Privacy Policy
Effective: January 1, 2026 | Version 1.0
StartupDEX (the "Company") values users' personal information and complies with the Personal Information Protection Act.
1. Personal Information Collected
| Category | Items Collected | Required/Optional |
|---|---|---|
| Signup | Email, password, name | Required |
| KYC Verification | Real name, date of birth, ID copy, phone number | Required |
| Project Registration | Member type, profile image, experience | Required |
| Corporate Member | Company name, business registration number, CEO name | Required |
| Auto Collected | IP address, cookies, access logs, device info | Auto |
2. Purpose of Collection and Use
- Service Provision: Member identification, project registration, token trading, asset management
- Identity Verification: Real name verification, prevention of illegal use
- Customer Management: Complaint handling, notice delivery
- Service Improvement: New service development, statistical analysis
3. Retention and Use Period
| Retention Item | Retention Period | Legal Basis |
|---|---|---|
| Contract or subscription withdrawal records | 5 years | E-Commerce Act |
| Payment and supply records | 5 years | E-Commerce Act |
| Consumer complaint/dispute records | 3 years | E-Commerce Act |
| Website visit records | 3 months | Telecommunications Privacy Act |
4. Provision to Third Parties
The Company does not, in principle, provide users' personal information to external parties. However, exceptions are made in the following cases:
- When the user has given prior consent
- When required by law or requested by investigative agencies through legally prescribed procedures
5. User Rights
- Users can view or modify their personal information at any time.
- Users can withdraw consent for personal information collection and use at any time.
- Users can request correction of errors in their personal information.
6. Privacy Officer
7. Security Measures
- Administrative Measures: Establishing and implementing internal management plans, regular employee training
- Technical Measures: Personal information encryption, access rights management, security system installation
- Physical Measures: Access control for server rooms and data storage areas