MOABOT Partner Privacy Policy

Effective 2026-05-15 / Version v2

The Korean version of this policy is the legally binding original. This English translation is provided for convenience only.

Moggle Co., Ltd. (the “Company”) establishes and discloses the following Privacy Policy in accordance with the Personal Information Protection Act and related Korean laws, in order to protect users’ personal data and address related complaints promptly and effectively.

Article 1. Processing purposes

The Company processes personal data only for the following purposes and will obtain additional consent if the purpose changes.

  1. Sign-up and account management: confirming sign-up intent, identifying and authenticating users for membership services, maintaining membership status, preventing fraud, delivering notices, and handling complaints.
  2. Service delivery and billing: providing the MOABOT rule-based strategy automation tool, webhook relay, content delivery, personalised services, payments and settlement.
  3. Partner Program operation: partner approval review, activity management, commission settlement and payment, and withholding-tax filing under applicable tax law.
  4. Marketing and advertising: new-service development, personalised offerings, events and opportunity announcements, and promotional information.

Article 2. Data items processed

  • General sign-up (required): email address, password, nickname.
  • Service usage (required): exchange API key and secret key.(Only read/trade-permission keys without withdrawal rights are collected; they are stored under strong encryption.)
  • Paid services: card information, bank account info and payment records (processed by a payment service provider; not directly collected by the Company).
  • Partner Program: (required) name/legal name, contact, email, settlement bank account, account holder name / (optional) resident-registration number or business-registration number.(Collected only for 3.3% business-income withholding tax reporting under Korean tax law.)
  • Automatically collected: IP address, cookies, service usage records, access logs, fraud records and device information.

Article 3. Retention periods

Personal data is processed within the legal retention period or the period agreed by the data subject.

  • Sign-up and account management: until membership withdrawal. If investigations under applicable law are pending, until they conclude; if outstanding settlement obligations remain, until they are settled.
  • Records retained under the Act on Consumer Protection in Electronic Commerce:
    • Records of payments and supply of goods: 5 years
    • Records of contracts or withdrawals: 5 years
    • Records of consumer complaints or disputes: 3 years
  • Tax-law records (Partner commission settlement, withholding-tax receipts, etc.): 5 years under the statutory tax-assessment period.

Article 4. Third-party disclosure & processing entrustment

The Company processes personal data only within the purposes stated in Article 1 and does not disclose data to third parties beyond those purposes without prior consent. The Company entrusts the following processing tasks to external providers:

  • Server and infrastructure operation: Amazon Web Services (AWS) and similar cloud providers.
  • Payment processing and escrow: [payment service provider].
  • Identity verification and messaging: [verification and messaging vendor].

Entrustment contracts include obligations prohibiting use outside the entrusted purpose, technical/administrative safeguards, restrictions on re-entrustment, and liability terms; the Company supervises whether entrustees process data securely.

Article 5. Data subject rights

Users may exercise rights to access, correct, delete or suspend the processing of their personal data at any time. Requests may be made in writing or by email, and the Company will act promptly. Rights may be restricted by specific provisions of law or obligations under applicable law.

Article 6. Destruction

Personal data is destroyed without delay once the retention period expires or the processing purpose is achieved.

  • Electronic files: deleted using technical methods that prevent recovery (e.g. low-level format).
  • Paper documents: shredded or incinerated.

Article 7. Security measures

  • Administrative: internal management plan and regular staff training.
  • Technical: strong encryption of passwords and exchange API keys, security software against intrusion, SSL/TLS transport encryption, retention and tamper protection of access logs.
  • Physical: access control for server rooms and data storage facilities.

Article 8. Data protection officer

The Company designates a data protection officer responsible for personal-data processing and for handling complaints and damage relief from data subjects.

  • Data Protection Officer: Moggle Co., Ltd. data processing officer.
  • Complaint email: support@moabot.kr

Addendum

This Privacy Policy is effective from May 15, 2026.

Support