BackendX Privacy Policy

Effective Date: December 1st, 2025

BackendX Inc. (“Company”) complies with the Personal Information Protection Act of the Republic of Korea (“PIPA”) and other applicable laws. This Privacy Policy describes how the Company collects, uses, and protects personal information of users of the BackendX Service (“Service”).

This Policy applies to users located both inside and outside the Republic of Korea.

1. Personal Information Collected

The Company may collect and process the following personal information.

A. Information Provided by Users

• Email address
• Account identification information
• User-submitted requirements, configuration data, and text inputs
• GitHub account information (for repository integration or delivery)

B. Information Collected Automatically

• IP address, access time, browser type, and device information
• Service usage records, task request history, and Task Request Right usage
• Error logs, system logs, and traffic-related metadata

2. Purpose of Processing

Personal information is processed for the following purposes:

1. Providing and operating the BackendX Service
2. Account management and user identification
3. Management of Task Request Rights and payment processing
4. Providing AI-powered service features
5. Service quality improvement and error analysis
6. Prevention of illegal use, abuse, and violations of the Terms
7. Compliance with legal obligations and dispute resolution

3. Automated Analysis and Use of AI Tools

1. To prevent illegal activities, abuse, and violations of the Terms, the Company may analyze user-submitted requirements and configurations using automated methods.
2. For this purpose, the Company may use third-party AI tools solely as auxiliary means to assess potential illegality.
3. Only the minimum information necessary for analysis is used, and such information is not used to train external AI models.
4. Automated analysis results are used as supporting indicators only and do not constitute final legal determinations.

4. Retention Period

1. Personal information is retained only for as long as necessary to fulfill the purposes described in this Policy.
2. Upon account deletion, personal information is deleted without delay, unless retention is required by applicable laws.
3. Logs and usage records may be retained for security, audit, and dispute resolution purposes.

5. Disclosure to Third Parties

The Company does not disclose personal information to third parties, except where required by law or with the User’s prior consent.

6. Outsourcing of Processing

1. The Company may outsource certain processing activities, including:
   • Cloud infrastructure operation
   • Log collection and analysis
   • Automated analysis using third-party AI tools
2. When outsourcing, the Company ensures appropriate safeguards in accordance with PIPA Article 26.

7. Cross-Border Transfer

1. Personal information may be transferred and processed outside the Republic of Korea where cloud services or third-party AI tools are used.
2. In such cases, the Company provides notice of the transferred data, purpose, destination, and retention period in accordance with applicable laws.

8. User Rights

Users have the right to:

• Access personal information
• Request correction or deletion
• Request restriction of processing
• Request account deletion

Requests may be submitted through the contact information below, and the Company will respond within the legally required timeframe.

9. Security Measures

The Company implements technical and organizational measures to protect personal information, including:

• Access control and authentication
• Encryption of personal data
• Logging and monitoring of access
• Incident response procedures

10. Contact

For privacy-related inquiries, please contact:

Email: team@email.backendx.ai

11. Changes to This Policy

This Privacy Policy may be amended due to changes in laws or service operations. Any changes will be announced through the Service or by other reasonable means.