Nook Company (the "Company") values your personal information and complies with applicable laws, including the Personal Information Protection Act (Republic of Korea). This Privacy Policy (the "Policy") explains how your personal information is collected, used, stored, and destroyed in the Dolca service (the "Service") provided by the Company.
The Company collects the following personal information to provide the Service.
The Company collects personal information by the following methods.
The personal information collected is used only for the following purposes.
The Company does not require, as a collection item, or intentionally collect sensitive information (such as health, sexual life, beliefs, or political opinions, as set out in Article 23 of the Personal Information Protection Act). However, because this Service provides open-ended conversations with AI characters, the conversation content that a User voluntarily enters may include such sensitive information.
Any sensitive information that a User voluntarily enters into a conversation is processed solely for the purposes of providing the AI character conversation service and remembering conversational context (storing messages, summaries, and embeddings, and transmitting them to the AI model). By agreeing to this Policy and personally entering such information, the User is deemed to have consented to the processing of such sensitive information, and the Company does not use such information for any purpose other than those stated above.
The Company recommends that Users not enter unnecessary sensitive information, and Users may at any time delete the relevant conversation content or request that its processing be stopped by withdrawing their membership.
In principle, the Company destroys personal information without delay once the purpose of use has been achieved or a User withdraws their membership. However, in the following cases, the information is retained for the specified period.
Upon withdrawal of membership, service usage information such as conversation records and conversation summaries is deleted unless there is a retention obligation prescribed by applicable laws.
The Company does not provide a User's personal information to third parties beyond the scope specified in this Policy. Exceptions apply where the User has consented in advance, or where the Company is required to do so through lawful procedures in accordance with applicable laws.
To provide the Service smoothly, the Company consigns the processing of personal information to external specialized providers as set out below; because the consignees' servers are located overseas, personal information is transferred abroad. In accordance with Article 28-8 of the Personal Information Protection Act, the Company discloses the details of the cross-border transfer as follows. When consigning processing, the Company manages and supervises the consignees to ensure they process personal information safely in accordance with applicable laws.
Paid purchases are handled directly by the app marketplaces (Google Play, App Store, etc.); the Company does not store or transfer abroad a User's payment methods or card information. However, in order to confirm that a payment is valid and to determine the status of a Subscription, the Company transmits to the app marketplace the order ID and purchase token issued by that marketplace, and receives notifications from the marketplace when a Subscription is renewed, cancelled, expires, or otherwise changes status.
A User may refuse the cross-border transfer of personal information. However, because the above transfers are essential to providing core functions of the Service, such as cloud-based data storage and AI response generation, refusing may result in restrictions on sign-up and use of the Service. The consignees, items transferred, and other details will be updated through this Policy when the infrastructure changes.
The conversation messages you enter are transmitted to the AI model and used to generate responses, and are stored in the form of summaries and embeddings in order to maintain conversational context. Such data is processed within the scope of providing the Service, conducting safety reviews, and improving quality, and the Company does not use it for commercial purposes without authorization, other than for statistics and analysis in a form that cannot identify the User.
The Service is intended for adults 19 years of age or older, and the Company does not intentionally collect the personal information of anyone confirmed to be under 19 years of age. If it is confirmed that a person is under 19 years of age, the relevant account and information are deleted without delay.
Users may view and correct their own personal information at any time, and may request to withdraw their consent to collection and use (withdrawal of membership). Users may also request access to, correction of, deletion of, or suspension of the processing of their personal information, and the Company will take action without delay in accordance with applicable laws.
The Company may use cookies or similar technologies, such as local storage, to maintain login sessions and configure the usage environment. Users may refuse the storage of cookies through their browser settings; however, in that case, the use of some features may be restricted.
Personal information whose retention period has elapsed or whose processing purpose has been achieved is destroyed without delay. Information in the form of electronic files is permanently deleted by a method that makes recovery and reproduction impossible, and printed materials and the like are shredded or incinerated.
To process personal information safely, the Company implements administrative and technical protective measures, including access privilege management, encryption of data in transit, retention of access records, and the application of a secure authentication system. Access to the original text of conversations is limited to cases where there is a legitimate reason, such as handling reports or conducting policy review, and the related records are retained.
The Company has designated a Personal Information Protection Officer who oversees matters relating to the processing of personal information, as follows.
Inquiries, complaints, and requests for remedy relating to personal information may be submitted through the contact above or through the "Contact us" function within the Service.
This Policy may be amended in response to changes in laws, policies, or the Service. When amended, the Company will give notice within the Service, specifying the effective date and the reason for the change. For material changes that are unfavorable to Users, notice will be given at least 30 days in advance.