쿠팡 리뷰 인사이트 Privacy Policy

Note: The Korean version of this policy is the original. In case of any conflict, the Korean version prevails.

1. Purpose of processing

쿠팡 리뷰 인사이트 processes personal data for: account registration, service provision (review analysis), and legal obligations.

2. Data collected

• Identifiers: email, OAuth subject ID (Google sub / Kakao id), internal user_id
• Authentication: access/refresh tokens (device-only, chrome.storage.local)
• Usage data (opt-in): visited PDP product/vendor IDs, review analyses

Anonymous data (visits/analyses) is physically separated from user identifiers and considered anonymous information outside PIPA scope.

3. Retention

• Account data: deleted immediately on account deletion; dormant accounts (1y) deleted 90 days after notice
• Privacy request log: 1 year after resolution
• Anonymous data: no retention limit (out of PIPA scope)

4. Third-party transfers

No third-party transfers. No sale, exchange, or grant of any user data.

5. Processors

• Self-operated server (KR): Docker-based self-hosted backend. Compute and storage of all account, session, and anonymous data. Not a cross-border transfer.
• Cloudflare, Inc. (US): Cloudflare Tunnel — encrypted transit only between external users and our self-hosted server. No compute, no storage.
• Google LLC (US): Google OAuth verification
• Kakao Corp. (KR): Kakao OAuth verification (not cross-border)
• DeepSeek (CN): negative-review text analysis. The extension does not call DeepSeek directly; all calls go through our server proxy (transit only; payloads discarded after upstream response). Only analysis results (summary, root causes, ≤3 quotes of ≤80 chars each) are stored in the anonymous pool.
• Coupang Corp. (KR) — Coupang Partners: affiliate link generation, product recommendations, commission settlement. Our server transmits productId, category id/name, search keywords, and SUB_ID to Coupang Partners Open API. User identifiers (email, OAuth sub, device id) are not transmitted. Limited to extension popup affiliate surfaces (recommend tab, similar products, card outbound link, share button). Not a cross-border transfer (Coupang infrastructure is domestic; only transient global CDN may apply).

5-1. Device identifier (Install UUID)

A random UUID v4 generated at extension installation, used only on the server side to throttle analysis abuse (multi-account abuse, automated requests, lifetime trial cap for unauthenticated users). No browser / system / canvas / audio fingerprinting is used. This UUID is not transferred to any third party (DeepSeek etc.) and is discarded when the user clears extension data.

5-2. Affiliate program (Coupang Partners)

This service participates in the Coupang Partners affiliate program and may earn a commission.

Affiliate surfaces in the extension popup — recommend tab, similar products section, card outbound link, and share button — qualify as affiliate activity. When a user navigates to Coupang via these surfaces and a purchase occurs, the operator may receive a commission.

Data transmitted from operator server to Coupang Partners Open API:

• productId — for deeplink conversion and similar-product search
• Top-K interest category IDs or names — for the recommend tab
• Search keywords — for explicit search or category-name fallback
• SUB_ID — surface identifier (e.g. ext-share, ext-card, ext-rec-goldbox); does not identify individual users

The following are never transmitted to Coupang Partners API:

• User email, OAuth sub, account sub
• Device id (Install UUID)
• Negative review text, analysis results, or any synced anonymous data

Opt-out: Not using the recommend tab means no category/keyword data is transmitted. Card outbound links and share surfaces auto-activate for signed-in users — without sign-up, no affiliate surface activates. No separate opt-out toggle is provided.

The extension never calls the Coupang Partners API directly; all calls are routed through our server (https://coupang-api.0xc05m1c0wl.dev/v1/affiliate/*). Partners API access/secret keys are stored only in the operator host's .env (mode 0600) and are never bundled into the extension.

6. Cross-border transfers

Cloudflare (US, transit), Google (US), DeepSeek (CN) are cross-border transfers. Compute and storage of this service themselves take place in South Korea (self-hosted). Coupang Partners (Coupang Corp., KR) is not a cross-border transfer. Users must consent explicitly during sign-up.

7. Data subject rights

Right to access, rectify, delete, and restrict processing. Email [email protected]; we respond within 30 days.

8. Deletion procedure

Hard delete on user row + cascading rows (sessions).

9. Security measures

• HTTPS-only transport (Cloudflare Tunnel automatic TLS)
• At-rest encryption via host disk-level LUKS (recommended for production)
• Secrets (JWT signing key, OAuth secret, LLM API key) stored only in host docker-compose env_file (mode 0600, root only). Never embedded in code, images, or repository.
• Physical separation between user identifier DB and anonymous data DB (separate SQLite file instances)
• No human review of user data without explicit consent (no such flow exists currently)

10. Privacy officer

Officer: 운영자 (실명/연락처는 호스트 .env 의 PRIVACY_RESPONSIBLE_OFFICER 로 주입)
Contact: [email protected]

11. Changes to this policy

Material changes will be announced at the top of this page and notified by email to registered users.