Privacy
Privacy Policy
Last updated · April 22, 2026
Amuse8 updated this Privacy Policy as of April 22, 2026.
This Privacy Policy explains how the Company collects, uses, stores, transfers, deletes, and protects user information, as well as how users may exercise choices and rights.
The Service is available only to users aged 14 or older. Children under 14 may not sign up without a separate legal guardian consent process.
01
Information We Collect
When an account is created, the Company collects the user’s email address and password.
When users request customer or technical support or communicate with the Company, the Company may collect email addresses, phone numbers, message content, and attachments.
During use of the Service, URLs, webpages, files, and information extracted or generated from them, such as titles, body text, metadata, and tags, may be stored.
The Company may process automatically collected information such as IP address, preferences, cookie identifiers, browser, operating system, device information, approximate location, visited pages, clicked links, usage time, and frequency.
The Company may use Google Analytics 4 for website and service analytics and may generate labels, categories, and summaries through AI processing.
02
How We Use Information
The Company uses information to perform contracts with users, manage personal information, respond to inquiries, provide access to service features, and process customer and technical support requests.
The Company may use information for research and development, network and information security, fraud prevention, service analytics, new product and service development, internal quality control, identity verification, audits, account and policy notices, and legal compliance.
The Company may also use personal information for other purposes clearly disclosed or consented to when the information is provided. De-identified or aggregated information may be used for service improvement and statistical analysis.
03
Third-party Disclosure
The Company does not provide users’ personal information to external parties in principle.
Exceptions may apply where disclosure is necessary to comply with court orders or legal procedures, respond to law enforcement or national security requests, protect rights, property, or safety, address terms or policy violations, collect unpaid fees, or investigate unlawful conduct.
If personal information is provided to a third party, the Company will disclose and obtain consent for the recipient, purpose, items provided, and retention period as required by law. The Company currently does not provide users’ personal information to third parties.
If rights and obligations related to the Service are transferred due to business transfer, merger, or split-off, personal information may be transferred and users will be notified as required by law.
04
Retention
The Company processes and retains personal information within the retention period required by law or consented to by users. Where a specific period is difficult to determine, retention ends when the processing purpose is achieved or the legal or contractual basis no longer exists.
| Purpose | Retention period |
|---|---|
| Membership registration and management | Until withdrawal, with possible retention for up to one year to prevent abuse |
| User content and AI processing results | Until withdrawal or user deletion request |
| User communications | Three years after inquiry completion or the period required by law |
| Payment and billing records | Five years under e-commerce law |
| Consumer complaint and dispute records | Three years under e-commerce law |
| Service access logs | Three months under communications secrecy law |
| Display and advertising records | Six months under e-commerce law |
05
Deletion
The Company deletes personal information without delay, generally within five days, when the retention period expires or the processing purpose is achieved. Information that must be retained by law is stored separately.
Electronic files are permanently deleted in a way that prevents recovery or reproduction, and paper documents are shredded or incinerated.
06
Processors
The Company entrusts certain personal information processing tasks to provide the Service smoothly and includes safeguards, supervision, re-entrustment limits, and responsibility provisions in processor agreements.
| Processor | Task |
|---|---|
| Amazon Web Services Korea, kt Cloud | Service infrastructure operation and data storage |
| OpenAI, Google | Generative AI API processing, including labeling and summaries |
| Korea PortOne Co., Ltd. | Payment processing and settlement |
| Zoho | Notification and announcement emails |
07
International Transfers
The Company transfers personal information overseas in the form of processing and storage by cloud and AI providers as necessary to perform contracts with users and provide the Service.
| Provider | Contact | Purpose | Items | Country | Period | Method |
|---|---|---|---|---|---|---|
| Amazon Web Services Inc. (AWS Server) | [email protected] | Cloud server use for data storage | Service usage records or collected personal information | United States | During the user’s service membership period | Network transfer at the time of service use |
08
AI and Automated Decisions
Blokit uses AI technology to automatically read, label, and categorize content saved or uploaded by users.
The Company automatically analyzes, classifies, labels, and summarizes URLs, files, bookmarks, and other content to help users organize information.
Main inputs include content titles, body text, URLs, file contents, and user-defined tags.
Users may request explanations of AI classification and labeling standards and procedures, object to or request review of automated results, and refuse automated decisions that materially affect their rights or obligations.
AI outputs may be inaccurate or differ from user intent. The Company endeavors to reduce errors through model improvement, output filtering, and human review features.
09
AI Training Data — Optional Consent
The Company may use certain user content and usage records to improve service quality and AI models only when the user provides separate optional consent.
Training data may include de-identified body text and metadata, AI-generated labels, categories and summaries, user-edited labels, and feedback.
Sensitive information, unique identifiers, account or payment information, information of children under 14, content marked private, and data of users who did not consent are not used for training.
Users may withdraw consent at any time through settings or customer support, and refusal or withdrawal does not limit use of the core Service.
10
Chrome Extension
The Company provides a Chrome extension for automatic bookmark organization. It collects URL, title, main text, and bookmark hierarchy only for pages where the user explicitly runs a save or organize command.
The extension does not continuously track all browsing activity and does not collect sensitive form data such as passwords or payment information.
| Permission | Purpose |
|---|---|
| bookmarks | Read bookmarks and reflect classification or organization results |
| storage | Store settings and sync data locally |
| activeTab / tabs | Collect URL and title of the current tab when the user runs a save command |
| <all_urls> where applicable | Extract content from pages designated by the user |
11
Cookies and Similar Technologies
The Company uses cookies, local storage, and similar technologies for customized services. Users may refuse cookies through browser settings, but some features such as login persistence may be inconvenient.
12
Behavioral Information
The Company may collect behavioral information such as saved content types, topics, search terms, and feature usage frequency for recommendations and service improvement. The Company does not provide behavioral information to third parties for advertising without separate consent.
13
Sensitive Information
Blokit displays saved content only to the relevant user by default. If a user publishes content through shared links or public collections, sensitive information included in that content may be disclosed to third parties.
14
Pseudonymized Information
The Company may pseudonymize personal information for statistics, scientific research, or public interest archiving. Additional information is stored separately and safeguards are applied to prevent re-identification.
15
Security Measures
The Company implements administrative measures including internal management plans, privacy training, minimization and supervision of personnel handling personal information.
The Company implements technical measures including differentiated access permissions, access control, one-way password encryption, encryption of important data in storage and transit, intrusion detection and blocking, and access log retention and review.
The Company implements physical measures such as access control and locks for data storage locations.
16
User Rights
Users and legal representatives may exercise rights to access, correct, delete, or suspend processing of personal information; withdraw consent and close accounts; object to, request explanations of, or request review of automated decisions; request data portability where applicable; and request remedies for privacy infringement.
Rights may be exercised in writing, by email, or through in-service inquiry features. The Company will process requests and notify results within 10 days after receipt.
17
Privacy Contact
The Company designates a privacy officer and department responsible for personal information processing, complaint handling, and user remedies.
| Item | Details |
|---|---|
| Company | Amuse8 |
| Representative | Dongmin Shin |
| Business address | 101, 1F, 93-1 Heukseok-ro, Dongjak-gu, Seoul, Republic of Korea |
| Business registration number | 225-10-15800 |
| Contact person | Yoonju Lee |
| Department | Privacy Department |
| Phone | 050-6456-2939 |
| [email protected] |
18
Remedies
Users may request consultation or dispute resolution from the Personal Information Infringement Report Center (118, privacy.kisa.or.kr), Personal Information Dispute Mediation Committee (1833-6972, www.kopico.go.kr), Supreme Prosecutors’ Office Cyber Investigation Division (1301, www.spo.go.kr), or National Police Agency Cyber Bureau (182, ecrm.cyber.go.kr).
19
Changes to This Policy
The Company may amend this Policy due to changes in law, policy, or security technology. Changes will be announced at least seven days before the effective date, or at least 30 days before important unfavorable changes.
This Privacy Policy is effective as of April 22, 2026.