Effective Date: June 18, 2026
ALIGN NETWORKS Inc. (the "Company") operates the ENQOR service (the "Service") in accordance with this Privacy Policy. This Policy describes the purposes and methods by which the Company collects, uses, retains, provides, and destroys Members' personal information, the rights available to Members, and how Members may exercise those rights.
Article 1 (Items of Personal Information Collected and Methods of Collection)
Profile items (nickname, native language, hashtags, profile photo, self-introduction, voice clip, etc.) are entered directly by Members and are disclosed to other Members.
| Collection Point | Type | Items | Method of Collection |
|---|---|---|---|
| Member Registration (Korean Members) | Required | Mobile phone number, name, date of birth, gender, nationality status (domestic/foreign), Duplicate Identification (DI) | User input + response from identity verification agency |
| Member Registration (Foreign Members) | Required | Mobile phone number, date of birth, gender | User input + SMS verification |
| Social Login Connection | Required | • Apple: Apple identifier + email (including cases where the Member elects to use Apple Relay) • Google: Google identifier + email • Kakao: Kakao identifier + email (upon Member consent) • Facebook: Facebook identifier + email (upon Member consent) | Social login response |
| Profile Creation | Optional | Nickname, native language, hashtags, preferred conversation languages, profile photo, self-introduction text, voice clip | User input |
| Clap Purchase | Required | Payment receipt, transaction identifier | Response from payment provider |
| Star Withdrawal Request | Required | Information designated by the Company for withdrawal processing. For Korean Members, the Resident Registration Number is additionally collected for the purpose of withholding tax reporting and the issuance of withholding receipts pursuant to the Framework Act on National Taxes and the Income Tax Act. | User input |
| Report | Required | Reporter and reported party identifiers, reason for report, materials attached to the report (if any) | User input |
| Customer Inquiry | Required | Email, inquiry content, and additional materials required for identity verification (where applicable) | User input |
| Marketing Information Reception | Optional Consent | Identifiers necessary for the transmission of advertising information | Member consent |
| Conversation Metadata | Automatically Collected | Conversation identifier, sender and recipient identifiers, conversation start and end time, reason for termination, etc. | Automatically generated during Service use |
| Conversation Content | Automatically Collected | Audio, subtitles, etc. (for the purposes of preventing misuse, processing reports, and maintaining a healthy conversation culture — including collection, storage, and analysis) | Automatically generated during Service use |
| Service Usage | Automatically Collected | Access and device information (IP address, device identifier, operating system information, app version, access time and last activity time, push token, consent and authentication history, etc.) | Automatically generated during Service use |
Article 2 (Purposes of Collection and Use of Personal Information)
The Company uses the collected personal information solely for the following purposes:
- Member registration, identity verification, and verification of eligibility for membership.
- Matching and provision of 1:1 video/voice conversations and provision of additional features.
- Charging, payment, and refund of Claps; accrual, withdrawal, and tax reporting of Stars.
- Service operation and protection — processing of reports, investigation and action regarding violations of the Terms of Service and Community Guidelines, prevention of misuse, response to customer inquiries, resolution of disputes, notifications regarding transactions and Service operation, improvement of Service quality and statistical analysis, fulfillment of statutory obligations, and transmission of marketing and event information limited to cases where the Member has separately consented.
Article 3 (Retention and Use Period of Personal Information)
3.1 General Principle
The Company retains and uses personal information during the period a Member is registered and uses the Service. Upon Member withdrawal or fulfillment of the collection and use purpose, the Company destroys such information without delay.
3.2 Separate Retention After Member Withdrawal
| Category | Items | Retention Period | Basis |
|---|---|---|---|
| Normally Withdrawn Members | Hashed mobile phone number, hashed Duplicate Identification (DI), hashed email, history of forced suspension | 30 days from the date of withdrawal | Prevention of misuse and re-registration, and response to disputes (Personal Information Protection Act, Article 21(1) proviso and (2)) |
| Members Withdrawn After Permanent Use Restriction | Hashed mobile phone number, hashed Duplicate Identification (DI), history of forced suspension | 5 years from the date of withdrawal | Blocking re-registration of permanently restricted Members (same basis) |
| Conversation Metadata | Conversation identifier, sender and recipient identifiers, start and end time, reason for termination, etc. | Until Member withdrawal (maximum of 1 year) or the period required by applicable law | Report processing, prevention of misuse, and maintenance of a healthy conversation culture (legitimate interest) |
| Conversation Content | Audio, subtitles, etc. | Until Member withdrawal (maximum of 1 year) or the period required by applicable law | Report processing, prevention of misuse, and maintenance of a healthy conversation culture (legitimate interest) |
| Report Processing Materials (materials attached at the time of reporting) | Materials attached to a report | 6 months from the date of conclusion of report processing | Response to objections and resolution of disputes (legitimate interest) |
3.3 Separate Retention Pursuant to Statutory Retention Obligations
| Item | Retention Period | Governing Statute |
|---|---|---|
| Records of contracts or withdrawal of subscriptions | 5 years | Act on the Consumer Protection in Electronic Commerce, Etc. |
| Records of payment and supply of goods | 5 years | Same Act |
| Records of consumer complaints or dispute resolution | 3 years | Same Act |
| Records of display and advertising | 6 months | Same Act |
| Records of identity verification | 6 months | Act on Promotion of Information and Communications Network Utilization and Information Protection |
| Access logs (login records, IP addresses, etc.) | 2 years | Standards for Securing the Safety of Personal Information (Personal Information Protection Commission Notification), Article 8 |
| Records of tax invoices and withholding tax filings | 5 years | Framework Act on National Taxes, Income Tax Act |
Article 4 (Destruction of Personal Information)
- The Company destroys personal information without delay once the retention and use period has expired or the collection and use purpose has been fulfilled. Electronic files are permanently deleted by technical means that prevent recovery or reproduction, and paper documents are destroyed by shredding or incineration.
- Notwithstanding paragraph 1, items subject to statutory retention obligations are kept separately in a dedicated database for the period prescribed by the relevant statute and then destroyed.
Article 5 (Entrustment of Personal Information Processing and Cross-Border Transfer)
External service providers performing certain functions on behalf of the Company process Members' personal information as set forth below in connection with the operation and provision of the Service, and some such providers are located outside of the Republic of Korea. The Company complies with the requirements for entrustment and cross-border transfer prescribed by the Personal Information Protection Act.
| Entrusted Party | Entrusted Work | Country of Transfer | Retention and Use Period |
|---|---|---|---|
| KG Financial | Identity verification processing for Korean Members | Republic of Korea | Until Member withdrawal or termination of entrustment agreement |
| NAVER Cloud Corp. | Transmission of SMS authentication codes for Member registration and identity verification | Republic of Korea | Same |
| Agora Lab, Inc. | Real-time processing of 1:1 video/voice conversations | Asia-Pacific (APAC) | Temporarily processed at the time of conversation processing |
| Google LLC (Translation) | Auxiliary translation of subtitles for certain language pairs | United States | Destroyed immediately after translation processing |
| Amazon Web Services, Inc. | Cloud infrastructure | United States | Until Member withdrawal or termination of entrustment agreement |
| Google LLC (GCP) | Cloud infrastructure (auxiliary) | United States | Same |
| Apple Inc. | In-app payment processing, push notification delivery, social login verification | United States | Same |
| Google LLC | In-app payment processing, push notification delivery, social login verification | United States | Same |
| Kakao Corp. | Social login verification | Republic of Korea | Same |
| Meta Platforms, Inc. | Social login verification | United States | Same |
In the event of a change or addition of an entrusted party, the Company will provide notice through an update to this Privacy Policy. Members may express their refusal of cross-border transfer to the Company's Personal Information Protection Officer (privacy@enqor.com). If a Member refuses, the use of Services that depend on the relevant entrusted parties may be restricted.
Article 6 (Provision of Personal Information to Third Parties)
The Company does not, as a general rule, provide Members' personal information to external parties. However, this shall not apply in the following cases:
- Where the Member has given prior consent.
- Where there is a special provision in any statute or where provision is necessary to fulfill a statutory obligation.
- Where an investigative authority has made a lawful warrant or request pursuant to the Criminal Procedure Act, the Protection of Communications Secrets Act, or other relevant statute.
- Where there is an imminent danger to the life or body of the Member or a third party and there is no time to obtain consent.
Article 7 (Rights of Members and Methods of Exercise)
- Members may exercise the following rights with respect to the Company:
- Request for access to their own personal information.
- Request for correction or deletion of personal information (except items subject to statutory retention obligations).
- Request for suspension of processing of personal information.
- Withdrawal of consent to the processing of personal information.
- The rights under paragraph 1 may be exercised by the following methods:
- Directly through the in-app settings menu.
- For other forms of rights exercise, by submitting a written or email request to the Personal Information Protection Officer (privacy@enqor.com).
- The Company will, after completing identity verification procedures, process the requests under paragraph 1 within 10 days.
- Where a Member's exercise of rights is delegated to a legal representative or an authorized agent, materials evidencing such authorization must be submitted.
- Where any ground prescribed by the Personal Information Protection Act applies, the Company may restrict the exercise of rights under paragraph 1 and will notify the Member of the reason therefor.
Article 8 (Measures for the Security of Personal Information)
The Company takes the following measures to ensure the security of Members' personal information:
- Establishment and implementation of internal management plans, and minimization and regular training of personnel handling personal information.
- Encryption of personal information — encrypted storage of sensitive information such as payment and identity verification data, and encryption of transmission channels.
- Technical measures against hacking and malicious code, and access control to processing systems.
- Preservation of access logs and prevention of forgery or alteration.
Article 9 (Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)
The Company may automatically collect certain information, such as device identifiers, during the use of the Service. Members may restrict the collection of certain information through the permission management menu of their device's operating system; however, doing so may result in restricted use of certain Services.
Article 10 (Processing of Personal Information of Children Under the Age of 14)
The Company provides the Service only to those aged 18 or older (19 or older for Korean Members) and does not collect personal information from children under the age of 14. At the time of registration, age eligibility is verified by the method designated by the Company. If it is subsequently confirmed that the Member does not meet the age eligibility requirement, the Company will immediately suspend the use of the account and, within the scope necessary for compliance with relevant laws and for the response to disputes, retain certain information separately and then destroy it without delay.
Article 11 (Personal Information Protection Officer and Department)
The Company designates the following Personal Information Protection Officer to take overall responsibility for matters relating to Members' personal information and to address Members' complaints and provide remedies in connection with the processing of personal information:
- Personal Information Protection Officer: KIM Joo-hwan
- Personal Information Protection Department: Personal Information Protection Team
- Email: privacy@enqor.com
Members may request inquiries, complaints, and remedies relating to personal information protection arising during the use of the Service to the above department, and the Company will respond to and process such requests.
Article 12 (Reporting and Consultation Regarding Personal Information Infringement)
Members who require reporting or consultation concerning the infringement of personal information may contact the following organizations:
- Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency) — privacy.kisa.or.kr / 118 (no area code)
- Personal Information Dispute Mediation Committee — www.kopico.go.kr / 1833-6972
- Cybercrime Investigation Division, Supreme Prosecutors' Office — www.spo.go.kr / 1301 (no area code)
- Cybercrime Investigation Bureau, Korean National Police Agency — ecrm.police.go.kr / 182 (no area code)
Article 13 (Amendments to the Privacy Policy)
In the event of any amendment to this Privacy Policy, the Company will provide notice of such amendment through the Service at least 7 days before the effective date (at least 30 days before in case of a material amendment). For amendments that have a material impact on Members, the Company will notify Members by the method designated by the Company. Previous versions of the Privacy Policy may be reviewed on the Company's website (enqor.com) or within the app.
ALIGN NETWORKS Inc. 28, Gangnam-daero 94-gil, Gangnam-gu, Seoul, Republic of Korea Business Registration Number: 606-86-66158 Co-CEOs: KIM Sung-won, KIM Joo-hwan
Notice: This English version is provided for reference only. The Korean version of this Privacy Policy is the official and legally binding version. In the event of any conflict or inconsistency between the Korean and English versions, the Korean version shall prevail.