Trip2gather Privacy Policy (Global Privacy Policy – Korean Original)
Last Updated: September 25, 2025
Operator: JAPS
Contact: legal@trip2gather.app
This Privacy Policy (“Policy”) applies to all global users of the Trip2gather service (the “Service”), operated by JAPS (the “Company”).
It outlines the Company’s principles regarding the collection, use, retention, protection, and international transfer of personal data.
⚖️ Legal Validity and Interpretation Priority
The official and original version of this document is written in Korean (Original).
This English translation is provided for convenience only.
In the event of discrepancies, the Korean original shall prevail.
🔗 Related Policies
This Policy forms part of Trip2gather’s integrated policy framework, together with:
Terms of Service · Community Guidelines ·
Advertising Disclosure Policy · Cookie Policy ·
Accessibility Statement
1. General Principles
- As a global service provider, the Company complies with applicable data protection laws (GDPR, CCPA/CPRA, PIPL, APPI, PIPA, etc.) and has established a Global Baseline Privacy Standard.
- Region-specific provisions are supplemented in Section 16. Regional Addenda.
- The Company collects and processes only the minimum amount of personal data necessary to fulfill its Service objectives.
2. Categories and Methods of Data Collection
| Category | Data Collected (Examples) | Method | Purpose |
|---|---|---|---|
| Account Information | Email, Nickname, Firebase UID | During Registration | Authentication, Account Identification |
| Device Information | OS/App Version, Model, Language/Region, Advertising ID (GAID/IDFA) | Automatic | Optimization, Analytics, Error Tracking |
| Usage Data | Access/Event Logs, Clicks, Session Time, Crashes | Automatic | Service Improvement, Fraud Prevention |
| Location Data (Optional) | GPS or Network-based Location | With explicit consent | Travel routes, Companion location features |
| Ads/Push | Ad Impressions & Clicks, FCM Token | SDK / Automatic | Notifications, Advertising Delivery |
| Payment Info (Optional) | Store Transaction ID, Product ID | During Purchase | Payment Processing, Refund Management |
Sensitive data is not collected unless explicitly consented to separately.
3. Purpose of Personal Data Use
- Account creation, authentication, and user management
- Provision of essential Trip2gather community and travel features
- Customer service and official notifications
- Location-based and personalized content (based on consent)
- Advertising, analytics, and service optimization
- Legal compliance, dispute resolution, and fraud prevention
4. Legal Bases (GDPR Reference)
| Legal Basis | Example |
|---|---|
| Consent (Art.6(1)(a)) | Personalized ads, location, push notifications |
| Contract Performance (Art.6(1)(b)) | Core service functionality, payment processing |
| Legal Obligation (Art.6(1)(c)) | Accounting, taxation, retention requirements |
| Legitimate Interest (Art.6(1)(f)) | Security, analytics, service improvement |
iOS ATT (IDFA) use follows platform policies and user consent.
No automated decision-making is performed that produces legal effects.
5. Retention and Deletion
- Data is promptly deleted once the intended purpose is achieved.
- Operation logs: up to 3 months
- Transaction records: up to 5 years (as required by law)
- Backups are deleted on a rolling 30-day basis and irreversibly destroyed.
6. Third-Party Processing and Outsourcing
The Company does not sell personal data. Processing may be outsourced to trusted partners as follows:
| Processor | Service Provided | Transfer Country |
|---|---|---|
| Google LLC | Firebase (Auth, Firestore, Analytics, Crashlytics), AdMob, FCM | United States |
| Apple Inc. | IDFA processing (upon ATT consent) | United States |
| Amazon Web Services | Hosting, Backups | United States / EU / Asia |
All processors comply with Data Processing Agreements (DPA) and Standard Contractual Clauses (SCC).
7. International Data Transfers
- Infrastructure is operated across multiple regions (US, EU, Asia).
- Transfers are safeguarded under SCC (GDPR Art.46) and equivalent safeguards.
- Additional protection (encryption, access control, TIA) may apply.
8. User Rights (Requests and Withdrawal)
Users may exercise the following rights as applicable by jurisdiction:
- Access, rectification, deletion, restriction, and portability
- Withdrawal of consent (marketing, profiling, location, cookies)
- CCPA/CPRA: “Do Not Sell or Share” rights; recognition of GPC (Global Privacy Control) signals
- PIPL: refusal or withdrawal of consent for sensitive information
How to exercise:
Via App Settings > Privacy or email legal@trip2gather.app.
Responses will be provided within the statutory time limits (e.g., GDPR: within 1 month).
9. Advertising and Tracking
- Ad networks such as Google AdMob are used only with prior consent.
- Personalized advertising follows an opt-in model (in applicable regions).
- Third-party sites are governed by their own privacy policies.
- GPC signals are honored under CPRA compliance.
10. Marketing and Communications
- Newsletters, promotions, and surveys are sent only with explicit opt-in consent.
- Users may withdraw consent anytime via app settings or “Unsubscribe” links.
- Essential notices (security, transactions) may still be sent irrespective of consent.
11. Cookies and Similar Technologies
- Cookies, Local Storage, SDKs, and Pixel Tags may be used.
- Essential cookies are always active; analytics/advertising cookies require consent.
- See Cookie Policy for details.
12. Protection of Minors
- The Service is available to users aged 19 and above only.
- Accounts created with false age information are deleted immediately.
- Legal guardians may request deletion of related data.
13. Offline Meetings and Liability Disclaimer
- Offline meetings (travel, gatherings) are at the sole discretion and responsibility of users.
- The Company is not liable for any physical, emotional, or financial damages
unless caused by intentional or gross negligence. - Users are advised to meet in public places and share plans with trusted contacts.
14. Security Measures and Breach Notification
- TLS/SSL encryption, least privilege access, monitoring, and regular audits are enforced.
- In the event of a data breach, users will be promptly notified as required by law.
15. User Responsibilities
- Users must not post illegal, defamatory, or privacy-infringing content.
- Policy violations may result in account suspension or legal action.
16. Regional Addenda
European Union / EEA / United Kingdom
- Cookies require opt-in consent.
- International transfers are protected by SCC.
- DPO or EU representative is appointed when required.
United States (California)
- Advertising identifiers may be treated as “shared.”
- Mandatory links:
/ccpa/do-not-sell,/ccpa/limit-sensitive. - GPC signals are honored.
China (PIPL)
- Sensitive data (biometric, location) requires separate consent.
- Cross-border transfers follow standard contracts and security assessments.
- Contact:
legal@trip2gather.app
Japan (APPI/PSA)
- Prior notice and recordkeeping required for third-party disclosures.
- Payment and remittance functions comply with the Payment Services Act (PSA).
South Korea (PIPA)
- Users are informed of the recipient, purpose, and retention period of overseas transfers.
- Upon completion, data is irreversibly deleted.
17. Policy Updates
- Updates may occur due to law changes or service modifications.
- Major updates are announced at least 7 days in advance (30 days for critical changes).
- The latest version is always available in the app or on the official website.
18. Contact Information
- Data Protection Officer: JAPS Privacy Team
- Email: legal@trip2gather.app
- Address: Seoul, Republic of Korea (to be updated)
19. Governing Law and Jurisdiction
- This Policy is governed by the laws of the Republic of Korea.
- Disputes shall be resolved by the Seoul Central District Court, unless otherwise required by mandatory law.
20. Recordkeeping and Logs
- Consent, modification, and activity logs are securely stored in Firebase and internal systems.
- Minimum retention period: 3 years.
Effective Date: September 25, 2025
This Policy applies to all global users of Trip2gather.
The Korean version serves as the official original (Original).