Privacy Policy

1. Purpose of Collection and Use of Personal Information

Todo Diary (hereinafter referred to as "Service") processes personal information for the following purposes. Processed personal information will not be used for purposes other than the following, and prior consent will be obtained if the purpose of use changes.

• Registration and management of members: Confirmation of intention to register, provision of membership services, identification and authentication
• Service provision: Use of services such as task management, memo writing, and statistics provision
• Service improvement: Service quality improvement and new service development

2. Personal Information Collected

3. Retention and Use Period of Personal Information

The Service retains and processes personal information within the retention and use period prescribed by law or the retention and use period agreed upon when collecting personal information from the data subject.

• Until membership withdrawal (however, if an investigation or inquiry is in progress due to violation of relevant laws, until the investigation or inquiry is completed)
• If there is a need to preserve according to relevant laws, the period specified by the law

4. Provision of Personal Information to Third Parties

The Service does not, in principle, provide users' personal information to third parties. However, the following cases are exceptions:

• When the user has consented in advance
• When there is a request from an investigative agency in accordance with the procedures and methods stipulated by law for investigative purposes

5. Consignment of Personal Information Processing

The Service may entrust personal information processing work to external specialized companies for smooth service provision. When entrusted, necessary matters are stipulated and managed and supervised to be processed safely in accordance with relevant laws.

6. Rights and Obligations of Data Subjects and How to Exercise Them

Data subjects can exercise the following rights:

• Request to view personal information
• Request correction if there are errors in personal information
• Request deletion of personal information
• Request suspension of personal information processing

Rights can be exercised through the service's settings page or contact, and will be processed after identity verification.

7. Destruction of Personal Information

The Service destroys personal information without delay when personal information becomes unnecessary, such as when the retention period elapses or the purpose of processing is achieved.

• Electronic file format: Safely deleted so that it cannot be recovered or reproduced
• Records, printed materials, written materials, etc.: Shredded or incinerated

8. Personal Information Protection Officer

The Service has designated a Personal Information Protection Officer as follows to take overall responsibility for personal information processing and to handle complaints and remedy damages related to personal information processing by data subjects.

For personal information-related inquiries, please contact us through the contact page.

9. Measures to Ensure Safety of Personal Information

The Service takes the following measures to ensure the safety of personal information:

• Administrative measures: Establishment and implementation of internal management plans, regular employee training
• Technical measures: Access authority management of personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs
• Physical measures: Access control of computer rooms, data storage rooms, etc.

10. Changes to Privacy Policy

If there are additions, deletions, or modifications to this Privacy Policy due to changes in laws, policies, or security technologies, we will notify you through the service's notice from 7 days before the effective date to the day before the effective date.