1.  Introduction

Who we are and what this Policy covers.

FrontLens ("we," "our," or "us") operates as a K-culture focused global digital media platform available at frontlens.io. This Privacy Policy explains what personal information we collect from users of our platform, how we use it, when we may share it, and what rights you have regarding your personal data.

FrontLens publishes editorial content curated by our in-house editorial team, sourced from publicly available social media and online sources. By accessing or using our platform, you agree to the collection and use of your information in accordance with this Policy.

Questions? Contact us at: help@frontlab.co.kr

2.  Information We Collect

What we collect and how.

A. Information You Provide Directly

When you create an account, interact with our platform, or contact us, we may collect:

• Name and email address (at registration)
• Password (stored in encrypted form)
• Profile information (optional: profile photo, display name, language preference)
• Communications you send to us (e.g., inquiries, feedback)
• Social login data if you register via a third-party provider (e.g., Google, Kakao)

B. Information Collected Automatically

When you use our platform, we automatically record:

• Device and browser identifiers (IP address, user agent, cookie ID)
• Pages visited, content viewed, and time spent on pages
• Referral URLs (the page that directed you to FrontLens)
• Log data (access times, error logs)
• Approximate location (country/city level, derived from IP)

C. Cookies and Similar Technologies

We use cookies and similar technologies to keep you logged in, remember your preferences, measure platform performance, and serve relevant content. Please refer to our Cookie Policy for details on managing your cookie preferences.

3.  How We Use Your Information

Why we collect your data and what we do with it.

A. To Operate and Deliver Our Services

• Creating and managing your account
• Providing access to editorial content and platform features
• Sending service-related notifications (e.g., password reset, account security)
• Responding to your inquiries and support requests

B. To Improve and Develop the Platform

• Analyzing usage patterns to improve content structure and user experience
• Monitoring platform performance and troubleshooting errors
• Conducting internal research and editorial planning

C. To Personalize Your Experience

• Displaying content in your preferred language
• Remembering your reading preferences and bookmarks (where applicable)
• Recommending relevant articles based on your browsing activity

D. To Communicate With You

• Sending newsletters or content updates (only with your consent)
• Notifying you of significant policy changes
• Sending promotional communications (only with your consent; you may opt out at any time)

E. To Ensure Platform Security and Legal Compliance

• Detecting and preventing fraud, abuse, or unauthorized access
• Enforcing our Terms of Service
• Complying with applicable legal obligations

4.  Legal Basis for Processing

The lawful grounds we rely on (GDPR / UK GDPR).

For users in the European Economic Area (EEA) and the United Kingdom, we process your personal data on the following legal bases:

• Contract performance — processing necessary to provide the services you have registered for
• Legitimate interests — platform improvement, security, analytics, and editorial research
• Consent — newsletters, promotional emails, and non-essential cookies (you may withdraw consent at any time)
• Legal obligation — compliance with applicable laws and regulations

For users in the Republic of Korea, processing is governed by the Personal Information Protection Act (PIPA) and related regulations.

5.  How We Share Your Information

We do not sell your personal information.

We may share your information only in the following limited circumstances:

A. Service Providers

We engage trusted third-party vendors to operate our platform, including:

• Cloud hosting and infrastructure providers
• Email delivery services (for account notifications and newsletters)
• Analytics providers (for aggregate, anonymized platform usage analysis)
• Payment processors (if applicable for future paid features)

All service providers are contractually bound to process your data only on our instructions and in accordance with this Policy.

B. Legal Requirements

We may disclose your information to government authorities, regulators, or law enforcement agencies where required or permitted by applicable law — for example, to comply with a court order, respond to a legal process, or protect the safety of our users or the public.

C. Business Transfers

If FrontLens undergoes a merger, acquisition, or sale of assets, your personal information may be transferred to the successor entity. We will notify you in advance of any such transfer and of any change to this Policy.

D. With Your Consent

We may share your information for purposes not described in this Policy when we have obtained your explicit consent to do so.

6.  SNS-Sourced Content & Third-Party References

How we handle publicly available information in our editorial content.

FrontLens publishes editorial content that references or is derived from publicly available social media posts and online sources. In doing so:

• We do not systematically collect or store private personal data from social media profiles of individuals mentioned in our content.
• We reference only publicly accessible information (public posts, official announcements, published interviews).
• Our editorial team applies professional editorial judgment to avoid unnecessary inclusion of private personal information.
• Individuals referenced in our content who wish to submit a correction or removal request may contact us at help@frontlab.co.kr.

FrontLens is not responsible for the privacy practices of any third-party social media platforms linked to or referenced in our content.

7.  International Data Transfers

Where your data may be stored or processed.

FrontLens operates as a global platform and your information may be stored or processed in countries other than your country of residence. These countries may have data protection laws that differ from those of your home country.

Where we transfer personal data outside the Republic of Korea, the EEA, or the UK, we implement appropriate safeguards — such as Standard Contractual Clauses approved by the European Commission or equivalent mechanisms — to ensure that your personal information receives an adequate level of protection.

8.  Data Retention

How long we keep your information.

We retain your personal information for as long as necessary to provide our services and fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law.

Account Data

Retained for as long as your account is active. If your account is inactive for 24 consecutive months with no active subscriptions, we may delete it after providing prior notice.

Usage Logs and Analytics Data

Retained for up to 12 months in identifiable form, after which data is anonymized or deleted.

Communications and Inquiries

Retained for up to 3 years from the date of last correspondence, or longer where required by applicable law.

Marketing Data

Retained until you withdraw consent or opt out. A minimal suppression record is maintained to honor your opt-out preferences.

9.  Security

How we protect your information.

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, loss, misuse, disclosure, or alteration. These measures include:

• Encryption of passwords and sensitive data in transit and at rest
• Access controls limiting internal access to personal data on a need-to-know basis
• Regular security reviews and vulnerability assessments
• Staff training on data protection practices

While we take all reasonable precautions, no system is completely secure. If you believe your account has been compromised, please contact us immediately at help@frontlab.co.kr.

10.  Children's Privacy

Our platform is not directed at children.

FrontLens is not directed at children under the age of 14 (or under 16 in the EEA/UK, or under 13 in the US). We do not knowingly collect personal information from children without verifiable parental or guardian consent.

If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us at help@frontlab.co.kr and we will take steps to delete such information promptly.

11.  Your Rights

You are in control of your personal information.

Depending on your location, you may have the following rights. To exercise any of these rights, contact us at help@frontlab.co.kr.

A. Right to Access

You may request a copy of the personal information we hold about you.

B. Right to Rectification

You may request correction of inaccurate or incomplete personal information.

C. Right to Erasure

You may request deletion of your personal information where there is no overriding legitimate reason for us to continue processing it.

D. Right to Restrict Processing

You may request that we restrict the processing of your personal information in certain circumstances (e.g., while accuracy is contested).

E. Right to Data Portability

Where processing is based on your consent or contract performance, you may request that we provide your personal data in a structured, machine-readable format.

F. Right to Object

You may object to processing based on our legitimate interests, including profiling for direct marketing purposes.

G. Right to Withdraw Consent

Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal.

H. Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority. In the Republic of Korea, this is the Personal Information Protection Commission (PIPC). In the EU/EEA, contact your national supervisory authority. In the UK, contact the Information Commissioner's Office (ICO).

We will respond to all verifiable requests within 30 days, or within the period required by applicable law. We reserve the right to verify your identity before processing certain requests.

12.  Cookies

A quick summary — full details are in our Cookie Policy.

We use the following categories of cookies:

• Strictly necessary — required for core platform functionality (login, session management). Cannot be disabled.
• Functional — remember your preferences (language, display settings). Enabled by default; you may opt out.
• Analytics — help us understand how users interact with our platform (aggregate, anonymized data). Require your consent.
• Marketing — used to deliver relevant newsletters and promotional content. Require your explicit consent.

You may manage your cookie preferences at any time through our Cookie Settings panel or by adjusting your browser settings.

13.  Changes to This Policy

We may update this Policy from time to time.

We may update this Privacy Policy to reflect changes in law, best practices, or our data processing activities. When we make material changes, we will notify you by posting a prominent notice on our platform and, where appropriate, via email. The effective date at the top of this document will be updated accordingly.

Continued use of our platform following notification of changes constitutes your acceptance of the updated Policy.

14.  Contact Us

We're happy to help with any privacy-related questions.

• Email: help@frontlab.co.kr
• Website: frontlens.io
• Company: FrontLens (Frontlab Co., Ltd.)

We aim to respond to all inquiries within 5 business days.