UWONIT GLOBAL
Legal · Privacy

Privacy Policy.

Effective May 19, 2026 · Applies to uwonitkorea.com and all UWONIT GLOBAL services.

Plain-English summary
  • · We collect what you give us to broker an introduction — your business email, company, country, and the match details.
  • · We do not sell your data, run advertising profiles, or train AI models on it.
  • · Match details are visible to UWONIT GLOBAL staff and the matched manufacturer (only after they accept).
  • · Tokens for our internal Gmail tooling stay on our authorized operator's machine — never on a server, never shared.
  • · You can ask us to access, correct, or delete your data anytime: uwonit2026@gmail.com.

1. Who we are

UWONIT GLOBAL ("we", "us") is a Seoul-based B2B introduction service connecting overseas buyers to verified Korean manufacturers. We are the data controller for personal data processed via uwonitkorea.com and our operator tooling.

Contact: uwonit2026@gmail.com. Korean business registration is in progress; this notice will be updated to include the registered company name, address, and BRN once issued.

2. Data we collect

We collect only what is necessary to provide our service:

Buyer (overseas businesses)
  • Business email, name, company name, country
  • Match details: product of interest, quantity, target price, message
  • Account uid (if you sign in with Google or email)
Manufacturer (Korean suppliers)
  • Korean Business Registration Number (BRN), company name, contact person
  • Email, phone, factory address
  • Banking information (for settlement of matching fee — visible only to authorized UWONIT operators)
  • Product catalog data (public listing fields)
Technical
  • Firebase Authentication session token (essential cookie)
  • Approximate country derived from request region (used to localize UI; not stored)
  • Server logs (IP, user-agent, timestamp) — retained 30 days for security only
Operator-only (not collected from you)
  • Google OAuth tokens for our internal Gmail desktop tool, stored exclusively in the operator's macOS Keychain. Never transmitted to our servers; never accessible to other users.

3. Why we use it (legal basis)

  • Performing the introduction — process buyer requests, propose matches, route warm-intro emails. Legal basis: legitimate interest (GDPR Art. 6(1)(f)) for buyers; contract performance (Art. 6(1)(b)) for registered manufacturers.
  • Compliance & record-keeping — Korean accounting law requires retention of fee-settlement records (7 years). Legal basis: legal obligation (Art. 6(1)(c)).
  • Fraud prevention & security — server logs, abuse detection. Legal basis: legitimate interest.
  • Product updates & transactional notices — only emails directly related to your match (no marketing). Marketing communications, if any, are strictly opt-in.

4. Who we share with

We do not sell personal data. We share strictly with:

  • Matched manufacturer — your match details are shared with the manufacturer you ask us to introduce you to, but only after the manufacturer accepts the introduction and consents to disclosure (NCNDA-style).
  • Sub-processors:
    • Google Cloud Platform (Firebase Authentication, Firestore, Cloud Functions, Cloud Storage) — region: asia-northeast3 (Seoul)
    • Google Workspace (Gmail) — used by our operator to send and receive match-related correspondence
    • Cloudflare — DNS and DDoS protection for uwonitkorea.com
  • Authorities — when required by law (Korean court order, regulatory request).

We never share with advertising networks, data brokers, or AI training datasets.

5. International transfers

Personal data is stored in Firebase region asia-northeast3 (Seoul). Google processes our data globally under their Standard Contractual Clauses; we rely on Google Cloud's GDPR Data Processing Amendment and SCCs as the lawful transfer mechanism.

For EU/EEA/UK users, you can request a copy of the relevant transfer mechanism by contacting us.

6. How long we keep it

  • Match requests (unmatched): 12 months from last activity, then deleted
  • Match requests (matched, deal closed): 5 years (commercial record)
  • Settlement and fee records: 7 years (Korean accounting law)
  • Server logs: 30 days
  • Account data: until you delete your account or 24 months of inactivity, whichever is sooner

7. Your rights

Under GDPR (EU/EEA/UK), Korean PIPA, and similar laws (CCPA, PIPEDA, LGPD), you have the right to:

  • Access — request a copy of the data we hold about you
  • Rectification — correct inaccurate data
  • Erasure — ask us to delete your data ("right to be forgotten")
  • Restriction — pause processing pending resolution
  • Portability — receive your data in a machine-readable format
  • Objection — object to processing based on legitimate interest
  • Withdraw consent — where consent is the basis
  • Lodge a complaint with your local supervisory authority (e.g., your national DPA in the EU, the PIPC in Korea)

To exercise any of these, email uwonit2026@gmail.com with the subject "Data Subject Request". We respond within 30 days (GDPR) / 15 days (PIPA), free of charge for reasonable requests.

8. Cookies and similar technologies

We use only essential cookies needed for the site to function:

  • Firebase Authentication session token — keeps you signed in
  • Theme preference (light/dark) — stored in localStorage on your device

We do not use third-party advertising cookies, behavioral tracking, fingerprinting, or analytics that profile individual users. If we add product analytics in the future, this section will be updated and you will be asked for explicit consent before any non-essential cookies are set.

9. Children

UWONIT GLOBAL is a B2B service for businesses and individuals aged 18 or older. We do not knowingly collect personal data from children under 18. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. Google API Services User Data Policy

UWONIT GLOBAL's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Our internal operator desktop tool requests the following Gmail scopes, used only by the authorized operator account (uwonit2026@gmail.com):

  • gmail.readonly — read replies sent to the operator's inbox in response to match introductions.
  • gmail.compose — create draft emails with pre-filled match content so the operator can review and click send. No automatic sending; nothing is sent without explicit user click.

Data received from Google APIs is used solely to facilitate operator-to-counterparty correspondence about active matches. We do not:

  • Transfer Gmail data to any other party
  • Use Gmail data for serving ads or for any purpose other than the operator's match correspondence
  • Use Gmail data to train any AI or machine-learning model
  • Allow humans other than the authorized operator to read Gmail data, except for security investigations or as required by law

OAuth tokens are stored exclusively in the operator's macOS Keychain on a single authorized machine. Tokens are never transmitted to or stored on any UWONIT server.

11. How we protect your data

  • TLS 1.2+ for all data in transit (HSTS preload)
  • Encryption at rest via Google Cloud Platform
  • Firestore security rules enforce row-level access — buyers cannot read other buyers' matches; manufacturers see only their own listings; banking and settlement records are operator-only
  • OAuth tokens stored in macOS Keychain (never on disk in plaintext, never in our database)
  • PKCE flow for our desktop OAuth — no client secret embedded in distributed binaries
  • Content Security Policy + strict frame-ancestors on all production hosts
  • Strict separation between staging and production environments

No system is perfectly secure. If we become aware of a breach affecting your data, we will notify affected users without undue delay (within 72 hours where required by GDPR Art. 33).

12. Updates to this policy

We may update this policy as our service evolves or as laws change. The "Effective" date at the top reflects the most recent update. For material changes — new data categories, new sub-processors, expanded sharing — we will notify registered users by email at least 14 days in advance, and display an in-app banner.

13. Contact

Questions, requests, or complaints:

  • Email: uwonit2026@gmail.com
  • Postal address: UWONIT GLOBAL, Seoul, South Korea (full registered address available on request)

See also: Terms of Service · Disclaimer