Korea Wave Tour

Privacy Policy — K-spot-tour

Last updated: 2025-10-20

This Privacy Policy (the “Policy”) explains how K-spot-tour (the “App”) collects, uses, stores, and shares information when you use our services. By using the App, you agree to the practices described in this Policy. If you do not agree, please discontinue use. This Policy is designed to comply with applicable U.S. federal and state privacy laws (including the California Consumer Privacy Act as amended by the California Privacy Rights Act, “CCPA/CPRA”), and, where relevant, other laws such as the Personal Information Protection Act of the Republic of Korea (PIPA) and the EU General Data Protection Regulation (GDPR).

Scope

This Policy applies to the K-spot-tour App, our related websites, and any customer support channels (collectively, the “Services”). If a separate privacy notice is presented for a particular feature or partner integration, that notice may govern in the event of a conflict.

Information We Collect

  • Account Information: name or nickname, email address, password (stored in hash form), profile photo, and other details you submit.
  • Usage Information: feature interactions, clicks/scrolls, error logs, timestamps, favorites/reviews and content you post within the Services.
  • Device & Network Information: device model, operating system, app version, language/region settings, IP address, advertising identifiers, and network type.
  • Location Information (optional): precise or approximate location to provide travel route suggestions, nearby events, or place recommendations, collected only with your consent.
  • User Content (optional): reviews, photos/videos you upload, and comments.
  • Cookies & Similar Technologies: information collected via cookies, local storage, and analytics tags on our websites.

Notice at Collection (U.S.)

Under CCPA/CPRA and similar U.S. state laws, we provide this notice summarizing the categories of personal information we collect, the sources, purposes, retention, and the categories of recipients.

CategoryExamplesSourcesBusiness/Commercial PurposesRetentionRecipients
IdentifiersName, email, device IDsYou; device/browserAccount, support, securityWhile account active + legalService providers
Internet/Network ActivityUsage logs, interactionsDevice/browserImprove Services, analytics, securityUp to 2 years (aggregated thereafter)Analytics/hosting vendors
GeolocationPrecise/approximate location (consent)Device (OS permissions)Nearby tips, maps, navigationOnly as needed; then deleted/aggregatedMap/geo vendors
User ContentReviews, photos, commentsYouCommunity features, moderationWhile published or until deletedHosting/moderation vendors
Sensitive PI (if any)Precise location; account credentials (hashed)You; deviceCore functionality & securityMinimal; limited accessService providers

How We Use Information

  • Operate, maintain, and improve the Services; personalize recommendations
  • Provide travel routes, event/festival information, and notifications
  • Customer support, responding to inquiries, and sending service notices
  • Security, fraud prevention, quality assurance, and aggregated analytics
  • Compliance with legal obligations and dispute resolution
  • Marketing or promotions with your consent (you may opt out at any time)

Sharing & Service Providers

We do not sell personal information. We may share information with: (1) vendors that provide hosting, analytics, payment, or support services under confidentiality and security obligations; (2) law enforcement or regulators when required by law; and (3) parties necessary to protect our rights, property, or safety. In the event of a corporate transaction (e.g., merger or acquisition), we will notify you and outline your choices.

Sale/Sharing & Targeted Advertising (U.S.)

We do not sell or share your personal information as defined by CCPA/CPRA, and we do not engage in cross-context behavioral advertising (“targeted advertising”) at this time. If our practices change, we will update this Policy and provide required notices and opt-outs, including:

Global Privacy Control (GPC)

Where legally required, we will recognize and honor browser-based Global Privacy Control signals for opt-out preferences.

Data Retention

We retain personal data for as long as needed to fulfill the purposes described in this Policy or as required by law. Upon account deletion, we may retain limited information for a period required by applicable regulations.

Data TypeTypical RetentionNotes
Account identifiersWhile account active + legalMay keep minimal records for fraud/prevention
Usage logsUp to 2 yearsAggregated/anonymized thereafter
Location data (consent)Only as neededDeleted or de-identified when no longer needed
User contentWhile publishedOr until you delete it

Security Measures

We implement reasonable technical and organizational safeguards, including encryption at rest, access controls, and monitoring for suspicious activity. However, no method of transmission or storage is completely secure. Please help protect your account by using a strong password and limiting access to your devices.

Your Rights

  • Access, rectify, delete, or restrict/opt out of certain processing
  • Withdraw consent and opt out of marketing communications
  • Request information about automated decision-making (where applicable)
  • Lodge a complaint with a supervisory authority

You can exercise your rights via in-app settings or by contacting us using the details below. We may ask you to verify your identity as permitted by law.

U.S. State Privacy Disclosures

If you are a resident of states with comprehensive privacy laws (including CA, VA, CO, CT, UT, TX, OR, MT, DE, and others), you may have the right to access, correct, delete, and obtain a portable copy of your data; and to opt out of targeted advertising, sale, or certain profiling. If we deny your request, you may submit an appeal as described below.

  • Submit a Request: /privacy/requests or email sup.kw.map@gmail.com
  • Identity Verification: We may request information to verify your identity and state residency.
  • Response Times: We will respond within the timelines required by applicable law (e.g., 45 days in CA).
  • Appeals: If your request is denied, you may appeal at /privacy/appeal. If you remain dissatisfied, you may contact your state Attorney General.
  • Nondiscrimination: We will not discriminate against you for exercising your privacy rights.

Cookies & Similar Technologies

Our websites may use essential cookies (for core functionality), functional cookies (to remember preferences), and performance/analytics cookies (to understand usage). You can manage cookies through your browser settings; some features may not work properly if you disable cookies.

Device Permissions (Mobile)

  • Location: nearby attractions/events and navigation (optional; consent-based; precise location limited)
  • Camera/Photos: upload reviews or media (optional)
  • Notifications: service updates, reminders, and recommendations (optional; configurable)

Third-Party Services

We may integrate maps, payments, analytics, social login, or other third-party tools. Those providers’ own privacy policies apply to their handling of data. Please review their policies for details.

Children’s Privacy (COPPA)

We do not knowingly collect personal information from children under the age of 13 without verifiable parental consent. If we become aware that a child has provided personal data, we will delete it or take appropriate steps.

Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will notify you through the App or by email, as appropriate.

Contact Us

For questions about this Policy or our privacy practices, contact us at sup.kw.map@gmail.com.

Legal Notice

This template is provided for general informational purposes and does not constitute legal advice. You must tailor the content (e.g., processors, cross-border transfers, retention periods, request portals, and contact details) to your actual operations and consult counsel if needed.