Privacy Policy
We believe you deserve to know exactly how your financial data is handled. This document explains our practices in plain terms — because transparency isn't optional when you're trusting us with sensitive information.
LogiConCog provides financial data integration and synchronization services to businesses operating in South Korea. When you use our platform, you're sharing information that matters — account credentials, transaction records, business metrics. We take that responsibility seriously.
This privacy policy describes what data we collect, why we need it, how we protect it, and what rights you have. We've written it to be genuinely useful rather than just legally compliant.
Questions About Privacy?
Email us directly at support@logiconcog.com or call +82 53 424 8383. We respond to privacy inquiries within two business days.
Information We Collect
Our service connects your financial systems. That means we need certain information to function properly. Here's what we actually collect and why each piece matters.
| Data Type | What We Collect | Why We Need It |
|---|---|---|
| Account Information | Business name, contact person, email address, phone number, business registration details | To create your account, communicate about service issues, and comply with South Korean business regulations |
| Financial System Credentials | API keys, authentication tokens, system access credentials | To connect to your accounting software, banking systems, and payment platforms for data synchronization |
| Transaction Data | Financial transactions, account balances, payment records, invoice details | To synchronize data between your systems — this is the core function of our service |
| Technical Data | IP addresses, browser type, device information, log files, error reports | To maintain system security, troubleshoot technical issues, and improve platform performance |
| Usage Information | Features used, sync frequency, data volume, integration configurations | To optimize your specific setup and identify potential problems before they affect your workflow |
We don't collect information we don't need. We're not tracking your browsing habits across other websites. We're not building marketing profiles. We collect what's necessary to synchronize your financial data reliably and securely.
How We Use Your Information
The data you share with us serves specific purposes. We're not vague about this because you deserve to know exactly what happens with your information.
Primary Service Functions
- Connecting to your financial systems using the credentials you provide
- Synchronizing transaction data between platforms according to your configuration settings
- Monitoring sync processes to catch and resolve errors before they impact your business
- Maintaining data integrity across all your connected systems
- Generating sync reports and status notifications about your integrations
Security and Compliance
- Detecting unusual access patterns that might indicate security threats
- Maintaining audit logs as required by South Korean financial data regulations
- Verifying your identity when you contact support about sensitive account matters
- Conducting security assessments of our systems to protect your data
- Responding to legal requirements from South Korean authorities when legally obligated
Service Improvement
- Analyzing aggregated usage patterns to identify common technical issues
- Testing new integration features with a subset of users who opt in
- Optimizing system performance based on actual usage patterns
- Developing new connectors for financial platforms our clients commonly request
What We Don't Do
We don't sell your data. We don't share your financial information with advertisers. We don't use your transaction data to build products for other companies. Your data serves your integration needs — that's it.
Your Rights
South Korean data protection law gives you specific rights regarding your personal information. Here's what you can do and how to actually do it — not just legal theory, but practical steps.
Access Your Data
Request a complete export of all personal and financial data we hold about your account. We provide this in machine-readable format within seven business days.
Correct Inaccuracies
Update incorrect information directly through your account settings or contact our support team for data you can't modify yourself. Changes take effect immediately.
Delete Your Account
Request complete account deletion. We remove all data except what we're legally required to retain for tax or regulatory purposes in South Korea.
Restrict Processing
Temporarily pause data synchronization while maintaining your account. Useful if you're investigating a discrepancy or switching financial systems.
Data Portability
Export your sync configurations and historical data to move to another service. We provide exports in standard formats that work with competing platforms.
Object to Processing
Opt out of specific data uses like service improvement analysis. Core synchronization functions continue, but we stop using your data for optional purposes.
How to Exercise These Rights
Email support@logiconcog.com with your request. Include your account email and specify which right you're exercising. We verify your identity through your registered contact information, then process most requests within five business days.
For deletion requests, we provide a confirmation summary of what will be removed and what we're required to retain. You get 14 days to review before deletion becomes permanent.
Data Security Measures
Protecting financial data isn't something we take lightly. Here's what we actually do — specific technical measures, not vague promises about "industry-standard security."
Encryption and Storage
- All data transmitted between your systems and our platform uses TLS 1.3 encryption
- Financial credentials stored using AES-256 encryption with keys managed through hardware security modules
- Transaction data encrypted at rest in databases hosted in South Korean data centers
- Encryption keys rotated quarterly and never stored alongside the data they protect
Access Controls
- Multi-factor authentication required for all employee access to production systems
- Role-based access controls limiting employee data access to job requirements
- Automated session timeouts after 15 minutes of inactivity
- IP address restrictions for administrative functions
- All access to client data logged with regular audit reviews
Monitoring and Response
- 24/7 automated monitoring for unusual access patterns or potential security incidents
- Intrusion detection systems scanning for known attack patterns
- Quarterly penetration testing by independent security firms
- Incident response plan with defined escalation procedures
- Client notification within 24 hours if a security incident affects their data
Security Incident Protocol
If we detect a potential security incident involving your data, we contact you immediately — not in 72 hours as regulations allow, but as soon as we understand what happened. You receive a technical summary, impact assessment, and specific steps we're taking. No vague corporate statements.
Data Retention and Deletion
We don't keep your data indefinitely. Here's exactly how long we retain different types of information and why certain items stick around longer than others.
Active Account Data
While your account remains active, we retain all transaction data and sync history. You can delete specific records through your dashboard at any time.
Inactive Account Data (90 Days)
If you stop using our service but don't delete your account, we retain your data for 90 days in case you return. After that, we send three email reminders before any deletion.
Deleted Account Data (7 Years)
When you delete your account, we immediately remove all financial credentials and stop all data synchronization. However, South Korean tax law requires us to retain transaction records for seven years.
Technical Logs (2 Years)
System logs containing IP addresses and usage patterns are retained for two years for security analysis and regulatory compliance, then automatically purged.
Backup Deletion (30 Days)
Deleted data persists in encrypted backups for up to 30 days as these systems follow their own retention cycles. After 30 days, no recoverable copies exist anywhere.
What We're Required to Keep
South Korean regulations require financial service providers to retain certain records regardless of account status. This includes transaction logs, account registration details, and authentication records. We maintain these in offline encrypted storage separate from active systems.
If you request account deletion, we provide a detailed list of exactly what data we're retaining for regulatory purposes, where it's stored, and when it will be permanently deleted.
Data Sharing and Transfers
Your financial data doesn't leave our systems except in specific, limited circumstances. Here's every scenario where your information might be shared or transferred.
Service Providers
We work with a small number of specialized service providers who help us operate the platform. These companies only access data necessary for their specific function.
- Cloud infrastructure providers hosting our servers in South Korean data centers
- Database management services maintaining encrypted data storage
- Security monitoring firms conducting penetration tests and vulnerability assessments
- Email service providers sending system notifications and support communications
Every service provider signs data processing agreements limiting how they can use your information. They can't use your data for their own purposes or share it with anyone else.
Legal Requirements
We disclose information when legally required by South Korean authorities. This happens when:
- We receive a valid court order or subpoena
- Tax authorities request transaction records during an audit
- Financial regulators investigate potential violations
- Law enforcement presents proper legal documentation
We notify affected clients about legal requests unless prohibited by the request itself. When possible, we challenge overly broad requests that seek more data than legally necessary.
Business Transfers
If LogiConCog is acquired or merges with another company, your data transfers to the new owner. You'd receive 30 days notice with information about the acquiring company's privacy practices and the option to delete your account before the transfer.
International Transfers
Your data stays in South Korea. We don't transfer information to servers in other countries. Even our backup systems remain within South Korean borders to comply with local data residency requirements.
Cookies and Tracking
We use cookies — those small data files stored in your browser. But we're selective about what we track and why.
Essential Cookies
These are necessary for the platform to function. Without them, you can't stay logged in or maintain your session. They include authentication tokens and security identifiers. You can't disable these and still use the service.
Functional Cookies
These remember your preferences — dashboard layout, timezone settings, notification preferences. They make the platform more convenient but aren't strictly necessary. You can disable them in account settings.
What We Don't Use
We don't use advertising cookies. We don't track you across other websites. We don't sell cookie data to third parties. We don't use tracking pixels from social media platforms.
Changes to This Policy
Privacy practices evolve as regulations change and services expand. When we update this policy, we handle it transparently.
Minor clarifications and typo fixes happen without notification. Significant changes that affect how we collect or use data trigger email notifications 30 days before implementation. You see a comparison showing exactly what changed.
If you disagree with updated terms, you can delete your account before changes take effect. We process deletion requests within 48 hours when submitted before a policy change.
Previous policy versions remain available in our documentation archive so you can see how our practices have evolved.