‹ Back to login

Privacy Policy

SOLSOT Overseas Portal
※ This is a draft based on actual data practices. Wording and contact details must be finalized by legal review before it takes effect.

1. Personal data we collect

· Account: name, email (login ID), password (stored hashed), company/country, role/permissions, department/title (optional).
· Partner info: company name, English address, contact, remitter name, payment/shipping details.
· Transaction data: orders, quotes, settlement, royalty records, payment proofs (image/PDF), customs/shipping info, memos.
· Automatically collected: access logs, error diagnostics (personal identifiers masked), IP/request metadata for security.

2. Purpose of use

· Managing and fulfilling overseas orders, shipping, settlement and royalty billing.
· Account authentication, permission management, and transaction status notifications (email).
· Fraud prevention, security (login limits), and service quality / error handling.

3. Retention period

· Generally until the transaction ends or the account is closed, except where law requires longer retention.
· Change audit logs (amount/permission/status changes): 7 years (per tax law).
· Transaction/payment records are kept for the statutory period required by applicable e-commerce law, then destroyed.

4. Processors (sub-contractors)

· Supabase: database, authentication, file storage (Seoul region).
· Vercel: application hosting.
· Resend: transactional / invitation emails.
· Sentry: error monitoring (personal identifiers auto-masked).
· Upstash: security request rate limiting.

5. Third-party disclosure

· We do not provide personal data to third parties as a rule.
· Disclosure may occur only where required by law or upon a lawful request from authorities.

6. Your rights

· You may request access, correction, deletion, or suspension of processing of your personal data.
· Some fields (country, login email, etc.) are changed via the in-portal request feature or by contacting the operator.
· Submit such requests via the contact below.

7. Cookies

· We use only essential cookies for login session (authentication tokens).
· We do not use advertising or tracking cookies.

8. Data protection contact

· Operator: SOLSOT.
· Contact: use the in-portal request feature or reach the operator’s data protection officer. [Contact — to be set after legal review]

9. Changes

· We will announce the effective date and changes in advance when this policy is updated.
· Effective date: 2026-06-15.
Effective 2026-06-15