Privacy Policy
Effective date: April 25, 2026
1. Purposes of Processing Personal Information
SLRP (the "Service") processes personal information for the following purposes. Processed personal information is not used for any purpose other than those below, and prior consent will be obtained if the purpose of use changes.
- Membership registration and management: identity verification and eligibility checks for using the Service
- Service provision: creating cupping sessions, applying to join, and payment processing
- Communication: login links, service notices, and event information
- Reports and dispute handling: receiving reports of session-operation violations, investigating the facts, reviewing sanctions, and notifying outcomes
- Service improvement: analyzing usage statistics and improving features
2. Personal Information Items Processed
Required items
- Email address (registration, login, and use of the Service)
- Registration consent history: Terms version, version of consent to the collection and use of personal information, confirmation of being at least 14 years old, and consent timestamp
Optional items (My Page profile)
- Name (nickname), affiliated company name, business registration number, contact number, website URL, and self-introduction
Automatically collected at payment
- Payment method information (processed by Tosspayments; no card information is stored on our servers)
- Payment amount, payment date and time, and order number
Automatically collected during use of the Service
- Access IP, cookies, service usage records, and User-Agent
Optional consent items
- Whether consent is given to receive service news and event information emails
Collected or generated during report and dispute handling
- Report contents, report type, and the time the report was received
- Related session information, participation and attendance records, and payment/refund records
- Host explanations, administrator review notes, and sanction results
3. Retention and Use Period of Personal Information
- Member information: until membership withdrawal
- Registration consent history: until membership withdrawal, but kept for the required period where necessary under applicable laws or for dispute response
- Payment information: 5 years under the Act on Consumer Protection in Electronic Commerce
- Access logs: 3 months under the Protection of Communications Secrets Act
- Report and sanction-review records: for the period necessary for dispute resolution, safe operation of the Service, and compliance with applicable laws
However, where retention is required by applicable laws, the information is kept for the relevant period.
4. Provision of Personal Information to Third Parties
As a rule, the Service does not provide users’ personal information to outside parties. The following are exceptions:
- When the user has given prior consent
- When required by law, or when an investigative agency makes a request for investigative purposes in accordance with the procedures and methods prescribed by law
5. Outsourcing of Personal Information Processing
| Outsourced provider | Outsourced work |
|---|---|
| Tosspayments | Payment processing and management of payment information |
| Supabase Inc. | Operation of database, authentication, and file storage services |
| Vercel Inc. | Service hosting and server operation |
Supabase and Vercel are cloud-based services provided by overseas operators, and authentication, hosting, and data storage work may be outsourced to them during operation of the Service.
6. Processing of Personal Information of Children Under 14
The Service currently allows only users aged 14 or older to register. Users under the age of 14 may not register until a legal-guardian consent procedure for children under 14 is in place.
7. Users’ Rights and How to Exercise Them
Users may exercise the following rights at any time:
- Request to access personal information
- Request to correct errors
- Request for deletion
- Request to suspend processing
Rights may be exercised through the information-editing feature in My Page, or by emailing the Personal Information Protection Officer below.
8. Use of Cookies
- The Service uses cookies to provide users with a personalized service.
- Cookies are essential to operating the Service, such as keeping users logged in.
- Users may refuse cookie storage through their browser settings, but doing so may make the Service difficult to use.
9. Measures to Ensure the Security of Personal Information
The Service takes the following measures to ensure the security of personal information:
- Encryption of personal information: no passwords used (magic link) and TLS encryption in transit
- Access control: Row Level Security (RLS) is applied so that users can access only their own data
- Management of access logs and prevention of forgery and alteration
- Restricted access to administrator privileges and service role keys
10. Personal Information Protection Officer
Personal Information Protection Officer
- Name: Jeongho Kim
- Email: jay.jeonghokim@gmail.com
- Service: slrp.ing
11. Changes to the Privacy Policy
This Privacy Policy applies from April 25, 2026. If the contents change, notice will be given through the Service announcements starting 7 days before the change takes effect.
© 2026 SLRP · slrp.ing