Privacy Policy
Last Updated: 12 September, 2025
Controller Information
Address: 28 Gordonos street, 3070 Limassol, Cyprus
Email: privacy@theglobalfounder.com
Data Protection Officer: [DPO CONTACT IF APPOINTED]
For Korean Users:
Domestic Representative: [IF APPLICABLE]
Korea Contact: [KOREA-SPECIFIC CONTACT]
Information We Collect
Personal Data Categories:
Content Interactions: Comments, submissions, reading preferences
Technical Data: IP address, browser type, device information
Analytics Data: Page views, session duration, referral sources
Communication Data: Newsletter subscriptions, support inquiries
Marketing Data: Preferences, opt-in consents
Sources of Data:
- Directly from you (registration, forms, communications)
- Automatically through site technologies (cookies, analytics)
- From third-party integrations (social media, payment processors)
Purposes and Legal Bases
We process your data for:
| Purpose | Legal Basis (EU) | Legal Basis (Korea) |
|---|---|---|
| Service delivery and account management | Contract performance | Contract performance |
| Customer support | Contract performance | Contract performance |
| Newsletter and communications | Consent | Consent |
| Website analytics and improvement | Legitimate interests | Legitimate interests/Consent |
| Marketing (where consented) | Consent | Consent |
| Legal compliance | Legal obligation | Legal obligation |
| Security and fraud prevention | Legitimate interests | Legitimate interests |
Our Legitimate Interests: Improving user experience, ensuring security, analyzing site performance, and developing new features.
Cookies and Tracking Technologies
EU Users:
- Strictly Necessary Cookies: Always active for basic site functionality
- Analytics Cookies: Require consent; help improve site performance
- Marketing Cookies: Require consent; enable targeted advertising
- Preference Cookies: Remember your choices and settings
You can manage cookie preferences through our cookie banner and settings panel. Consent can be withdrawn at any time.
Korean Users:
Cookies that can identify individuals are treated as personal information. We provide clear disclosure and obtain consent where required for behavioral tracking.
Data Recipients
We may share your data with:
Service Providers:
Email services: [EMAIL SERVICE PROVIDER]
Analytics: [ANALYTICS PROVIDERS]
Payment processing: N/A
Customer support: [SUPPORT TOOL PROVIDERS]
Legal Requirements:
- Government authorities when legally required
- Professional advisors under confidentiality
- Business successors in merger/acquisition scenarios
All processors are bound by data processing agreements ensuring appropriate protection.
International Data Transfers
EU Users:
Data may be transferred outside the EEA to:
- South Korea
- Safeguards: EU Standard Contractual Clauses
- Copies of safeguards available upon request
Korean Users:
Cross-border transfers include:
- Recipients: [SPECIFIC RECIPIENTS]
- Countries: [DESTINATION COUNTRIES]
- Transfer Method: [LEGAL BASIS/MECHANISM]
- Purpose: [SPECIFIC PURPOSES]
- Retention: [RETENTION PERIODS]
- Legal Basis: Consent/Legal grounds per PIPA
Data Retention
We retain personal data only as long as necessary:
- Account data: Until account deletion plus legal requirements
- Analytics data: 26 months maximum
- Marketing data: Until consent withdrawn
- Legal compliance: As required by applicable law
Retention criteria based on purpose necessity and legal obligations.
Children's Privacy
EU Users:
- Parental consent required for users under 16 (or lower age set by Member State)
- Age verification procedures implemented
- Special protections for children's data
Korean Users:
- Parental consent required for users under 14
- Enhanced security measures for children's data
- Clear notification to parents of data processing
Your Rights
EU Users (GDPR Rights):
- Access: Request copies of your personal data
- Rectification: Correct inaccurate information
- Erasure: Request deletion ("right to be forgotten")
- Restriction: Limit processing in certain circumstances
- Portability: Receive data in machine-readable format
- Object: Object to processing based on legitimate interests
- Withdraw consent: For consent-based processing
- Complain: Lodge complaints with supervisory authorities
Response Time: Within one month
Supervisory Authority: [RELEVANT EU DPA]
Korean Users (PIPA Rights):
- Access: Request details of personal information processing
- Correction/Deletion: Request correction or deletion of data
- Processing Suspension: Request temporary suspension
- Complaint Rights: File complaints with PIPC
Korea Contact: [DOMESTIC REPRESENTATIVE IF APPLICABLE]
PIPC Complaint: privacy.go.kr or 1377 hotline
Data Security
We implement appropriate technical and organizational measures:
- Encryption of data in transit and at rest
- Access controls and authentication
- Regular security assessments
- Staff training on data protection
- Incident response procedures
Breach Notification
We will notify relevant authorities within 72 hours of discovering a breach and inform affected individuals without undue delay where high risk is involved, as required by GDPR and PIPA.
Contact and Complaints
DPO Contact: [IF APPOINTED]
EU Complaints: [RELEVANT SUPERVISORY AUTHORITY]
Korea Complaints: Personal Information Protection Commission (PIPC)
Changes to Privacy Notice
We may update this notice to reflect changes in law or practice. Material changes will be communicated prominently with appropriate notice periods. The effective date is shown at the top of this notice.
Additional Korea-Specific Provisions
Processing Policy Items (PIPA Article 30):
- Items processed: As detailed in Section 2
- Purpose: As detailed in Section 3
- Retention period: As detailed in Section 7
- Third-party provision: As detailed in Section 5
- Processing outsourcing: Service providers listed in Section 5
- Protection measures: As detailed in Section 10
Cross-border Processing:
Overseas processing/transfer details provided in Section 6 include recipient identity, destination country, transfer timing/method, purpose, and retention period as required by PIPA.
