meinSeoulSign in

Legal

Privacy Policy

Effective date: May 3, 2026 · Last updated: May 3, 2026

This Privacy Policy explains what personal data Me-in Seoul (“we,” “our,” or “the service”) collects, why we collect it, how we use it, and the rights you have. We try to keep this short and clear.

1. Who we are

Me-in Seoul is operated by [Operator name] as an individual. For privacy-related questions or requests, contact us at seouled.me@gmail.com.

2. Data we collect

Account data. If you create an account, we store your email address and authentication credentials through Supabase Auth.

Activity data. When you use the service, we store the spots you save, your wish lists, journey selections, and similar product interactions necessary to provide personalization features.

Analytics data. We use Google Analytics, Google Tag Manager, and Mixpanel (proxied through /mp/*) to understand usage patterns. This includes page views, in-app events, device and browser type, approximate location (typically derived from IP), and randomly generated identifiers. We do not use analytics tools to identify you personally.

Server logs. Our hosting and infrastructure providers automatically record technical information such as IP address, user agent, request times, and similar metadata. These are used for security, abuse prevention, and debugging.

We do not knowingly collect sensitive personal information such as health, religion, or political opinions, and we do not collect payment information (the service is currently free).

3. Why we use your data

We use the data above to:

  • operate the service (authenticate you, save your spots, render personalized pages);
  • maintain and improve the service (analyze usage trends, fix bugs, plan features);
  • communicate about your account or important service changes;
  • detect and prevent fraud, abuse, and security issues;
  • comply with legal obligations.

4. Third-party processors

We use the following processors. Each handles data only as necessary to provide their service to us:

  • Supabase— database, authentication, file storage. Located in the U.S. and EU.
  • Cloudflare R2— image content delivery and hosting. Globally distributed.
  • Vercel— application hosting (where applicable). Globally distributed.
  • Google (Analytics, Tag Manager) — analytics. United States.
  • Mixpanel— product analytics. United States.
  • Resend— transactional email delivery. United States.
  • Apify— scheduled background processing of public place reviews. United States / EU.
  • Google Gemini, Anthropic Claude — AI processing of public vlog and review content for the service. We do not send user account data to these models. United States.

5. International transfers

Some of the processors above are located outside Korea, including the United States and the European Union. By using the service, you understand that your personal data may be transferred to and processed in those jurisdictions. We rely on the providers' standard safeguards (such as Standard Contractual Clauses where applicable) to protect your data.

6. Cookies and similar technologies

We use cookies and similar technologies to keep you signed in, remember preferences, and measure usage. You can control cookies in your browser settings; blocking some cookies may limit parts of the service (for example, you may be unable to stay signed in).

7. Data retention

  • Account and activity data: kept for as long as your account is active.
  • After account deletion: removed within 30 days, except where we must retain certain records for legal or security reasons.
  • Analytics data: retained per the provider's defaults (Google Analytics: up to 26 months).
  • Server logs: typically up to 90 days.

8. Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you;
  • Correct inaccurate data;
  • Delete your account and associated data;
  • Export your data in a portable format;
  • Object to or restrict certain processing;
  • Withdraw consent for analytics by changing browser settings or contacting us.

Korean residents are protected under the Personal Information Protection Act (PIPA). EEA, UK, and similar residents are protected under GDPR or equivalent local laws. To exercise any of these rights, email seouled.me@gmail.com.

9. Children

Me-in Seoul is not intended for children under 14 years of age, in line with Korean law. We do not knowingly collect personal data from anyone under 14. If we learn that we have, we will delete it.

10. Security

We use industry-standard practices including HTTPS, scoped database access, and access controls on third-party services. No system is perfectly secure, and we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately.

11. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the latest version. For material changes, we will make reasonable efforts to give you additional notice.

12. Contact

Questions, requests, or concerns about your privacy or this policy? Email seouled.me@gmail.com.

Because Me-in Seoul is an individually operated service, we have not designated a separate Data Protection Officer (DPO) under PIPA Article 31. The contact above handles all privacy-related communication.