Who We Are and What This Covers

We're EnergInsightHub, a financial statement analysis platform based in Suwon-si, South Korea. Our domain is energiinsighthub.com, and we help businesses understand their financial data better. This policy explains how we handle your information when you use our services.

Look, privacy policies can be dense. We've tried to make this one readable because we actually care about how your data gets used. If something's unclear, reach out to us directly.

Information We Collect

When you work with us, we collect different types of information depending on how you're using our platform. Here's what that looks like in practice:

Account and Profile Data

When you create an account, we need basic stuff like your name, email address, company name, and a password. If you're setting up billing, we'll also need payment information and a business address. Pretty standard, but we only ask for what's actually necessary to run the service.

Financial Data You Upload

This is the core of what we do. You upload financial statements, balance sheets, income reports, and other documents for analysis. We process this data to give you insights, but we're not selling it or using it for anything beyond what you've asked us to do.

Usage Information

We track how you interact with our platform. Which features you use most, how long you spend in different sections, what kind of reports you generate. This helps us improve the service and fix things that aren't working well.

Technical Data

• IP addresses and browser types
• Device information and operating systems
• Cookie data and session logs
• Error reports and performance metrics

How We Use Your Information

We're not trying to be clever here. Your data serves specific purposes, and we don't stretch those boundaries.

We don't use your financial data for advertising, and we're not training AI models on your uploaded documents. That's your business information, not ours to repurpose.

Legal Basis for Processing (South Korea Context)

Under South Korea's Personal Information Protection Act (PIPA), we need a legal reason to process your data. Here's where we stand:

• Consent: You've agreed to use our service by creating an account
• Contract Performance: We need your data to deliver the financial analysis you're paying for
• Legal Obligation: Some data retention is required by Korean financial regulations
• Legitimate Interest: We process usage data to improve security and service quality

PIPA gives you specific rights about how your information gets handled, and we take those seriously. More on that below.

Who We Share Data With

We're selective about this. Your financial data doesn't get passed around freely.

Service Providers

We work with third-party companies that help us run the platform. Cloud hosting providers, payment processors, email delivery services. These companies only get access to the data they need to do their specific job, and they're contractually bound to protect it.

Legal Requirements

If Korean authorities issue a valid legal request for information, we have to comply. We'll notify you when possible, unless we're legally prohibited from doing so.

Business Transfers

If EnergInsightHub gets acquired or merges with another company, your data would transfer as part of that deal. You'd be notified in advance, and the new entity would have to honor this privacy policy.

Data Security Measures

Financial data is sensitive. We've built multiple layers of protection to keep it secure.

• All data transmission uses TLS encryption (the same technology banks use)
• Uploaded financial documents are encrypted at rest in our databases
• Access to production data is restricted to essential personnel only
• We run regular security audits and penetration testing
• Two-factor authentication is available for all accounts
• Automated monitoring detects unusual access patterns

That said, no system is completely bulletproof. We do everything reasonable to protect your data, but we can't guarantee absolute security. If there's ever a breach that affects your information, we'll notify you within 24 hours and explain what happened.

How Long We Keep Your Data

We keep different types of data for different periods, based on both practical needs and legal requirements.

Active Account Data

While your account is active, we retain all your uploaded financial documents and generated reports. You need this historical data accessible for trend analysis and comparison.

After Account Closure

When you close your account, we keep your data for 90 days in case you change your mind. After that, we delete your financial documents and personal information. Some metadata might stick around longer for legal compliance, but it won't identify you personally.

Legal Retention Requirements

Korean law requires us to retain certain transaction records for up to 5 years. This includes billing information and service usage logs. We don't keep this data longer than required.

Your Rights Under Korean Law

PIPA gives you significant control over your personal information. Here's what you can actually do:

Access Your Data

You can request a copy of all the personal information we have about you. We'll provide it in a readable format within 10 days. There's no charge for this unless you're making excessive requests.

Correct Inaccurate Information

Found a mistake in your profile or account data? You can update most things directly through your account settings. For anything else, contact our support team and we'll fix it quickly.

Delete Your Data

You can request full deletion of your account and associated data at any time. We'll process this within 30 days, keeping only what's legally required for financial record-keeping.

Withdraw Consent

If we're processing data based on your consent, you can withdraw that consent. This might limit which features you can use, but it's your choice.

Object to Processing

You can object to certain types of data processing, particularly for marketing purposes. We don't do much marketing anyway, but the right exists.

Data Portability

Want to move your financial analysis to another platform? We'll export your data in a standard format that other services can import.

International Data Transfers

Our primary servers are located in South Korea, but some of our service providers operate globally. This means your data might be processed in other countries.

When data leaves South Korea, we use standard contractual clauses and other legal mechanisms to ensure it receives equivalent protection. Countries with weaker privacy laws don't get free access to your information.

Cookies and Tracking

We use cookies to keep you logged in and remember your preferences. That's about it. We're not building detailed profiles of your browsing behavior across the internet.

Essential Cookies

These keep the platform working. Session cookies, authentication tokens, that kind of thing. You can't opt out of these without breaking the service.

Analytics Cookies

We use basic analytics to understand how people use the platform. This helps us identify confusing interfaces or broken features. You can disable these in your account settings.

Children's Privacy

Our service is designed for business use. We don't knowingly collect information from anyone under 14 years old. If we discover we've accidentally collected data from a child, we'll delete it immediately.

Changes to This Policy

We update this policy occasionally as our service evolves or regulations change. When we make significant changes, we'll email you at least 30 days in advance. Minor clarifications might happen without notice.

The date at the top of this page shows when it was last updated. We keep old versions archived if you want to compare what changed.

Filing Complaints

If you're unhappy with how we've handled your data, start by contacting us directly. We'll work to resolve the issue quickly.

If that doesn't solve the problem, you have the right to file a complaint with the Personal Information Protection Commission in South Korea. They're the regulatory body that oversees PIPA compliance.