuse personalized advertising as follows:
- iOS: Settings > Privacy & Security > Tracking (refuse per-app tracking) / Apple Advertising (refuse Apple's personalized ads)
- Android: Settings > Google > Ads (reset or delete advertising ID)
Behavioral Information & Refusal
1. Collection and Use
The Company may collect and use behavioral information as follows, for the purposes of measuring advertising effectiveness and providing personalized advertising.
| Item | Description |
|---|---|
| Items collected | Advertising identifiers, app usage records, ad impression and click history |
| Method | Automatic collection via advertising SDKs (AdMob, kakaoAdFit, Coupang Partners) |
| Retention | According to each SDK provider's policy |
2. Refusal
Users may refuse personalized advertising via the methods described in Article 9, Section 2. In addition, opt-out per advertising provider is available through:
- Google Ads Settings: https://adssettings.google.com
- DAA (USA): https://www.aboutads.info/choices
- EDAA (Europe): https://www.youronlinechoices.eu
Children Under 14
The Company does not provide services targeting children under 14 years of age, and does not knowingly collect personal information from children under 14.
Personal Information Protection Officer
The Company designates the following Personal Information Protection Officer to oversee personal information processing and to handle complaints and remedies:
- Name
- Jaemyeong Jin
- Title
- CEO
- contact@object.so
Remedies
To receive remedies for personal information infringement, users may apply to the following organizations for dispute resolution and consultation:
- Personal Information Dispute Mediation Committee: +82-1833-6972 (kopico.go.kr)
- Personal Information Infringement Report Center: +82-118 (privacy.kisa.or.kr)
- Supreme Prosecutors' Office: +82-1301 (spo.go.kr)
- National Police Agency: +82-182 (ecrm.cyber.go.kr)
Changes to the Policy
When this policy is amended, including additions, deletions, or modifications, notice will be given through the website notice section at least 7 days prior to enforcement. In cases of significant changes affecting user rights, notice will be given at least 30 days in advance.
Effective Date
This policy is effective as of April 1, 2026.