プライバシーポリシー
施行日: 2026-05-22
MIPPIA MuCheck Service Privacy Policy
MIPPIA Inc. (hereinafter the "Company") establishes and discloses this Privacy Policy in accordance with applicable laws and regulations in order to protect the personal information of users of the MuCheck service (hereinafter the "Service") and to promptly and smoothly address related concerns.
1. Purposes of Processing Personal Information
The Company processes personal information for the following purposes:
- Provision of the Service: Operating accounts, providing access to inspection results, managing usage history, and other Service-related functions.
- User Identification and Management: Account identification, group-level administration, inspection quota management, and prevention of unauthorized use.
- Complaint Handling: Processing requests from data subjects regarding access, correction, deletion, or suspension of processing of personal information.
- Service Improvement: Improving the stability and quality of the Service through analysis of usage records.
Because the Service is a B2B enterprise AI music identification service, the Company does not engage in advertising or marketing-related processing, nor does it process paid transactions.
2. Items of Personal Information Collected and Methods of Collection
The Company collects the following personal information for the provision of the Service.
| Category | Items Collected | Purpose of Use |
|---|---|---|
| Required | User ID, email address, password, affiliated group (customer organization) | Account identification and authentication |
| Required | Audio files uploaded by the User, external audio links, entered track title and artist name | Service provision |
| Automatic | IP address, cookies, access logs, visit date and time, Service usage records, records of unauthorized use, error codes, request patterns | Service provision and stability |
| On Inquiry | Name, company name, email address, contact number (optional), inquiry content | Inquiry response and follow-up |
Personal information is collected through the following methods:
- An administrator enters the required information when issuing a User account through the admin tool.
- The User directly enters information or uploads files while using the Service.
- The User directly enters information through the inquiry form on the landing page.
- Information is automatically generated and collected in the course of Service use.
3. Period of Processing and Retention of Personal Information
- The Company processes and retains personal information within the retention and use period required by law or agreed to by the data subject.
- Account information for the Service (email address, password, affiliated group) is retained during the operational period of the Service and is destroyed without delay upon account termination or termination of the Service.
- Audio files uploaded by the User and analysis results are retained without a separate retention period limit. If the User requests deletion, the request is processed in accordance with Article 9 of the Terms of Service.
- Information collected through the inquiry form is retained for three (3) years after the inquiry response is completed and then destroyed (for the purpose of dispute resolution).
3-1. Retention Periods Required by Law
| Item Retained | Legal Basis | Retention Period |
|---|---|---|
| Personal information related to Service use (log records) | Protection of Communications Secrets Act | 3 months |
| Records concerning consumer complaints or dispute resolution | Act on the Consumer Protection in Electronic Commerce, etc. | 3 years |
4. Provision of Personal Information to Third Parties
The Company uses the User's personal information only within the scope disclosed in this Privacy Policy and does not disclose it externally without the User's prior consent. The following cases are exceptions:
- Where required by law, or where an investigative agency makes a request in accordance with the procedures and methods prescribed by law for investigative purposes.
5. Outsourcing of Personal Information Processing
The Company may outsource personal information processing tasks for the operation of the Service as follows:
- Infrastructure Operation: Google Cloud Platform, NAVER Cloud Platform
- AI Analysis Processing: MIPPIA Platform (MIPPIA API Platform) — for the Service's core function of AI music identification, inspection data is transmitted to the MIPPIA Platform operated by the same Company for analysis.
The Company enters into contracts with all outsourced parties to ensure compliance with the Personal Information Protection Act, and the scope of outsourcing is kept to a minimum.
6. Destruction of Personal Information
Personal information is destroyed without delay once the purposes of collection and use have been achieved. The procedures and methods are as follows:
- Destruction Procedure: The Company identifies personal information for which a reason for destruction has arisen and destroys it upon approval of the Company's Personal Information Protection Officer.
- Method of Destruction: Information in electronic file form is destroyed using technical methods that prevent the records from being reproduced. Personal information printed on paper is destroyed by shredding or incineration.
- Immediate Destruction of Audio Files: If a User requests deletion of an audio file, the file is immediately and permanently deleted from storage.
7. Rights of Data Subjects and How to Exercise Them
- The data subject may exercise the following rights against the Company at any time:
- (a) The right to request access to personal information
- (b) The right to request correction of any errors
- (c) The right to request deletion
- (d) The right to request suspension of processing
- These rights may be exercised against the Company in writing, by email, or by other means, and the Company will take action without delay.
- These rights may also be exercised through a legal representative of the data subject or a duly authorized agent.
8. Measures to Ensure the Security of Personal Information
In accordance with Article 29 of the Personal Information Protection Act, the Company takes the following measures necessary to ensure the security of personal information so that it is not lost, stolen, altered, or damaged:
- Administrative Measures: Establishment and implementation of an internal management plan; regular employee training.
- Technical Measures: Technical countermeasures against hacking; encrypted (hashed) storage of passwords; HTTPS communications; retention of access logs and prevention of alteration.
- Physical Measures: Access control to server rooms and data storage areas.
9. Amendments to the Privacy Policy
The Company may amend this Privacy Policy in response to changes in applicable laws, the contents of the Service, or internal policies. Any such amendments will be announced through this site.
10. Personal Information Protection Officer
The Company has designated the following Personal Information Protection Officer, who oversees personal information processing and handles user complaints and remedies related to personal information processing.
Personal Information Protection Officer
- Name: Chanho Oh
- Position: Chief Executive Officer
- Email: och@mippia.com
For reports or consultations regarding other personal information infringements, please contact the following organizations:
- Personal Information Infringement Report Center (Tel. 118, no area code)
- Cyber Investigation Division, Supreme Prosecutors' Office (Tel. 1301, no area code)
- Cyber Bureau, National Police Agency (Tel. 182, no area code)
11. Supplementary Provisions
Effective Date
This Privacy Policy is effective as of May 22, 2026.