KVID AI
메뉴
LoginSign Up

Privacy Policy

Last Updated: December 8, 2025

KVID AI ('we', 'us', or 'our') is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered content generation service. By using KVID AI, you consent to the data practices described in this policy.

1. Information We Collect

A. Information You Provide

  • Account Information: Email address, username, password (encrypted)
  • Profile Information: Name, profile picture (optional)
  • Payment Information: Processed through Dodopayments (we don't store card details)
  • Content: Prompts, generated images/videos, user preferences
  • Communications: Support inquiries, feedback, correspondence

B. Information Collected Automatically

  • Usage Data: Service features used, generation history, credit consumption
  • Device Information: IP address, browser type, operating system, device ID
  • Cookies and Tracking: Session cookies, analytics data, preferences
  • Log Data: Access times, pages viewed, errors encountered

C. During Payment

  • Payment information (card numbers, account information collected directly by payment processors)
  • Purchase history, payment amount, payment time

2. Purpose of Personal Information Collection and Use

  1. Member management: Providing membership services, identity verification, preventing improper use by bad members
  2. Service provision: Providing AI content generation services, content storage and management
  3. Payment and settlement: Credit purchases, payment processing, refund processing
  4. Service improvement: Service usage statistics, service quality improvement, personalized service provision
  5. Customer support: Processing inquiries, delivering announcements, providing service-related information
  6. Legal compliance: Fulfilling obligations according to relevant laws

3. Personal Information Retention and Use Period

The Company destroys relevant information without delay after the purpose of collecting and using personal information is achieved. However, the following information is retained for the period specified for the following reasons:

A. Information Retention by Company Policy

  • Records of improper use: 1 year
  • Service usage records: 1 year

B. Information Retention by Relevant Laws

  • Records of contracts or subscription withdrawals: 5 years (E-commerce Act)
  • Records of payment and supply of goods: 5 years (E-commerce Act)
  • Records of consumer complaints or dispute resolution: 3 years (E-commerce Act)
  • Website visit records: 3 months (Communications Secrets Protection Act)

4. Provision of Personal Information to Third Parties

The Company does not provide users' personal information to external parties in principle. However, exceptions are made in the following cases:

  1. When users have given prior consent
  2. When required by law or when there is a request from investigative agencies according to procedures and methods prescribed by law for investigation purposes

5. Outsourcing of Personal Information Processing

The Company outsources personal information processing tasks as follows for service provision:

ProcessorPurpose
DodopaymentsPayment processing and settlement
Amazon Web Services (AWS)Cloud infrastructure, data storage, and email services (SES)

6. Users' Rights and How to Exercise Them

  1. Users can view or modify their personal information at any time.
  2. Users can withdraw consent to the collection and use of personal information through membership withdrawal.
  3. Users can request to stop processing personal information.
  4. Personal information of children under 14 is not collected.

Rights can be exercised through the settings menu in the service or by contacting customer service ([email protected]).

7. Technical/Administrative Measures for Personal Information Protection

A. Technical Measures

  • Encryption of personal information: Passwords are stored with one-way encryption
  • Measures against hacking: Operating firewalls and intrusion detection systems
  • Retention of access records: Retaining personal information access records for at least 6 months
  • Data transmission encryption through SSL certificates

B. Administrative Measures

  • Minimizing and training employees handling personal information
  • Managing personal information access rights
  • Establishing and implementing internal personal information protection management plans

8. Cookie Policy

The Company uses cookies to provide personalized services to users. Cookies are small pieces of information that websites send to users' browsers.

Purpose of Cookie Use

  • Maintaining login status
  • Saving user preference settings
  • Analyzing service usage statistics

Users can refuse cookies through browser settings, but this may limit service use.

9. Personal Information Protection Officer

The Company has designated a personal information protection officer to oversee personal information processing and handle user complaints and damage relief related to personal information processing.

Personal Information Protection Officer

10. Changes to Privacy Policy

This privacy policy is effective from August 28, 2025, and may be revised to reflect changes in laws or services. When revised, changes will be announced through service announcements 7 days before implementation.

11. International Data Transfer and Country-Specific Provisions

As an international service, KVID AI may transfer your data across borders to provide our services globally.

For EU/EEA Users (GDPR)

  • Legal basis: Contract performance, legitimate interests, or consent
  • Your rights: Access, rectification, erasure, portability, objection
  • Data transfers use Standard Contractual Clauses (SCCs)
  • You may lodge complaints with your local data protection authority

For California Users (CCPA/CPRA)

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of sale of personal information
  • Right to non-discrimination for exercising privacy rights

For UK Users

  • UK GDPR applies with similar rights as EU users
  • Data transfers use UK-approved transfer mechanisms
  • You may contact the Information Commissioner's Office (ICO)

For Korean Users

  • Personal Information Protection Act (PIPA) compliance
  • Right to request data processing suspension
  • Data retention periods follow Korean legal requirements
  • You may file complaints with KISA or PIPC

For Other Jurisdictions

  • We comply with applicable local data protection laws
  • Data is stored in secure AWS facilities globally
  • Cross-border transfers are protected by appropriate safeguards
  • Contact us for jurisdiction-specific inquiries

If you have any questions about this Privacy Policy, please contact us at [email protected].