ExpoBookmark Privacy Policy

(Last Updated: October 21, 2025)

Article 1 (Purpose)

These Terms of Service define the rights, obligations, and responsibilities between ExpoBookmark (hereinafter referred to as 'the Company') and users in relation to the use of the mobile application (hereinafter referred to as 'the Service') provided by the Company.


Article 1 (Items of Personal Information Collected and Collection Methods)

The Company collects only the minimum amount of personal information necessary to provide its services, and may collect the following information: • Required items: Email, password, nickname • Optional items: Profile image, company name, booth information, etc. • Information generated during service use: Access logs, cookies, usage records, etc. The Company collects personal information during registration, service use, and inquiry responses, and does not collect personal information without the user’s consent.


Article 2 (Purpose of Collecting and Using Personal Information)

The Company uses the collected personal information for the following purposes: • User identification and authentication • Providing exhibition/booth information and bookmark functions • Operating the QR/NFC visit tracking feature • Providing personalized services and statistical analysis • Responding to user inquiries and delivering announcements


Article 3 (Retention and Use Period of Personal Information)

The Company destroys personal information without delay once the purpose of collection and use has been achieved. However, in the following cases, information may be retained for the specified period: • Upon account withdrawal: Retained for up to one year in accordance with relevant laws • Retention required by law: Retained for the period specified under applicable laws, such as the Act on Consumer Protection in Electronic Commerce


Article 4 (Provision of Personal Information to Third Parties)

The Company does not provide users’ personal information to third parties without consent, except in the following cases: • When the user has given prior consent • When required by law or requested by investigative agencies in accordance with legal procedures


Article 5 (Outsourcing of Personal Information Processing)

The Company may outsource personal information processing to external specialized companies when necessary for service provision, and supervises such contractors in accordance with relevant laws. The current outsourcing details are as follows: • [Example] Amazon Web Services (AWS) – Data storage and backup • Firebase – Authentication and push notification services


Article 6 (Rights of Users and Legal Representatives and How to Exercise Them)

Users and their legal representatives may exercise the following rights at any time: • Request access to, correction of, or deletion of personal information • Request suspension of personal information processing Requests can be made through the in-app inquiry feature or by email, and the Company will take prompt action upon receipt.


Article 7 (Procedures and Methods for Destroying Personal Information)

The Company safely destroys personal information once the retention period has expired or the processing purpose has been achieved, using the following procedures and methods: • Destruction procedure: Stored for a certain period according to internal policies and then deleted • Destruction method: Electronic files are permanently deleted using non-recoverable methods, and printed materials are shredded or incinerated


Article 8 (Measures to Ensure the Security of Personal Information)

The Company takes the following technical and administrative measures to ensure the security of personal information: • Restricting access to personal information and providing administrator training • Encrypting important data for secure storage • Installing intrusion prevention systems and security software


Article 9 (Installation and Operation of Automatic Personal Information Collection Devices)

The Company may use cookies to provide personalized services. Users can refuse cookie storage through their browser settings; however, some services may be limited if cookies are disabled.


Article 10 (Personal Information Protection Officer and Contact Information)

The Company has designated the following Personal Information Protection Officer to handle personal data-related inquiries and complaints: • Data Protection Officer: Taehoon Lee • Email: smartnfcapp@gmail.com If you need to report or consult on privacy infringement, you may contact the following organizations: • Personal Information Infringement Report Center (privacy.kisa.or.kr) • Supreme Prosecutors' Office Cyber Crime Investigation Division (spo.go.kr) • National Police Agency Cyber Bureau (cyberbureau.police.go.kr)