Leftitem Delivery Co., Ltd. (LID) Privacy Policy

Effective date: January 1, 2026

Leftitem Delivery Co., Ltd. (the Company or LID) values customers' personal information and complies with applicable laws, including the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Personal Information Protection Act, and the EU General Data Protection Regulation (GDPR).

1. Categories of Personal Information Collected and Collection Methods

The Company collects only the minimum personal information necessary to provide services.

  • Required items: English full name, overseas shipping address (including country and postal code), email address, contact information, partner hotel name and room number during stay, payment information, messenger ID, etc. (for example, credit card information, virtual-asset wallet address)
  • AI and logistics-specific items: Photo images of luggage/lost items to be shipped (for AI volume measurement and pre-check of possible damage), detailed item information, and declared value
  • Automatically collected items: IP address, cookies, access logs, and device information

2. Purposes of Collection and Use

The Company uses collected information for the following purposes.

  • Service provision and contract performance: AI shipping-fee estimation, pickup booking, automatic invoice (customs declaration) preparation, payment charging, and real-time shipping-tracking email/SMS notifications
  • Cross-border commerce and marketing (with optional consent): analysis of shipped-item history (actual purchase data) to recommend K-culture products (cosmetics, fashion, etc.) likely preferred in the customer's home country after return, and to send related promotions and discounts
  • Customer support and dispute resolution: complaint handling during service use, lost-item condition verification, and compensation handling

3. Provision of Personal Information to Third Parties (Cross-Border Logistics Context)

To provide cross-border shipping services, LID necessarily provides customer personal information to domestic and overseas partners.

  • Recipients: 1) Partner entities (for example, hotel front desk - for pickup/verification)
  • Recipients: 2) Global express carriers (FedEx, DHL, postal services, etc. - for last-mile transport)
  • Recipients: 3) Korea Customs Service and destination-country customs authorities (for import/export declaration)
  • Shared information: English full name, shipping address, contact information, detailed item information, and declared value
  • Retention/use period by recipients: Until legal retention periods under applicable laws after service completion

4. Automated Decision-Making (AI Quotation System)

Based on luggage photos submitted by customers, the Company automatically calculates shipping fees using its AI vision algorithm and rate/policy engine. If a customer objects to automated decision-making (AI-determined fee calculation), the customer has the right to request human intervention and review through customer support at any time.

5. Retention Period and Destruction

The Company retains collected personal information until shipping-service completion, achievement of marketing-collection purposes, or account withdrawal. Once the purpose is achieved, or statutory retention periods under relevant laws (for example, e-commerce/tax laws) expire, data is destroyed without delay using secure and non-recoverable methods.

6. Protection of Minors' Personal Information

The Company does not intentionally collect or process personal information of children and minors under the age of 18 without explicit consent from a legal guardian. If use/payment by a minor is identified, the Company will cancel the relevant shipment request and immediately destroy collected information.

7. Data Subject Rights and How to Exercise (Including GDPR Standards)

All data subjects, including global customers, may exercise the following rights at any time.

  • Right to request access, rectification, deletion, and restriction/suspension of processing
  • Right to data portability
  • Right to withdraw consent for marketing-related personal-data processing (communications consent)

Requests may be sent by email to the Company's Data Protection Officer (DPO), and the Company will take action without delay.

8. Technical Safeguards for Security

To prevent leakage of sensitive data such as virtual-asset-linked payment records (for example, USDT) and overseas addresses, the Company applies up-to-date SSL encrypted communication. Databases are stored securely on global cloud security servers with strict access control.

9. Data Protection Officer (DPO) and Contact

The Company appoints the following DPO to oversee personal-data processing and handle related complaints/remedies.

  • Name: CTO Seogwon Ko
  • Email: contact@leftitem.com
  • Address: Room 3, 3F, 77 Cheongpa-ro, Yongsan-gu, Seoul, Republic of Korea

This policy takes effect on January 1, 2026.