Privacy Policy
Effective date: 2026-03-11
1. Introduction
Meroni Swing (the "Service") values your privacy and complies with the Korean Personal Information Protection Act (PIPA) and related regulations.
This policy explains what personal information we collect, why we collect it, how long we retain it, and your rights regarding your data.
2. Personal Information Collected
Required
| Item | When Collected |
|---|---|
| Email address | Sign-up |
| Password (encrypted) | Sign-up (email registration) |
| Nickname (display name) | Sign-up or profile setup |
Optional
| Item | When Collected |
|---|---|
| Profile image | Profile setup |
| Location (country, city) | Profile setup |
| Dance experience & styles | Profile setup |
| SNS links | Team/organization/lesson registration |
Automatically Collected
| Item | When Collected |
|---|---|
| IP address | Consent records, service usage |
| User-Agent (browser info) | Consent records |
| Service usage logs | Service usage |
Payment-Related
Payment amounts and status are recorded during lesson registration. Sensitive payment information such as card numbers is not directly collected by the Service and is processed through payment gateway providers.
3. Purposes of Collection and Use
- Member identification and account management
- Event, lesson, and social dance registration and management
- Team and organization management and community features
- Lesson payment and refund processing
- Customer support and inquiry response
- Abuse prevention and service stability
- Consent record keeping (legal obligation)
- Statistical analysis for service improvement (de-identified)
4. Retention Period
| Item | Retention Period | Legal Basis |
|---|---|---|
| Member information | Until account deletion | Service agreement |
| Consent records | 3 years from consent date | Personal Information Protection Act |
| Payment and transaction records | 5 years | Electronic Commerce Act |
| Customer inquiry records | 3 years | Electronic Commerce Act |
| Abuse prevention records | 1 year | Abuse prevention |
Personal information is destroyed without delay once the retention period has expired or the purpose of processing has been achieved. Where retention is required by law, data is stored separately for the required period before destruction.
5. Third-Party Sharing and Processors
We do not share your personal information with third parties except in the following cases:
- With your prior consent
- When required by law
Data Processors
| Processor | Purpose |
|---|---|
| Supabase (USA) | Database and authentication services |
| Vercel (USA) | Web application hosting |
| Google Analytics | Service usage statistical analysis |
6. International Data Transfer
Your personal information may be transferred outside of Korea for processing by our service providers. Only the minimum data necessary for service operation is transferred, and all recipients maintain appropriate security measures.
| Recipient | Country | Data Transferred |
|---|---|---|
| Supabase | USA | Member information, service data |
| Vercel | USA | Service request data |
| Google (Google Analytics) | USA | Service usage statistics (de-identified) |
7. Cookies and Analytics
The Service uses cookies and similar technologies for the following purposes:
- Essential cookies: Login session management, authentication token handling
- Analytics cookies: Service usage statistics via Google Analytics (de-identified data)
You may refuse cookies through your browser settings, but some features of the Service may be limited.
8. Your Rights
You may exercise the following rights at any time:
- Request access to, correction, or deletion of your personal data
- Withdraw consent for data collection and use (account deletion)
- Request suspension of data processing
Profile information can be directly edited or deleted through the in-service profile editing feature. Upon requesting account deletion, personal data will be deleted or anonymized after a 7-day grace period. However, information required to be retained by law (e.g., consent records, transaction records) will be stored separately for the applicable retention period before destruction.
For inquiries regarding the exercise of these rights, please contact us at the address below.
9. Data Security
We implement the following measures to ensure the security of your personal information:
- Encrypted password storage (Supabase Auth)
- Data transmission encryption via HTTPS
- Database Row-Level Security (RLS)
- Minimized administrator access privileges
10. Contact
For inquiries, complaints, or remedies regarding personal data processing, please contact us at:
- Service: Meroni Swing
- Email: support@meroniswing.com
For reporting or consulting on personal information breaches in Korea, you may contact:
- KISA Privacy Center (privacy.kisa.or.kr / 118)
- Personal Information Dispute Mediation Committee (kopico.go.kr / 1833-6972)
11. Changes to This Policy
This policy may be updated due to changes in law or service operations. Changes will be announced through the Service. For material changes, a separate consent process will be conducted.
Effective date: 2026-03-11