Data Protection

Last updated: 2025-04-12

1. Data controller

Eveaf Digital (15-7 Samseongri, Namcheon-myeon, Gyeongsan-si, Gyeongsangbuk-do, South Korea) is the controller for personal data collected through eveaf.digital and project communications. Contact: [email protected], +82 9-574-4596.

2. Data we collect

Contact form submissions (name, email, company, message), cookie preferences, analytics data if you opt in, project correspondence, billing details for contracted work, and technical logs (IP, browser type) for security.

3. Purpose of processing

We process data to respond to inquiries, deliver video production services, improve the website, meet legal obligations, and—with consent—analyze site usage. We do not sell personal data.

4. Legal basis

Processing is based on contract performance, legitimate interests (site security and service improvement), consent (analytics cookies), and legal obligations under applicable Korean privacy law including the Personal Information Protection Act (PIPA) where relevant.

5. Retention

Inquiry data is retained up to twenty-four months unless a project relationship continues. Project and billing records are kept as required for tax and contractual purposes, typically seven years. Cookie consent choices are stored locally in your browser until cleared.

6. Third-party sharing

We use processors for hosting, email, review tools, and analytics (when opted in). Processors are bound by contracts requiring appropriate safeguards. Transfers outside Korea occur only with protections such as standard contractual clauses or your consent where required.

7. Your rights

You may request access, correction, deletion, restriction, or portability of your personal data, and withdraw consent for analytics. Contact us at the email above. You may lodge a complaint with the Personal Information Protection Commission (PIPC) in Korea.

8. International transfers

If you access the site from outside Korea, data may be processed in Korea and where our subprocessors operate. We assess transfer risks and apply safeguards appropriate to the destination.

9. Security measures

We use access controls, encrypted connections where supported, and staff training. No method is completely secure; report suspected incidents to our contact email promptly.

10. Children

Our services target business users. We do not knowingly collect data from children under fourteen. Contact us to request deletion if you believe a child submitted data.

11. Policy changes

We update this notice when practices change. The last-updated date appears at the top. Significant changes affecting active clients will be communicated directly when feasible.

Contact: [email protected]