Article 1 (Items and Methods of Personal Information Collection)
Komission (hereinafter referred to as the 'Company') collects the following personal information to provide services:
Required Collection Items
- Email Address (when linking Google OAuth)
- Profile Name and Profile Image
- Service Usage Records and Access Logs
Optional Collection Items
- Location Information (when participating in O2O campaigns)
- Contact Information (for reward payment and event winning)
Automatically Collected Items
- Public content metadata from external platforms (video title, description, views, likes, comments, creator public profile)
- Click events on public pages (event type, page location, hashed IP address)
- Prediction game participation records and engagement data
- AI content classification results
Article 2 (Purpose of Collection and Use of Personal Information)
The Company uses the collected personal information for the following purposes:
- Member Management: Member identification, confirmation of intent to join, prevention of unauthorized use by bad members
- Service Provision: Provision of viral analysis results, content genealogy tracking, personalized recommendations
- Point/Loyalty Management: K-Point accumulation/usage history management, reward payment
- Marketing and Events: Information on new functions, provision of event information (upon consent)
- Service Improvement: Usage statistics analysis, use of anonymized data for AI model improvement
Article 3 (Retention and Use Period of Personal Information)
The Company destroys personal information without delay after the purpose of collection and use is achieved. However, if it is necessary to preserve it in accordance with relevant laws and regulations, it is stored as follows:
Article 4 (Provision of Personal Information to Third Parties)
The Company does not provide personal information to third parties without the user's consent. However, exceptions are made in the following cases:
- When the user agrees in advance
- When there is a request from an investigative agency in accordance with the procedures and methods prescribed by laws and regulations for investigation purposes
- Provision of campaign participation confirmation information to O2O partner brands (providing only minimum information)
Data Processing Service Providers
- Public content metadata retrieval service providers (for video analysis and trend data)
- AI analysis service provider (Google Gemini API — for content pattern extraction and analysis)
- Payment processing gateway (PCI-DSS compliant)
Article 5 (Measures to Ensure Safety of Personal Information)
The Company takes the following measures to ensure the safety of personal information:
- Data Encryption: AES-256 encryption applied during transmission and storage
- Access Restriction: Minimization of personal information processing staff and management of access rights
- Security Program: Operation of security systems to prevent hacking and malicious code
- Regular Inspection: Regular inspection of vulnerabilities in personal information processing systems
Article 6 (Rights of Users and How to Exercise Them)
Users can exercise the following rights at any time:
- Request for viewing personal information
- Request for correction if there is an error
- Request for deletion (excluding cases where there is a retention obligation under laws and regulations)
- Request for suspension of processing
※ You can exercise your rights directly in 'My Page → Account Settings' within the service, or contact the customer center (support@komission.ai).
Article 8 (Privacy Protection Officer)
The Company is responsible for overall personal information processing and designates a Privacy Protection Officer as follows for complaint handling and damage relief of users:
Privacy Protection Officer: Komission Privacy Team
Email: privacy@komission.ai
Phone: 02-0000-0000
Article 9 (Changes to Privacy Policy)
This Privacy Policy is effective from December 23, 2024. If there are additions, deletions, or corrections to the changes in accordance with laws and policies, we will notify you through notices within the service or by email 7 days before the implementation of the changes.
Article 10 (External Platform Data and Comment Collection)
The Company may collect public metadata and comments from platforms through video URLs submitted by users or through trend discovery processes.
Collected Metadata
- Video title and description
- Public statistics such as views, likes, and comments
- Thumbnail image URL (image itself not stored)
- Upload date and creator's public profile
- Creator username (for attribution purposes)
Comment Data Collection
- Public comments from TikTok, YouTube, Instagram, and X (Twitter) are collected for audience sentiment analysis
- Comments are aggregated across video clusters to identify audience voice patterns
- Comment data is used to generate audience insight reports — individual commenters are not personally identified
- Original comments remain the property of the respective platform and commenter
Notice
- This data is limited to information publicly provided by platforms such as TikTok, YouTube, Instagram, and X, and private information (passwords, emails, etc.) is not collected
- Collected metadata and comments are used only for service analysis, pattern extraction, and audience insight purposes
- Metadata belongs to the original platform and is excluded from data portability requests
Article 11 (Children's Privacy Protection)
The Company implements the following policies to protect the personal information of children under 14 years of age in accordance with Korea's Personal Information Protection Act (PIPA).
- This service restricts registration of children under 14 years of age in principle
- If a child under 14 years of age wishes to use the service, consent from a legal representative (parent or guardian) is required
- When collecting children's personal information, we explain the purpose and content in easy language
- If the Company becomes aware that it has collected personal information of children under 14 without legal representative consent, we will immediately delete such information
- Legal representatives may request to view, correct, or delete their child's personal information
※ Inquiries regarding children's personal information: privacy@komission.ai
Article 12 (AI Training Data Use and Opt-Out Rights)
The Company may use user data for service improvement and AI model training. Users can exercise the following rights.
※ Opt-out requests will be processed within 7 business days. However, anonymized data already used for training cannot be personally identified and is excluded from deletion.
Article 13 (Lineage Crew Data Collection and Processing)
The following data is collected and processed when using the Lineage Crew service.
※ Leaderboard visibility can be adjusted in My Page → Privacy Settings.
Article 14 (Credit System Data Processing)
The Company collects and processes the following data to operate the credit system.
Data Collected
- Credit balance and transaction history
- Payment information (payment method, amount, date/time)
- Refund request history and processing results
- VDG analysis usage history (analysis date/time, video URL, credits used)
Purpose of Data Use
- Credit balance management and transaction processing
- Payment and refund processing
- Transaction history verification in case of disputes
- Service usage statistics analysis (anonymized)
Retention Period
Payment Information Security
- Credit card information is processed by PCI-DSS compliant payment gateway (PG)
- The Company does not directly store sensitive payment information such as card numbers or CVV
- All payment communications are encrypted with TLS 1.3
※ Payment inquiries: support@komission.ai
Article 15 (Automated Decision-Making)
The Company uses automated systems in the following areas. Users have the right to be informed about and, where applicable, to contest automated decisions that significantly affect them.
Automated Processing Areas
- AI content classification: Automatic detection and labeling of AI-generated content based on creator profile signals
- Content recommendation: Personalized content suggestions based on viewing history, prediction game participation, and engagement patterns
- Promotion decisions: Automated quality scoring and curation of trending content based on VDG analysis
- Campaign matching: Algorithmic matching of creators to brand campaigns based on performance signals
User Rights
- Right to be informed about automated decision-making processes
- Right to request human review of AI classification results
- Right to contest automated promotion or campaign matching decisions
- Right to opt out of personalized recommendations (My Page → Privacy Settings)
※ Requests for human review of automated decisions will be processed within 7 business days. Contact: privacy@komission.ai
Article 16 (Unauthenticated User Data)
The Company may collect limited data from visitors who have not logged in or created an account, on publicly accessible pages.
Data Collected from Unauthenticated Visitors
- Click events (event type and page location)
- Hashed IP address (one-way hash, original IP not stored)
- Browser type and language preference (from HTTP headers)
Purpose
- Aggregated analytics to understand service usage patterns
- Measuring effectiveness of public content pages
- Preventing abuse and ensuring service security
Data Protection Measures
- IP addresses are one-way hashed before storage — original IPs cannot be recovered
- Click event data is automatically deleted after 90 days
- No cookies are set for unauthenticated tracking — only server-side event logging
- Data is used only in aggregate form and is not linked to individual identities
※ If you do not wish to have click events recorded, you may use browser privacy mode or contact privacy@komission.ai.