Privacy Policy of Expers Inc.
This Privacy Policy explains how the personal information of users is collected, used, stored, and protected when using the AI-based exercise analysis and prescription service provided by Expers Inc. (hereinafter 'the Company'). Users are encouraged to carefully review and consent to this policy before using the service.
Article 1 (Purpose of Personal Data Processing)
Expers Inc. ('www.expersinc.com' and 'app.papor.net' and 'vapor.fit' hereinafter referred to as 'Expers Inc.') processes personal information for the following purposes. The processed personal information will not be used for purposes other than those specified, and if the purpose of use changes, prior consent will be obtained.
1. Website Membership Registration and Management
Confirming the intent to join, identifying and verifying members for providing membership services, maintaining and managing membership status, preventing fraudulent use, delivering notifications, etc.
2. Providing Goods or Services
Providing exercise prescription services, delivering AI analysis results, offering content, providing customized services, processing payments and settlements, etc.
3. Exercise Information Analysis and Customized Exercise Prescription
Collecting and processing necessary information to provide individual customized exercise evaluation and prescription data by analyzing customer exercise videos in real-time with AI-based video processing technology.
This includes body measurement information, exercise routines, analysis results, real-time exercise posture data, etc.
4. Marketing and Advertising Utilization
Developing new services, providing customized advertising and event information, improving services through customer analysis, etc.
5. Personal Video Information Processing
The videos and analysis information recorded during exercise performance are processed for the purpose of exercise posture evaluation, accuracy measurement, providing exercise performance feedback, etc.
Article 2 (Personal Data Retention and Processing Period)
1. Membership Registration and Management
Retained until membership withdrawal, and if required by relevant laws, additional retention for a certain period.
1) Consumer complaints and disputes records: 3 years
2) Contract and withdrawal records: 5 years
2. Service Provision and Payment
Retained until the completion of goods supply and payment settlement.
1) Credit information and payment records: 5 years
3. Exercise Analysis and Prescription Information
Retained for 1 year after service use ends (extension possible according to laws and internal policies).
4. Marketing and Advertising Purpose Information
Retained until membership withdrawal or until separate withdrawal of consent.
5. Personal Video Information
Retained for 1 year from the collection date and immediately destroyed once the analysis purpose is achieved.
Article 3 (Provision of Personal Data to Third Parties)
The Company will only use the personal information within the scope of the stated purposes, and when providing it to third parties, prior consent will be obtained or it will be provided based on relevant laws.
Article 4 (Outsourcing of Personal Data Processing)
Currently, the Company does not outsource personal data processing tasks. If outsourcing occurs in the future, it will be notified through this policy.
Article 5 (Rights of Data Subjects and How to Exercise Them)
Users may request access, correction, deletion, or suspension of processing of their personal data at any time. This can also be done through a legal representative, and proof of identity or representation must be provided upon request.
Article 6 (Personal Data Items Processed)
1. Membership Registration and Management
2. Service Provision and Payment
3. Exercise Analysis and Prescription Provision
4. Marketing and Advertising Utilization
5. Personal Video Information
Article 7 (Destruction of Personal Data)
Personal data will be destroyed without delay when the retention period expires or the processing purpose is achieved. Electronic files will be destroyed using an irreversible technical method, and paper documents will be shredded or incinerated.
Article 8 (Measures to Secure the Safety of Personal Data)
The Company implements various technical and managerial measures such as internal management plans, access control, encryption, and entry control to protect personal data.
Article 9 (Installation and Rejection of Automatic Collection Devices)
The Company may collect service usage information through automatic collection devices such as cookies, and users may reject this through browser settings.
Article 10 (Personal Data Protection Officer)
    ▶ Personal Information Protection Officer
        Name: Jungheon Kim
        Position: C.E.O
        Rank: Chief Executive Officer
        Contact: 010-2593-4220
        Email: j.h.kim@expersinc.com
        
    ▶ Department in Charge of Personal Information Protection
        Name: Jungheon Kim
        Department: Human Resources Management Team
        Contact: 010-2593-4220
        Email: j.h.kim@expersinc.com
Article 11 (Personal Data Access Requests)
Data subjects may request access to their personal data under Article 35 of the Personal Data Protection Act. Expers Inc. will make efforts to process the request promptly. 
    ▶ Personal Data Access Request Reception/Processing Department
        Department: HR Management
        Contact person: Jungheon Kim
        Contact: 010-2593-4220, j.h.kim@expersinc.com
Article 12 (Methods for Redress of Rights Infringement)
Data subjects may apply for dispute resolution or consultation to the Personal Data Dispute Mediation Committee or the Korea Internet & Security Agency Personal Data Violation Report Center for redress of infringement of rights due to personal data violations. For other inquiries related to personal data infringement, please contact the institutions below.
1. Personal Data Dispute Mediation Committee: (no area code) 1833-6972 (www.kopico.go.kr)
2. Personal Data Violation Report Center: (no area code) 118 (privacy.kisa.or.kr)
3. Supreme Prosecutor's Office: (no area code) 1301 (www.spo.go.kr)
4. National Police Agency: (no area code) 182 (ecrm.cyber.go.kr)
According to Articles 35 (Access to Personal Data), 36 (Correction/Deletion of Personal Data), and 37 (Suspension of Personal Data Processing) of the Personal Data Protection Act, a person whose rights or interests have been infringed by the actions or inaction of a public institution may request administrative adjudication under the Administrative Adjudication Act. For more details on administrative adjudication, refer to the Central Administrative Adjudication Committee website (www.simpan.go.kr).
Article 13 (Changes to Privacy Policy)
This Privacy Policy is effective from February 1, 2022.
This Privacy Policy may be changed, and the Company will notify users of such changes in advance via the website or other means.
For any other inquiries, please contact customer service.
Thank you.