Privacy Policy
Last updated
Was this helpful?
Last updated
Was this helpful?
Powertask Inc. (hereinafter referred to as the “Company”) values the personal information of its customers and makes every effort to protect it effectively and securely. Thank you for using the website provided by Powertask Inc. (, hereinafter referred to as the “Website”) and the Outcode service (, hereinafter referred to as the “Service”). These Terms of Use define essential matters such as your rights, obligations, and responsibilities, as well as the terms and procedures for using the Website and the Service. Please read them carefully.
By clicking the “Agree” button during registration or by using the Service, you are deemed to have agreed to these Terms. If you do not agree to these Terms, or do not have the legal authority to agree on behalf of another party, please refrain from using the Service. The Company will not be held liable for any difficulties or inconveniences experienced by customers who use the Service despite not agreeing to these Terms.
For matters not stipulated in these Terms or for interpretations thereof, relevant Korean laws shall apply, including the Act on Consumer Protection in Electronic Commerce, the Act on the Regulation of Terms and Conditions, and the Act on Promotion of Information and Communications Network Utilization and Information Protection. The Company may establish additional operational policies for individual services if necessary.
The Company informs customers, through its Privacy Policy, of how the personal information they provide is used and managed, as well as the measures in place to protect it. If any changes are made to the Privacy Policy, such changes will be announced through a notice on the Website (or via individual notifications, if applicable).
The Company processes only the minimum necessary personal information for the following purposes. If the purpose of use changes, the Company will obtain the customer's consent in advance.
Identifying and verifying the customer’s identity for service use
Maintaining and managing customer qualifications
Providing the Service smoothly and preventing unauthorized use
Delivering notifications such as membership-related announcements
Confirming the customer’s intent and handling inquiries or complaints
Preserving records for dispute resolution
Determining eligibility for services (including affiliate services) requested by the customer and providing such services
Determining eligibility for discounted pricing and providing additional services
Performing statistical analysis (e.g., usage analytics, log analysis) and delivering personalized services
Providing marketing information such as new product introductions, services, and event updates
Entrusting necessary service-related tasks to subcontractors as disclosed in the Privacy Policy
The Company does not transfer, sell, or disclose customer information to any third party for purposes beyond those originally stated. The Company only processes the minimum amount of personal information necessary for the following purposes. The data collected by the Company includes, but is not limited to, the items listed below and is provided directly by the customer.
Items of Personal Information Collected
Required Items: Customer’s full name, email address, company name, contact information, password, organization details, access information, login records, and usage data
Optional Items: Referrer ID (email), profile photo, payment history, customer feedback, posts, and inquiries
Collection Methods
Direct input by the user during sign-up or through the [Account] settings
Input or automatic collection during service usage
Collected via customer support channels (chat, email)
The Company also allows customers to use an open standard known as OAuth, which enables access to third-party websites or applications without sharing passwords. When using OAuth services provided by external providers, the following information must be entered:
User ID: The ID registered with the OAuth service provider
Email: The email registered and authorized with the OAuth provider
Name: The username or alias registered with the OAuth provider
When using OAuth services, the following data may be accessed and stored during the authentication process:
Token information received from the OAuth service provider
Name of the billing party, billing address, relationship to the contract holder, and payment information
Information generated and collected during service usage or business operations
Examples include:
Service usage records, access logs, execution logs, payment history, suspension history
Encrypted credit card details, telecom provider information, and other minimum data required for payment
Device and service usage data which may be considered personal information for security purposes
Methods of Collecting Personal Information
The Company collects personal data through the following means:
When the customer agrees to the collection of personal information and enters the information directly during sign-up or while using the Service
Through information provided during customer support interactions via web pages, written documents, email, fax, phone, or delivery requests
Automatically during service usage or through data collection tools during business operations
Through participation in online/offline events or promotions, and from affiliated external companies or organizations (only when the partner has obtained separate consent from the customer)
The customer’s data is also used to provide services such as email notifications and newsletters as configured by the customer.
The Company manages and protects customer data through multiple security procedures, including the use of encrypted communication methods and the encryption of customer information.
We do not transfer or disclose your information to third parties for any purposes other than those initially stated. However, exceptions may be made in cases where there is a legal obligation or the customer has given prior consent.
The Company does not transfer or disclose information collected through integrated applications and services, including those using Google APIs, to third parties for any unintended purposes. Furthermore, user data associated with Google or any other linked service is protected under that service’s user data policies and relevant laws, and is never shared with third parties without the user's explicit consent. Exceptions are only made in the case of legal requirements or if the user has given prior authorization.
The Company does not use personal information collected via Google APIs or any other integrated applications for the development, training, or improvement of AI (Artificial Intelligence) or ML (Machine Learning) models in a de-identified form or otherwise.
We retain and utilize your personal information only for the duration of the service provision period (usage period) or the time required for resolving disputes (retention period). When you request to cancel your membership or your qualification is lost, all your data will be immediately deleted and rendered unrecoverable or unusable by any means. However, certain information may be retained if required by law.
Usage Period: From the date of subscription to the date of cancellation, or throughout the dispute resolution period.
Retention Period: Up to 6 months after cancellation to address billing issues such as payment settlements or overcharges. In cases where there are unresolved billing disputes, information may be retained until the issue is resolved.
Retention of Personal Information After Cancellation In accordance with Article 85-3 of the Framework Act on National Taxes, the following information may be retained:
Items retained: Customer name, customer identification number, phone number, billing details (charged amount, tax amount, payment amount, billing and payment dates), bill payer name, services used, discount amounts and reasons, billing address
Retention period: 3 years
For law enforcement requests related to misuse of services:
Retention period: 1 year
Other Retention Records (based on applicable laws):
Records on display/advertising: 6 months (Act on Consumer Protection in Electronic Commerce)
Records on contract or subscription withdrawal: 5 years (same law)
Records on payment and goods/service supply: 5 years (same law)
Records on customer complaints or dispute resolution: 3 years (same law)
Records on collection/processing/use of credit information: 3 years (Use and Protection of Credit Information Act)
In principle, the Company promptly destroys personal information once the purpose of its collection and use has been fulfilled. The procedures and methods of destruction are as follows:
Destruction Procedure
Information provided by the member during registration or similar processes is transferred to a separate database (or, in the case of paper documents, stored in a separate file cabinet) after the intended purpose has been fulfilled. It is then retained for a certain period in accordance with internal policies and relevant laws (see “Retention and Usage Period”), after which it is permanently destroyed. Personal information transferred to the separate database is not used for any other purpose unless required by law.
Destruction Method
Personal information stored in electronic file format is deleted using technical methods that prevent recovery or reproduction of the data.
Personal information printed on paper is destroyed by shredding or incineration.
The Company values the protection of personal information and complies with the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Personal Information Protection Act, and the Act on the Consumer Protection in Electronic Commerce. The Company uses customers' personal information only within the scope disclosed in this Privacy Policy and does not, in principle, entrust or provide such information to third parties without prior consent. Exceptions include the following cases:
When the customer has given prior consent
When required by law or by a lawful request from an investigative authority in accordance with legal procedures
To improve service delivery, customer support, and related administrative tasks, the Company may outsource certain personal information processing tasks. In such cases, contracts are established with service providers to ensure compliance with relevant laws and guidelines. These contracts include provisions on confidentiality, prohibition of third-party disclosures, liability for incidents, and the obligation to return or destroy information after the contract ends.
Outsourced Personal Information Processing Tasks and Recipients
Purpose: Credit card payments and bank transfers
Recipients:
Banks: Shinhan, SC First, Citi, Hana, Nonghyup, IBK, KB, Savings Banks, Suhyup, Credit Unions, Korea Post, Saemaeul Geumgo, Daegu, Busan, Gyeongnam, Woori, Gwangju, Jeonbuk, Choheung, Jeju, Toss Bank, Kakao Bank, K Bank
PG/VAN Providers: StepPay Co., Toss Payments, NICE Payments, Smartro
Information Provided: Payment information
Retention Period: Data is deleted immediately upon fulfillment of the collection and usage purpose, unless otherwise required by law
Purpose: Payment processing and issuance of electronic tax invoices
Recipient: National Tax Service (NTS)
Information Provided: Payment and business information
Retention Period: Deleted after purpose is fulfilled unless otherwise specified by law
Purpose: Mobile phone identity verification
Recipients: Mobile carriers (SKT, KT, LG U+)
Information Provided: Payment information
Retention Period: Deleted immediately upon fulfillment of purpose, unless otherwise specified by law
Purpose: Transaction verification, cancellations and refunds, settlement of payment amounts, and responding to transaction history requests
Recipient: The customer’s transaction counterpart
Information Provided: Name, email, phone number, transaction approval status and failure reasons, approval and order numbers, payment information, organization information
Retention Period: 5 years (based on the Act on the Consumer Protection in Electronic Commerce)
Purpose: Storage of customer data
Recipients: Amazon Web Services, Inc., Google Cloud Platform (Google Cloud Korea LLC)
Storage Method: Stored in the Company’s internal databases with independent secure networks and security measures
Information Provided: Customer information, organization information, and service configuration data
Retention Period: 1 year following the completion of the termination process, including final settlement and overdue payments. (If the customer requests earlier deletion, it will be executed without delay.)
As the data subject, the customer may access or modify their registered personal information at any time, and may also request deletion, suspension of processing, or termination of membership.
To access or update personal information, the customer must complete an identity verification process through the [Settings] section of the service, after which they may directly view, correct, or delete their information, or withdraw their membership.
Alternatively, customers may contact the Company’s personal information protection officer in writing or by email, and appropriate actions will be taken without delay.
If a customer requests the correction or deletion of inaccurate personal information, the relevant data will not be used or disclosed until the correction or deletion is completed. If incorrect information has already been shared with a third party, the Company will promptly notify that third party of the correction or deletion, so that appropriate updates can be made.
The Company has implemented the following technical and administrative measures to ensure the security of personal information and to prevent the loss, theft, leakage, forgery, alteration, or damage of customer data.
Technical Safeguards
Personal information is protected by passwords, and critical data is secured using additional security settings within the service.
To ensure secure transmission over the network, encryption protocols such as HTTP/SSL are applied.
Personal data is safely encrypted during storage and protected against unauthorized access.
To prevent personal information from being leaked through hacking or similar incidents, the Company utilizes reliable public cloud infrastructure that has been verified for security.
Administrative Safeguards
The Company has established procedures for the protection and controlled access of personal information and ensures that employees are trained and comply with these procedures. Compliance is regularly audited.
The number of personnel with access to personal information is kept to a minimum, and their access is strictly controlled. Employees are educated on legal and policy compliance to ensure data protection.
Personnel who may handle personal information include:
(a) Employees performing direct or indirect marketing-related tasks
(b) The Chief Privacy Officer and designated data protection staff
(c) Other individuals who must access personal information for business purposes
New employees are required to sign a confidentiality agreement to prevent any potential leaks of information, including personal data. Internal procedures are in place to remind employees of their data protection responsibilities and monitor compliance. Transfers of responsibility involving personal information are conducted securely, and clear accountability is established for both onboarding and offboarding scenarios, including any incidents of data breaches.
When collecting or providing payment-related information (e.g., bank account or credit card details), the Company takes the necessary steps to verify the identity of the customer to prevent misuse.
The Company is not responsible for incidents arising from the customer’s personal negligence or the inherent risks of using the internet. Customers are responsible for securely managing their own ID and password to help protect their personal information.
This Privacy Policy shall take effect as of March 14, 2025. If there are any additions, deletions, or modifications due to changes in legislation, government policies, or security technologies, such changes will be announced at least seven (7) days prior to their application via the Company’s official notice board.
The Company designates a Personal Information Protection Officer to safeguard customer data and address any complaints related to personal information. If you have any inquiries regarding your personal information, please contact the officer listed below:
Name: Sangwon Shim
You may report any privacy-related concerns that arise during your use of the Company's services to the Personal Information Protection Officer. The Company will respond promptly and adequately to any such reports.
If you need further assistance regarding the infringement of personal information, please contact one of the following institutions:
Supreme Prosecutors’ Office Cyber Crime Investigation Department: Phone: 1301 (no area code)
Effective Date: These Terms shall come into effect on March 28, 2025, and replace the previous Terms that had been in effect since March 14, 2025.
Email:
Personal Information Infringement Report Center: / Phone: 118 (no area code)
Cyber Bureau of the National Police Agency: / Phone: 182 (no area code)