Privacy Policy

Effective Date: April 3, 2026

Privacy Policy Effective Date: April 3, 2026

SellCheck (.net) (hereinafter "Service") values the personal information of its users and complies with the Personal Information Protection Act of the Republic of Korea and related laws. This policy describes the purposes and protective measures for processing personal information collected through the Service operated by the SellCheck operations team (hereinafter "Team").

Article 1 (Personal Information Collected and Methods of Collection)
The Team collects the minimum amount of personal information necessary, either through direct input by the user or through automatic generation during use of the Service.

1. Required Information
- Registration: email address, full name (or nickname), password (stored as bcrypt hash)
- Company information: Company name, country

2. Optional Information
- Phone number, profile image, company website, business registration number

3. Automatically Collected Information
- Service usage records, IP address, device information (browser type, OS), authentication token (JWT)

4. Payment Information (Processed by Paddle)
- Not directly collected: Sensitive payment details such as credit card numbers are handled directly by the payment processor (Paddle) and are not stored by the Team.
- Information received from Paddle: Payer name, email, billing address, tax/business number, transaction amount, and transaction ID transmitted upon payment confirmation.

Article 2 (Purpose of Collection and Use)
Collected personal information is used solely for the following purposes. Where the purpose changes, prior consent will be obtained.

1. Service Provision and Management: Member identification, Company creation and member invitations, service feature delivery and maintenance
2. Authentication and Security: Email OTP-based verification for registration, password reset, and email change; JWT-based secure session management
3. Payment and Refunds: Confirmation of pre-paid billing and refund processing
4. Customer Support: Responding to inquiries, delivering notices, and providing service-related guidance
5. Service Improvement: Analysis of usage patterns for new feature development and service optimization

Article 3 (Retention Period)
The Team will promptly destroy personal information once the purpose of collection and use has been fulfilled. However, where required by applicable law, information will be retained as follows:

Category | Retention Period | Legal Basis
Member registration and management information | 30 days after withdrawal | Service abuse prevention and user support
Contract or subscription withdrawal records | 5 years | Act on Consumer Protection in Electronic Commerce
Payment and goods/service supply records | 5 years | Act on Consumer Protection in Electronic Commerce
Consumer complaints and dispute records | 3 years | Act on Consumer Protection in Electronic Commerce
Access logs (login records) | 3 months | Protection of Communications Secrets Act

Article 4 (Third-Party Disclosure)
The Team does not provide personal information to third parties without the user's consent, except where required by law or upon a lawful request from investigative authorities following procedures prescribed by law.

For payment processing, information is provided as follows:
- Recipient: Paddle (paddle.com)
- Purpose: Paid service payment processing and fraud prevention
- Items: Payer information (name, email), billing address, business registration number
- Retention: Per Paddle's privacy policy

Article 5 (Processing Consignment)
The Team entrusts the following third parties with personal information processing tasks to ensure smooth service delivery:

Service | Purpose
Paddle | Payment processing and transaction record management
Resend | Service authentication emails and notification email delivery

Article 6 (User Rights and How to Exercise Them)
1. Users may access or modify their personal information at any time, and may withdraw consent to personal information use by withdrawing from the service (data deletion).
2. Users may request correction, suspension of processing, or deletion of inaccurate personal information from the Team.
3. Rights may be exercised by contacting customer support at support@sellcheck.net or through in-service settings. The Team will take action within 10 days of receiving the request.

Article 7 (Technical and Administrative Security Measures)
The Team implements the following measures to protect users' personal information:

1. Technical Measures: Passwords are stored using bcrypt one-way hashing, and data in transit is protected by TLS/SSL. JWT-based authentication and Redis-based session invalidation are applied.
2. Access Control: IP-based rate limiting is applied to block abnormal access from external sources, and security vulnerabilities are continuously monitored.
3. Data Minimization: Access privileges to personal information are kept to the minimum necessary, and strict security policies are enforced.

Article 8 (Cookie and Local Storage Policy)
1. The Service stores authentication tokens (JWT) in cookies or browser local storage to maintain login sessions and ensure security.
2. Users may refuse cookie storage through browser settings; however, features requiring login will not be accessible in that case.
3. The Service does not use third-party tracking cookies for marketing purposes (e.g., ad targeting).

Article 9 (Privacy Officer)
For inquiries, complaints, or remedies related to personal information processing, please contact the following:

- Privacy Officer: SellCheck Operations Team
- Contact: support@sellcheck.net
- Hours: Weekdays 09:00–18:00 KST

Article 10 (Changes to This Policy)
This policy may be revised in accordance with changes in applicable laws or service features. Users will be notified via in-service announcements at least 7 days in advance (30 days for significant changes).

[Contact & Support]
Service: SellCheck (sellcheck.net)
Team: Team SellCheck
Email: support@sellcheck.net
Billing Provider: Paddle (paddle.com)