Privacy Policy

Effective date: [YYYY-MM-DD]

TownieMap (the "Service"), operated by 브라이트 (business registration no. 125-28-07835, the "Operator"), complies with the Korean Personal Information Protection Act and processes personal data as follows.

1. Personal data we collect

Social login (Kakao, Google): nickname, email address

During use of the Service: location data (GPS-based local verification), reviews, ratings and menu information you submit, bookmarks

Collected automatically: device information, access logs, cookies

2. Purpose of use

We use the data to identify members and prevent duplicate sign-ups, classify local vs. visitor ratings, display review authorship, and provide and improve the Service.

3. Retention period

We retain data until you delete your account or the purpose of processing is fulfilled, after which it is destroyed without delay. Where retention is required by law, we keep it for the period prescribed.

Documents submitted for owner claims (e.g., business registration certificates) are destroyed immediately after verification.

4. Processing on our behalf

We entrust processing of personal data to: Supabase (data storage and authentication), Google (maps and social login), and Kakao (social login).

5. Disclosure to third parties

As a rule we do not provide personal data to outside parties, except where there is a legal basis or a lawful request from an investigative authority.

6. Your rights

You may at any time request access to, correction, deletion of, or suspension of processing of your personal data. However, the local/visitor classification and author display name recorded on a review at the time of writing are not changed retroactively.

7. Destruction of personal data

Personal data whose retention period has elapsed or whose purpose has been fulfilled is destroyed without delay; electronic files are deleted in a manner that prevents recovery.

8. Security measures

We apply reasonable safeguards including access-control management, database row-level security (RLS), and encryption in transit.

9. Data protection officer

Data protection officer: [name designated by the Operator]

Contact: [Operator email address]

10. Notice of changes

Any changes to this policy will be announced in advance through an in-service notice.