SlowKids Privacy Policy
EverydaySummer Inc. (the "Company") establishes and discloses this Privacy Policy under Article 30 of the Personal Information Protection Act of Korea, to protect the personal information of data subjects and to address related grievances promptly.
Article 1 (Purposes of processing personal information)
The Company processes personal information for the following purposes. Personal information will not be used for any purpose other than those listed below. If the purpose changes, the Company will take necessary measures such as obtaining separate consent.
- Sign-up and member management: confirming intent to register, identifying the member, maintaining membership.
- Service provision: delivering learning content, storing learning records, and displaying statistics.
- Customer support: responding to inquiries, processing refunds, delivering notices.
- Abuse prevention: restricting use by members who violate the Terms.
Article 2 (Items of personal information processed)
The Company processes the following items of personal information.
2.1 Collected at sign-up
| Type | Item | Method |
|---|---|---|
| Required | Email address | Automatically transmitted via OAuth at Kakao or Google sign-in |
Apart from the email address above, the Company does not directly collect personally identifying information such as name, date of birth, or phone number.
2.2 Collected automatically during use
| Item | Method | Note |
|---|---|---|
| IP address, cookies, access timestamps | Generated automatically during use | Abuse prevention |
| Device identifiers (OS, app version, device model) | Collected automatically upon mobile app launch | Compatibility, debugging |
| Learning records (practice results, accuracy, study time) | Generated during use | Linked to the member identifier (email) |
2.3 Payment information (separate)
In-app purchases are handled directly by the Google Play billing system (Android) or Apple App Store billing system (iOS). The Company does not collect or retain card numbers, account numbers, or other payment-instrument details. The Company only receives and stores order IDs and receipt tokens issued by each store for payment verification.
Article 3 (Processing and retention periods)
The Company processes and retains personal information within the retention and use period agreed by the data subject, or within the period required by applicable law.
| Item | Retention period | Basis |
|---|---|---|
| Member info (email) | Until withdrawal of membership | Data-subject consent |
| Learning records | Until withdrawal of membership | Service provision |
| Abuse records | 1 year | Abuse prevention |
| Payment / refund records | 5 years | Act on Consumer Protection in Electronic Commerce |
| Access logs / IP | 3 months | Protection of Communications Secrets Act |
Upon withdrawal of membership, all personal information other than the items required to be retained by law above will be destroyed without delay.
Article 4 (Provision of personal information to third parties)
The Company processes personal information only within the purposes stated in Article 1 and does not provide personal information to third parties beyond such purposes without the data subject's prior consent.
The following are exceptions:
- where separate consent has been obtained from the data subject;
- where there are special provisions in applicable law;
- where investigative or supervisory authorities request information under lawful procedures.
Article 5 (Outsourcing of personal information processing)
For smooth service delivery, the Company outsources the processing of personal information as follows.
| Processor | Outsourced task | Information shared |
|---|---|---|
| Google LLC | Cloud infrastructure (server hosting), TTS (speech synthesis), OAuth login | Email, learning records, TTS request text |
| Kakao Corp. | OAuth login | |
| Apple Inc. / Google LLC | In-app purchase, app distribution | Payment receipts, order IDs |
| Vercel Inc. | Web hosting | Access logs, IP |
Under Article 26 of the Personal Information Protection Act, the Company specifies in its outsourcing agreements the prohibition of processing personal information beyond the purpose, technical and managerial safeguards, restrictions on subcontracting, and supervision of processors, and monitors whether processors handle personal information safely.
Article 6 (Rights and obligations of the data subject and the legal guardian)
- The data subject may exercise the following rights with respect to the Company at any time:
- request to view personal information;
- request to correct errors;
- request to delete;
- request to suspend processing.
- Such rights may be exercised by written request or email, and the Company will respond without delay.
- Personal information of children under 14: Sign-up and payment for children under 14 require the consent of the legal guardian. The legal guardian has the right to request to view, correct, delete, or suspend the processing of the child's personal information.
Article 7 (Destruction of personal information)
- When personal information becomes unnecessary due to expiration of the retention period or achievement of the purpose, the Company destroys it without delay.
- Procedure: Upon withdrawal of membership or expiration of the retention period, destruction is performed automatically or by the responsible staff.
- Methods:
- Electronic files: permanently deleted in a manner that prevents recovery or reproduction.
- Paper documents: shredded or incinerated.
Article 8 (Measures to ensure the security of personal information)
The Company implements the following measures to ensure the security of personal information.
- Administrative: minimisation and training of personal-information handlers.
- Technical: encryption of passwords and access logs, security software, HTTPS communication.
- Physical: access controls for data centres and storage rooms.
Article 9 (Installation, operation, and refusal of automatic data-collection devices)
- The Company uses cookies and local storage to provide tailored services to Members.
- Purpose: to maintain login state, to save learning progress, and to analyse service usage.
- How to refuse: cookies may be disabled in the browser's settings. Note that disabling cookies may restrict features such as login persistence and saving of learning records.
Article 10 (Personal Information Protection Officer)
The Company designates the following officer to take overall responsibility for processing personal information and to handle complaints and remedies of data subjects.
- Personal Information Protection Officer: Hongseok Oh
- Email: contact@everydaysummer.net
Data subjects may direct all inquiries, complaints, and remedy requests relating to personal information that arise while using the Service to the contact above. The Company will respond and process such inquiries without delay.
Article 11 (Remedies for infringement of rights)
To obtain remedy for personal-information infringement, data subjects may apply for dispute resolution or counselling to the agencies below.
- Personal Information Dispute Mediation Committee: 1833-6972 (no area code) / www.kopico.go.kr
- Korea Internet & Security Agency — Privacy Infringement Report Center: 118 (no area code) / privacy.kisa.or.kr
- Supreme Prosecutors' Office: 1301 (no area code) / www.spo.go.kr
- National Police Agency: 182 (no area code) / ecrm.cyber.go.kr
Article 12 (Changes to this Privacy Policy)
This Privacy Policy is effective from its effective date. If there are additions, deletions, or corrections under applicable law or policy, the Company will announce such changes via in-service notices at least 7 days before the effective date. For changes that materially affect the data subject's rights, notice will be given at least 30 days in advance, and Members will be separately notified by email or app push.
Supplementary provisions
This Privacy Policy takes effect on 2026-04-28.