Privacy Policy

Effective date: 2025-09-04

This Privacy Policy explains how Korea Unpacked (“we,” “us,” or “our”) collects, uses, and protects personal information when you visit koreaunpacked.com (the “Site”) and when you purchase our digital products (eBooks). The Site targets an international audience.

By using the Site, you agree to this Policy. If you do not agree, please do not use the Site.

Who we are

  • Site: koreaunpacked.com (Korea Unpacked)
  • Contact: ddongtsu@gmail.com
  • For EU/UK residents, Korea Unpacked is the data controller of your personal data.

Scope

  • This Policy applies to your use of the Site and to purchases of our digital products.
  • We do not currently offer public user accounts or a comment feature.
  • We do not collect emails for newsletters at this time.

What we collect

  • Purchase and fulfillment data: email address (for order confirmation and delivery links), order ID, product purchased, purchase date/time; name is optional.
  • Technical data: IP address, device and browser information, and essential cookies or similar technologies necessary to operate and secure the Site.
  • Payment data: payments are processed by PayPal. We do not receive or store full payment card numbers or bank details on our servers.
  • Embedded content: if you interact with third-party embeds (e.g., YouTube videos, Google Maps, social media posts, or the PayPal checkout widget), those providers may collect information as described in their own policies.

How we use your information

  • To process orders and deliver digital products you purchased.
  • To provide customer support and service-related communications.
  • To maintain Site security, prevent fraud/abuse, and enforce policies.
  • To comply with legal obligations (e.g., tax and accounting).
  • With your consent if we introduce optional features that require it.

Legal bases (EU/UK)

  • Contract (order fulfillment), legitimate interests (security/fraud prevention), and legal obligation (tax/accounting). Where required, we rely on consent (e.g., for non-essential features if introduced).

Payments via PayPal

  • We use PayPal to process payments. Limited order details are shared with PayPal to verify and complete transactions. PayPal independently processes your payment data under its own privacy policy. We do not store full payment card details on our servers.

Cookies and similar technologies

  • We use only essential cookies by default for core functionality and security.
  • Third-party embeds (e.g., YouTube, Maps, social media, PayPal widget) may set their own cookies or collect interaction data. We do not use analytics or advertising cookies at this time.
  • You can manage or delete cookies in your browser settings.

Sharing and service providers

  • Hosting/CDN/Security logs: ChemiCloud (Site hosting and related technical processing).
  • Payments: PayPal (payment processing).
  • We share information with these providers only to the extent necessary to provide our services. If we add or change providers, we will update this Policy.

International data transfers

  • Our service providers may process data outside your country (including the United States). Where required by law, we implement appropriate safeguards for such transfers.

Data retention

  • Transaction records: kept for the period required by applicable tax/accounting laws.
  • Security logs: typically retained for 6–12 months.
  • Customer support communications: retained up to 12 months after resolution.
  • Cookies: persist for their individual lifetimes; you may delete them via your browser.

Your rights

  • Depending on your location, you may have rights to access, correct, delete, restrict or object to processing, and to receive a copy of your data (data portability), as well as to withdraw consent where processing is based on consent.
  • EU/UK residents may lodge a complaint with a data protection authority. To exercise rights, contact us at ddongtsu@gmail.com. We may need to verify your identity and will respond within 30 days where required.
  • California residents: we do not sell or share personal information as defined by applicable law. If this changes, we will update this Policy and provide appropriate links.

Children’s privacy

  • Our Site and products are not intended for children under 13 (or 16 where applicable). We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us to have it deleted.

Security

  • We use reasonable technical and organizational measures to protect personal information, including HTTPS/TLS encryption, least-privilege access controls, regular updates/patching, and monitoring with incident response procedures. However, no method of transmission or storage is 100% secure.

Changes to this Policy

  • We may update this Policy from time to time. The “Effective date” above indicates the latest version. Material changes will be posted on this page.

Contact us