This page is provided in the selected language. If a translated expression is unclear, Korean operator information and applicable Korean law will be used for interpretation unless mandatory local law provides otherwise.
Summary
- Public pages may process technical logs for security and operation.
- The app may process account, device, customer, photo, fitting, AI request/result, payment and support data.
- Photos and AI data are used for requested fitting generation, not biometric authentication.
- External providers such as app stores, hosting/security tools and AI API providers may be used.
- Users may request access, correction, deletion, suspension, withdrawal of consent or account deletion where applicable.
1. Controller and scope
This Privacy Policy explains how MachoSuit (BlueCode) processes personal information in relation to the multilingual public pages, MachoSuit app, app APIs, notices, FAQ, policy pages, support, AI fitting, payment verification and service operation.
2. Public page logs
Public pages can be viewed without login. For security, operation, traffic analysis, error handling and abuse prevention, IP address, browser/device information, access time, requested URL, language subdomain, referrer and security/error logs may be processed.
3. Account, authentication and device information
When app login or protected functions are used, the service may process social login provider, provider user ID, token verification result, account identifier, name/nickname, email or phone if provided, app token, device ID, platform, app version, login time and authentication logs.
4. Customer, photo and fitting information
Customer names/codes, contact details, gender, measurements, photos, body or garment images, fabric selections, style options, fitting orders, memos, render images, AI request data, AI result images, job status and service history may be processed to provide fitting and consultation functions.
5. Payment, wallet and support information
For app-store purchase verification and wallet operation, product ID, purchase token, order ID, verification result, balance, transaction amount, transaction type, refund/restoration records and billing logs may be processed. Support inquiries may include category, title, content, reply, contact information, status and processing history.
6. Purposes of processing
Information is processed to provide app information, authenticate users, manage customer/fitting records, generate AI fitting outputs, verify payments, operate wallets, answer inquiries, prevent fraud, protect security, troubleshoot errors, maintain backups, comply with law and handle disputes.
7. Legal basis and consent
Processing may be based on service performance, user request, consent, legitimate security/operation interests, legal obligations, payment verification or dispute handling. Shop users who upload third-party customer data are responsible for giving proper notice and obtaining required consent from that customer.
8. Photos, body images and AI processing
Photos and images may reveal faces, body shape, clothing, surroundings or other personal elements. They are used for requested fitting generation and consultation reference, not for biometric authentication, identification, medical diagnosis or legal decision-making. Images may be transmitted to external AI/API providers only as needed for the requested function.
9. Retention and deletion
Data is retained only as long as needed for service use, result display, retry, support, payment/accounting obligations, security, dispute handling, backup and legal compliance. When retention is no longer required, records and files are deleted, separated or anonymized using reasonable technical methods.
10. Third-party provision
The operator does not sell personal information. Information may be provided to third parties only with consent, where necessary for payment/app-store verification, where required by law, to protect rights/security, or where another lawful basis exists.
11. Service providers
The operator may use service providers for hosting, storage, database operation, security, email/support, analytics, error monitoring, social login, app-store payment verification, image processing, AI generation and maintenance. Providers process information only as needed for the relevant function.
12. Overseas transfer and external AI/API infrastructure
Some providers may process or store information outside the Republic of Korea depending on their infrastructure. Where separate overseas-transfer notice or consent is required by applicable law, additional information may be provided through the app, policy page or consent flow.
13. Children under 14
The service is not directed to children under 14. Users must not upload children’s personal information or photos unless a lawful basis and legally required guardian consent have been obtained. Unauthorized child data may be restricted or deleted.
14. Sensitive and biometric information
The service does not request sensitive information such as health diagnosis, religion, political opinion, criminal record or unique identification numbers through the public pages. Photos are used for fitting generation and consultation reference, not for biometric identification or authentication.
15. Cookies, sessions and automatic collection
Cookies, sessions or similar technologies may be used for language routing, security, login/session handling, service stabilization and basic traffic/error analysis. Disabling cookies may limit some WebView or session-based functions.
16. Security measures
The operator applies reasonable technical and organizational measures such as HTTPS, token authentication, access control, upload validation, file type checks, database restrictions, logging, backups, abuse monitoring and operational separation. No internet service can be guaranteed completely secure.
17. User rights and account deletion
Where applicable, users may request access, correction, deletion, suspension of processing, withdrawal of consent, account deletion or explanation of processing. Verification may be required. Some requests may be limited where legal retention, payment/accounting obligations, security investigation, disputes or backups require continued retention.
18. Incidents, changes and privacy contact
If a personal-information incident occurs, the operator will investigate, contain, recover, prevent recurrence and notify users or authorities where required by law. This Policy may be updated when law, service functions, AI providers, payment providers or security measures change. Contact: [email protected].
19. Generative AI transparency, model training and automated decisions
MachoSuit processes prompts, uploaded photos, render images, garment images, fitting options and generated outputs only to provide requested AI fitting, retry, moderation, security, troubleshooting and support unless a separate consent or notice states otherwise. The service does not use public-page visitors’ data for behavioral advertising or biometric identification.
If a third-party AI provider or future internal AI feature uses data for model improvement, additional notice, opt-out or consent procedures will be provided where required. AI fitting outputs are reference images for consultation and are not used as a solely automated decision that legally or similarly significantly affects a person.
20. Privacy contact, remedies and complaint handling
Privacy requests may be sent to [email protected]. The operator may verify the requester’s identity and may limit a request where retention is required for law, payment/accounting records, security investigation, dispute handling, backup cycle or protection of another person’s rights.
Users may also seek help from the competent privacy authority or dispute-resolution body under applicable law. The operator will cooperate with lawful requests and will update this Policy when processing items, overseas transfer, processors, AI handling or retention rules materially change.
