Privacy Policy

Panzy Privacy Policy

IMPORTANT NOTICE: This English version of the Privacy Policy is provided for convenience and reference only. In the event of any inconsistency, discrepancy, or conflict between this English version and the Korean version, the Korean version shall prevail and govern in all respects.

Panzy ("Company") complies with the Personal Information Protection Act of the Republic of Korea ("PIPA") and other applicable laws. This Privacy Policy explains how the Company collects, uses, processes, and protects personal information in connection with the use of its property management software and related services ("Service").

Article 1 (Purpose of Processing Personal Information)

The Company processes personal information for the following purposes:

  1. Membership Management
    • Identification and verification of Members
    • Conclusion and maintenance of service agreements
    • Customer support and inquiry handling
  2. Service Provision
    • Operation of PMS functions
    • Reservation management and inventory synchronization
    • Integration with OTAs and Google Hotel Search / Google Vacation Rentals
    • Payment processing and settlement
  3. Service Improvement
    • Service usage analysis
    • Feature improvement and quality enhancement
  4. Legal Compliance
    • Compliance with applicable laws and regulations
    • Dispute handling and record retention

Article 2 (Categories of Personal Information Collected)

  1. Member Information
    • Name
    • Email address
    • Phone number
    • Property information
    • Payment and settlement information
    • Business registration number (if applicable)
  2. Guest Information (processed on behalf of Members)
    • Name
    • Contact details
    • Reservation details
    • Stay information
  3. Automatically Collected Information
    • IP address
    • Access logs
    • Device information
    • Cookie data

Article 3 (Retention and Use Period)

  1. Personal information is retained only for as long as necessary to fulfill the purposes described above.
  2. Where required by applicable law, the Company retains information for the following periods:
    • Records related to contracts or withdrawals: 5 years
    • Records related to payments and supply of services: 5 years
    • Records related to consumer complaints or dispute resolution: 3 years

Article 4 (Provision to Third Parties)

  1. The Company does not provide personal information to third parties without prior consent, except in the following cases:
    • Where consent has been obtained
    • Where required by law
    • Where necessary for integration with OTAs, Google, or other external platforms to provide the Service

Article 5 (Outsourcing of Processing)

The Company may entrust the processing of personal information to third parties for the purpose of providing the Service, including:

  • Payment gateway providers (for payment processing)
  • Cloud service providers (for data storage and server operations)
  • Email/SMS service providers (for notification services)

The Company enters into agreements with such service providers to ensure compliance with applicable data protection laws.

Article 6 (Overseas Transfer of Personal Information)

Due to the nature of the Service, personal information may be transferred to or processed in foreign jurisdictions where OTAs, Google, or cloud service providers operate.

The Company takes reasonable measures to ensure appropriate safeguards are implemented in accordance with applicable laws.

Article 7 (Destruction of Personal Information)

  1. Personal information is destroyed without delay when the retention period expires or the processing purpose is achieved.
  2. Electronic files are deleted using technical methods that prevent recovery.
  3. Printed materials are shredded or incinerated.

Article 8 (Rights of Data Subjects)

Members may exercise the following rights in accordance with applicable laws:

  1. Request access to personal information
  2. Request correction or deletion
  3. Request suspension of processing

Requests may be submitted to the contact information below.

Article 9 (Security Measures)

The Company implements appropriate technical and organizational measures to protect personal information, including:

  • Access control management
  • Internal management plans
  • Data encryption
  • Installation of security programs
  • Log monitoring and retention

Article 10 (Data Controller and Data Processor Roles)

  1. For Member account information, the Company acts as the data controller.
  2. For Guest information processed through the Service on behalf of Members, the Company acts as the data processor, and the Member acts as the data controller.

Article 11 (Personal Information Protection Officer)

The Company designates a Personal Information Protection Officer as follows:

Name: Taegyu Kim

Email: panzy@panzy.site

Article 12 (Changes to This Policy)

This Privacy Policy may be amended in accordance with applicable laws or service changes. Any material changes will be notified through the Service.

Back to Home