Privacy policy

1. General

마린웨이브 and 마린웨이브 (the “operator”) publish this privacy policy in accordance with Article 30 of the Personal Information Protection Act of Korea, to explain how personal data is handled and how related issues are addressed.

2. Personal data collected, purpose, and retention

3. Records retained under applicable law

• Records on contracts or withdrawal: 5 years
• Records on payment and supply of goods or services: 5 years
• Records on consumer complaints or dispute handling: 3 years
• Records on labeling and advertising: 6 months

4. Third-party sharing

We do not provide personal data to third parties by default. Exceptions may apply if you separately consent, if disclosure is required by law, or if there is a legal obligation related to investigations or disputes.

5. Processors and service providers

• Vercel: hosting and deployment
• secure payment provider: payment processing and payment status verification
• Google, Kakao, Naver: social login, when enabled
• Replicate and similar AI providers: audio separation and result generation

When entering into processing arrangements, we require restrictions on off-purpose handling, security measures, sub-processing control, and liability in line with applicable law.

6. Cross-border processing

Some personal data or file information may be processed outside Korea during service delivery.

• Vercel (including the United States): hosting, deployment, logs
• Replicate (including the United States): audio separation processing
• Google infrastructure, and Kakao or Naver infrastructure when used: login processing

7. Deletion procedures

When retention periods expire or processing purposes are fulfilled, data is deleted without undue delay. Electronic files are deleted in a way that reduces recoverability, and printed materials are shredded or destroyed. Data that must be retained by law is stored separately until that period ends.

8. Your rights

You may request access, correction, deletion, suspension of processing, or withdrawal of consent. Some requests can be limited when data must be retained under law or is needed for service security. Requests can be sent by email or through our support channel.

9. Cookies and logs

We may use cookies or similar technologies for login persistence, security verification, usability improvements, and incident response. You can refuse cookies in your browser settings, but some features may not work normally.

10. Security measures

We apply reasonable protections such as access control, credential protection, logging, security updates, and least-privilege operations. However, risks outside the operator’s control, such as user device conditions, third-party outages, or network issues, cannot be completely eliminated.

11. Privacy contact

12. External remedies

If you need consultation or dispute resolution related to personal data, you may contact the Personal Information Dispute Mediation Committee, the Personal Information Infringement Report Center, cybercrime investigation units of the prosecution service, or the cybercrime reporting system of the Korean police.

13. Policy updates

This policy may change due to law, service policy, or security operations. If a material change occurs, we will announce it in advance through the service or another electronic notice.