1. Introduction
Diffsome Inc. ("we", "us", or "our") operates the Diffsome platform at diffsome.com ("Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
By using the Service, you consent to the data practices described in this policy.
2. Information We Collect
2.1 Information You Provide
- Account Information: Name, email address, password, and organization details when you register
- Payment Information: Billing address and payment details processed through our payment providers (Toss Payments, Stripe)
- Content: Text, images, files, and other materials you upload or create through the Service
- Communications: Messages sent through live chat, support requests, and feedback
- Form Submissions: Data submitted through forms you or your end users fill out
2.2 Information Collected Automatically
- Usage Data: Pages visited, features used, timestamps, and interaction patterns
- Device Information: Browser type, operating system, device type, and screen resolution
- Log Data: IP address, access times, referring URLs, and error logs
- Cookies: Session cookies, authentication tokens, and preference cookies
2.3 Information from Third Parties
- Social Login: Profile information from Google, Kakao, Naver, Instagram, or Facebook when you use social authentication
- Payment Processors: Transaction status and payment confirmations from Toss Payments and Stripe
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Service
- Process transactions and send related notifications
- Create and manage your account and tenant environment
- Send administrative information, updates, and security alerts
- Respond to your comments, questions, and support requests
- Monitor and analyze usage trends to improve user experience
- Detect, prevent, and address technical issues and security threats
- Power AI features including content generation and recommendations
- Comply with legal obligations
4. Data Isolation (Multi-Tenancy)
Diffsome operates on a multi-tenant architecture. Each tenant's data is logically isolated:
- Your tenant data is accessible only within your tenant environment
- Other tenants cannot access your data
- File storage is isolated per tenant
- We maintain strict access controls to prevent cross-tenant data access
5. AI and Data Processing
Our Service uses artificial intelligence (powered by third-party AI providers) to provide features such as content generation and smart recommendations. When using AI features:
- Content you submit to AI features may be processed by third-party AI providers
- We do not use your content to train AI models
- AI-processed data is subject to the same security measures as other data
6. Information Sharing and Disclosure
We do not sell your personal information. We may share your information in the following circumstances:
- Service Providers: With third-party vendors who assist in operating our Service (payment processing, email delivery, cloud hosting, analytics)
- Legal Requirements: When required by law, regulation, legal process, or governmental request
- Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets
- Protection: To protect the rights, property, or safety of Diffsome, our users, or the public
- With Your Consent: When you have given explicit consent to share your information
7. Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Maintain your session and authentication state
- Remember your preferences and settings
- Analyze Service usage and performance
You can control cookie settings through your browser preferences. Disabling cookies may affect the functionality of the Service.
8. Data Security
We implement appropriate technical and organizational security measures to protect your data, including:
- Encryption of data in transit (TLS/SSL)
- Secure authentication with hashed passwords
- Regular security assessments and monitoring
- Access controls and audit logging
However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
9. Data Retention
We retain your information for as long as your account is active or as needed to provide the Service. After account termination, we may retain certain data for a reasonable period to:
- Comply with legal obligations
- Resolve disputes
- Enforce our agreements
- Maintain backups for disaster recovery
10. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data
- Portability: Request a copy of your data in a portable format
- Objection: Object to certain processing of your data
- Withdrawal of Consent: Withdraw consent where processing is based on consent
To exercise these rights, contact us at [email protected].
11. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.
12. Children's Privacy
The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.
14. Contact Us
If you have any questions about this Privacy Policy, please contact us at:
Diffsome Inc.
Email: [email protected]
Website: diffsome.com
