Build it만들기 Pricing가격 Apply
Legal

Privacy Policy

How we collect, use, store, and share information when you use Pink Duck.

Effective date: May 10, 2026 · Last updated: May 10, 2026

1. Introduction

This Privacy Policy describes how Modooui Planet Co., Ltd., a corporation organized under the laws of the Republic of Korea (Business Registration No. 353-87-02766), operating the Pink Duck platform ("Pink Duck", "we", "us", or "our"), collects, uses, stores, discloses, and protects information when you create an account, connect third-party integrations, or otherwise use the Service.

Pink Duck lets a business owner ("Owner", "you") describe a business in natural language and have an AI-assisted system generate, deploy, and operate a working software application (an "Owner Site") on the Owner's behalf. Operating an Owner Site requires us to process data from third-party services that you authorize through OAuth or by supplying your own API credentials ("BYOK"). This policy explains, integration by integration, exactly what we receive and what we do with it.

Capitalized terms that are not defined here have the meaning given in our Terms of Service.

2. Information We Collect

2.1 Account information

When you create an Owner account, we collect your name, email address, login identifier, and authentication credentials (or, if you sign in with Google, Apple, Microsoft, or another identity provider, the profile and identifier they return to us). We collect any profile information you choose to add, such as company name and locale.

2.2 Payment information

Subscription payments are processed by Stripe. We do not store full card numbers or bank account details. We receive and store a Stripe customer identifier, your billing email, the last four digits and brand of your payment method, billing address, and a history of invoices and subscription status.

2.3 OAuth tokens and integration data

When you connect an Integration, we receive an access token and (where applicable) a refresh token from the third-party provider, along with the data described in Section 4 below. Tokens are encrypted at rest with AES-256-GCM using keys managed by Google Cloud KMS, are never exposed to client-side code, and are only used by the Service to perform operations you have authorized.

2.4 Owner content

Your Owner Site, including site copy, product data, customer records, designs, configurations, AI prompts, and any data you import, sync, or generate through the Service, is collected and stored to operate the Service for you.

2.5 Site visitor information

Owner Sites that you publish may collect information from your end users (your customers). Pink Duck processes that information solely as a service provider acting on your instructions, on your behalf. You are the data controller for site visitor data and are responsible for posting your own visitor-facing privacy notice on the Owner Site and obtaining any required consents. This Policy describes how Pink Duck handles your information as the Owner; it does not replace your visitor-facing privacy notice.

2.6 Usage and device information

We automatically collect IP address, approximate location derived from IP, browser type and version, operating system, referrer, pages viewed, actions taken, time stamps, and crash and performance data, in order to operate, secure, and improve the Service.

2.7 Communications

When you contact our support, sales, or security teams, we keep a record of the conversation, the contact details you provide, and any information you choose to include in your message.

3. Google API Services User Data Policy and Limited Use

Pink Duck's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, with respect to data accessed via Google APIs:

  • We use the data only to provide and improve user-facing features of the Service that are prominent in the Service's user interface and that you, the Owner, have authorized through OAuth.
  • We do not transfer the data to others except as necessary to provide or improve those user-facing features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to you.
  • We do not use the data for serving advertisements, including retargeting, personalized, or interest-based advertising.
  • We do not allow humans to read the data, except (a) with your affirmative consent for specific messages, (b) when necessary for security purposes such as investigating abuse, (c) to comply with applicable law, or (d) where the data has been aggregated and de-identified for the Service's internal operations.
  • We do not use Google user data to train, fine-tune, or otherwise develop generalized artificial-intelligence or machine-learning models.

4. Integration Data Disclosures

The following table describes, integration by integration, the OAuth scopes (or equivalent permissions) we request, the data we receive, and how we use it. We only request scopes that are necessary for features you, the Owner, have enabled.

4.1 Google Calendar

  • Scopes: https://www.googleapis.com/auth/calendar.readonly, https://www.googleapis.com/auth/calendar.events.
  • Data received: calendars and events on the connected Google account, including event titles, descriptions, attendees, start and end times, locations, and recurrence rules; push-notification channel identifiers used to receive change notifications.
  • How used: to display the Owner's bookings and availability on the Owner Site, to create or update events on the Owner's behalf in response to actions on the Owner Site, and to keep the Owner Site in sync with the Owner's calendar in real time.

4.2 Google Business Profile

  • Scopes: https://www.googleapis.com/auth/business.manage.
  • Data received: the Owner's verified business listings, including business name, address, hours, phone, photos, posts, and reviews.
  • How used: to display the Owner's listing information and reviews on the Owner Site, and to publish updates the Owner authorizes from the Owner's admin panel.

4.3 Google Drive (file-scoped)

  • Scopes: https://www.googleapis.com/auth/drive.file.
  • Data received: only files that the Service creates, opens, or that the Owner explicitly selects through the Google file picker. We do not receive access to any other files in the Owner's Drive.
  • How used: to store, retrieve, and update files that are part of the Owner Site, such as exported reports, asset libraries, or AI-generated documents.

4.4 Microsoft Graph (Microsoft 365)

  • Scopes: User.Read, offline_access, openid, email, profile, and, where you enable the corresponding feature, Calendars.ReadWrite, Mail.Read, Mail.Send, and Files.ReadWrite.
  • Data received: Microsoft account profile (object id, user principal name, display name, email, preferred language, account type), Outlook messages and metadata, Outlook calendar events, and OneDrive files, in each case limited to the scopes you grant.
  • How used: to authenticate the Owner; to read and send mail and calendar events from the Owner's mailbox in response to actions on the Owner Site; and to store and retrieve files used by the Owner Site.

4.5 Meta — Instagram (Instagram Login API)

  • Scopes: instagram_business_basic.
  • Data received: the Instagram Business or Creator profile connected by the Owner, including profile id, username, account type, media count, and media items (id, caption, media type, media URL, thumbnail URL, permalink, timestamp).
  • How used: to display the Owner's Instagram feed and individual posts on the Owner Site. Personal Instagram accounts are not supported by Meta and cannot be connected.

4.6 Meta — Facebook Page

  • Scopes: pages_show_list, pages_read_engagement.
  • Data received: the list of Pages on which the Owner is an administrator (id, name, category); for the Page the Owner selects, recent posts (id, message, created time, permalink, primary attachment image) and Page Insights metrics (impressions, engaged users, etc.) within the limits set by Meta.
  • How used: to display Page posts and engagement metrics on the Owner Site. Posting to Pages is not enabled in the current beta and would require additional scopes and a separate Meta App Review.

4.7 Notion

  • Permissions: read content, update content, and insert content, limited to the pages and databases the Owner selects when installing the Pink Duck integration in their Notion workspace.
  • Data received: page and database contents, blocks, comments, and metadata for the resources the Owner has shared with the integration.
  • How used: to read source content for the Owner Site (e.g., blog-style pages or product catalogs) and to write back updates that the Owner authorizes.

4.8 Stripe (BYOK)

  • Credential type: a restricted Stripe API key supplied by the Owner, stored encrypted at rest with AES-256-GCM using Google Cloud KMS.
  • Data received: Stripe events for the Owner's account (charges, payment intents, subscriptions, invoices, customer records) delivered via webhook, and on-demand reads required to display purchase history or run a checkout flow.
  • How used: to process payments, recognize successful charges, update Owner Site state in response to payment events, and surface customer and transaction information in the Owner's admin panel.

4.9 Dropbox Sign (BYOK)

  • Credential type: a Dropbox Sign API key supplied by the Owner, stored encrypted at rest with AES-256-GCM using Google Cloud KMS.
  • Data received: signature request events for the Owner's account (signature_request_sent, signature_request_signed, etc.) delivered via webhook, and metadata associated with each request, including signer email and document title. We do not store the signed document content; signed PDFs remain hosted by Dropbox Sign.
  • How used: to update Owner Site state when contracts are signed, to notify the Owner, and to surface signing status in the admin panel.

5. How We Use Information

  • To provide, secure, and operate the Service and the Owner Sites you build with it.
  • To authenticate Owners and authorize requests.
  • To process subscriptions, invoices, and other transactions.
  • To provide customer support and respond to your requests.
  • To detect, investigate, and prevent fraud, abuse, security incidents, and violations of our Terms of Service.
  • To improve the Service, including measuring feature usage, performance, and reliability, in a way that does not use Google user data or other Integration content for generalized model training.
  • To send Service-related communications, such as security alerts, billing notices, and material policy changes. You may opt out of marketing emails at any time.
  • To comply with applicable laws and lawful requests from public authorities.

6. AI and Model Training

We use third-party AI providers (such as Anthropic and OpenAI) to power the AI-assisted features of the Service. When you use those features, the necessary input (for example, your prompt and any context you choose to attach) is sent to the AI provider over an encrypted connection. We use enterprise / API tier offerings whose terms prohibit those providers from using your inputs and outputs to train their general-purpose foundation models. We do not use Owner Content, end-user data on Owner Sites, or data received from any Integration, including Google APIs, to train, fine-tune, or otherwise develop generalized AI or machine-learning models.

7. How We Share Information

We do not sell personal information, and we do not share it for cross-context behavioral advertising. We share information only as follows:

  • With service providers (subprocessors) that operate the Service under written contracts requiring confidentiality, security, and use limited to providing services to us. Current categories include cloud hosting and database (Google Cloud Platform, Firebase), payment processing (Stripe), email and transactional messaging providers, error and performance monitoring, and AI inference providers (Anthropic, OpenAI). A current list of subprocessors is available on request at info@eplanet.kr.
  • With third-party Integrations you connect, when you instruct the Service to send data to them.
  • For legal reasons, when we believe in good faith that disclosure is necessary to comply with applicable law, lawful requests from public authorities, or to protect the rights, property, or safety of Pink Duck, our users, or the public.
  • In a corporate transaction such as a merger, acquisition, financing, or sale of assets, with continued protection of the data and notice to you where required.
  • With your consent, for any other purpose disclosed at the time of collection.

8. Data Retention

  • Account information is retained for as long as the account is active and for up to 30 days after deletion to allow recovery, after which it is permanently deleted or irreversibly anonymized, unless a longer retention is required by law (for example, tax records, which are retained for the period required by Korean tax law).
  • OAuth access tokens are retained for the lifetime granted by the issuing provider (typically minutes to hours). Refresh tokens are retained for the lifetime granted by the provider, including approximately 60 days for Meta long-lived tokens and a 90-day sliding window for Microsoft refresh tokens, and are rotated automatically.
  • BYOK API keys are retained until you remove them from your admin panel or delete your account, after which they are deleted.
  • Webhook events and audit logs are retained for up to 90 days for operational troubleshooting and security investigation, after which they are deleted or aggregated.
  • When you disconnect an Integration, we delete data we retrieved from that Integration that is no longer needed to operate the Owner Site, except to the extent we are required to retain it by law.

9. Security

We implement administrative, technical, and physical safeguards designed to protect information from unauthorized access, disclosure, alteration, and destruction. These include encryption in transit (TLS 1.2 or higher), encryption at rest (AES-256-GCM for OAuth tokens and BYOK secrets, with keys managed by Google Cloud KMS), role-based access controls, audit logging, vulnerability management, and routine backups. No method of transmission or storage is 100% secure; if you become aware of a security issue, please report it to info@eplanet.kr.

If we become aware of a personal-data breach affecting your information, we will notify you and the relevant supervisory authority in accordance with applicable law, including, where applicable, the Republic of Korea's Personal Information Protection Act ("PIPA").

10. Your Rights

Depending on where you live, you may have the right to:

  • access the personal information we hold about you and obtain a copy in a portable format;
  • correct inaccurate or incomplete information;
  • delete personal information, subject to exceptions provided by law;
  • request that we suspend or restrict the processing of your information;
  • object to processing based on our legitimate interests;
  • withdraw consent where processing is based on consent (without affecting the lawfulness of processing carried out before withdrawal);
  • lodge a complaint with a supervisory authority — for residents of the Republic of Korea, the Personal Information Protection Commission (www.pipc.go.kr) and the KrCERT/CC (www.krcert.or.kr); for residents of the European Economic Area or the United Kingdom, your local data protection authority.

You can exercise most of these rights from your account settings. You can also email info@eplanet.kr; we will respond within the period required by applicable law (and in any event within 30 days for requests governed by PIPA, subject to permitted extensions). To protect your information, we may need to verify your identity before fulfilling a request.

11. International Data Transfers

We are based in the Republic of Korea, and our service providers operate in the Republic of Korea, the United States, and other countries. When personal information is transferred across borders, we use appropriate safeguards, such as Standard Contractual Clauses or equivalent mechanisms, and ensure that subprocessors are contractually bound to protect the information. By using the Service you understand that your information may be transferred to and processed in countries other than the one in which you reside.

12. Cookies and Similar Technologies

We use cookies and similar technologies to authenticate sessions, remember preferences, measure feature usage, and protect the Service from abuse. Strictly necessary cookies are always active. You can control non-essential cookies from your browser settings or, where required by law, from the cookie banner shown to you on first visit. Our analytics provider (Google Analytics) is configured with IP anonymization and does not receive Google API user data.

13. Children

The Service is not directed to children under the age of 14, and we do not knowingly collect personal information from them. If you become aware that a child has provided information to us, please contact info@eplanet.kr and we will delete it.

14. Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will notify you by email or through the Service at least 14 days before they take effect. The "Effective date" at the top of this Policy indicates when the current version became effective. Continued use of the Service after the effective date constitutes acceptance of the updated Policy.

15. Contact and Privacy Officer

Controller:
Modooui Planet Co., Ltd. (operating the "Pink Duck" platform)
5F, Building 2, Startup Campus, 20 Pangyo-ro 289beon-gil, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea
Business Registration No.: 353-87-02766
Representative: Yeongchan Kim

Personal Information Protection Officer (PIPA Article 31):
Yeongchan Kim, Chief Executive Officer
Email: info@eplanet.kr

For privacy questions, requests to exercise rights, complaints, or security reports, write to info@eplanet.kr.