Privacy Policy

1. General Statement

Jungji is required to process certain data about you in order to operate and provide services to you – the User (“User”). By commencing use of [Jungji], you acknowledge and confirm that (i) you consent to [Jungji], its partners, agents, and any relevant third parties processing your personal data and other non-personal data in any manner whatsoever, and (ii) you are aware of and agree to this Privacy Policy.

If you wish to obtain information regarding your Personal Data, its purposes of use, and the parties to whom it has been transferred, please contact the Data Controller.

The Data Controller and Data Manager is Jungji Smart Teknology, PT (and in other instances, as disclosed by Jungji from time to time).

Contact email address of the Data Controller: support@jungji.net

2. Types of Data Collected and Purposes of Data Processing

You hereby consent and authorize Jungji, in its capacity as the Data Controller, to process your personal information that Jungji may collect from you directly or through the Jungji Website and/or the Jungji Mini application (collectively referred to as “Personal Data” or “Data”) for the purposes of providing Services to you, enhancing the quality of the Services, conducting marketing activities and/or customer service operations, carrying out internal analyses, other legitimate purposes, or as otherwise agreed with you from time to time (the “Purposes”).

In cases where the User is an employee of a partner that has entered into an agreement with Jungji, the User agrees that personal information related thereto, including but not limited to medical records, personality profiles, battery levels, burnout score, and other related data, may be collected, stored, processed, and transferred to the User’s employer for the purposes of management, support, and implementation of the services provided by Jungji. Such processing and disclosure of information shall comply with all applicable laws and regulations regarding data privacy and protection.

Personal Data may be voluntarily provided by the User, or, in the case of Usage Data, may be collected automatically while using the application.

We do not intend to process any of your sensitive Personal Data for any specific purpose, including but not limited to the information contained in your medical records, personality profiles, battery levels, burnout score, or other related data. You fully acknowledge and assume complete responsibility for providing, uploading, or otherwise taking any action that results in Jungji processing your sensitive Personal Data. In such cases, to the extent permitted by applicable law, you agree that Jungji shall be released from any and all liability arising from such sensitive Personal Data.

The Data Controller does not provide a predetermined list of types of Personal Data collected. Detailed information on each category of Personal Data collected is provided in the relevant sections of this Privacy Policy or through specific explanatory texts displayed prior to the collection of Data, or in such other form as may be mutually agreed upon from time to time.

Unless otherwise specified, all Data requested by the Application is mandatory. Failure to provide such Data may result in the Application being unable to provide its services. In cases where the Application expressly states that certain Data is optional, the User is free not to provide such Data without any consequences to the availability or operation of the Service.

If Users are uncertain as to which Personal Data is mandatory, they are encouraged to contact the Data Controller.

The Application or any third-party services utilized by the Application may use Cookies (or other tracking tools) solely for the purpose of providing the Service requested by the User, as well as for any other purposes described in this document and, where applicable, in the Cookie Policy.

Users are responsible for any third-party Personal Data obtained, published, or shared through this Application and confirm that they have the consent of the third party to provide such Data to the Data Controller.

3. Personal Data

Upon registration, the User is not required to provide their name, date of birth, or gender. The User shall be responsible for ensuring the accuracy of any such information provided and retains the right not to disclose their real name. The User’s Personal Data shall be processed in accordance with the laws of the User’s jurisdiction, including but not limited to: within the European Union, pursuant to the requirements of the GDPR; within the Russian Federation, pursuant to Federal Law No. 152-FZ “Personal Data”; and within Vietnam, pursuant to Decree No. 13/2022/ND-CP dated 17 April 2023.

4. Меthods & Location of Data Processing

4.1. Methods of Data Processing

The Data Controller implements appropriate security measures to prevent unauthorized access, disclosure, alteration, or destruction of Personal Data without authorization.  

Data processing is carried out using computers and/or IT-enabled tools, in accordance with organizational procedures and methods strictly related to the purposes indicated. In certain cases, Personal Data may be accessible to individuals or entities other than the Data Controller (such as administrative, sales, marketing, legal, or system administration departments) or to external third parties (such as third-party technical service providers, postal carriers, hosting providers, IT companies, or telecommunications providers) appointed, where necessary, as Data Processors by the Data Controller to perform functions related to Data Processing.  

4.2. Location of Data Processing and Cross-Border Data Transfers

Data is processed at the offices of the Data Controller and at any other locations where the parties involved in the processing are situated.  

Depending on the User’s location, the transfer of Data may involve transferring the User’s Data to a country other than their own. For more detailed information regarding the place of processing of such transferred Data, Users may refer to the relevant sections of this Privacy Policy.  

Users also have the right to be informed of the legal basis for the transfer of Data to a country outside the European Union, or to any international organization governed by public international law or established by two or more countries, such as the United Nations, as well as the security measures adopted by the Data Controller to safeguard their Data.  

In cases where cross-border Data transfers occur, Users may obtain additional information by reviewing the relevant sections of this document or by contacting the Data Controller at the contact details provided herein.  

With respect to Users identifiable as residents of the Russian Federation, their Data shall be stored within the territory of the Russian Federation. The use of such Data for the purpose of ensuring the operation and provision of services may be managed by the Data Controller in accordance with this Privacy Policy. By using the website, mobile application, or any other means for accessing the Services (as further described in the Terms of Service), the User waives any claims related to the location of the processing of Personal Data against Jungji Smart Teknology, PT, its agents, and its licensors.

5. Legal Basis for Processing

The Data Controller may process Personal Data relating to Users if one of the following conditions applies:  

 The User has given their consent for one or more specific purposes.  

Note: Under certain legislations, the Data Controller may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. However, this does not apply whenever the processing of Personal Data is subject to active, explicit consent as required by data protection laws in certain jurisdictions, including under European data protection law.

The provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof.  

Processing is necessary for compliance with a legal obligation to which the Data Controller is subject.  

Processing is related to a task carried out in the public interest or in the exercise of official authority vested in the Data Controller.  

Processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party.  

Any other circumstances as permitted under applicable law.  

In any case, the Data Controller will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

6. Data Retention Period

Personal Data shall be processed and stored for as long as required by the purpose for which it has been collected. Accordingly:

Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User shall be retained until such contract has been fully performed.

Personal Data collected for the purposes of the legitimate interests of the Data Controller shall be retained as long as necessary to fulfill such purposes. Users may obtain specific information regarding the legitimate interests pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.

The Data Controller may be permitted to retain Personal Data for a longer period whenever the User has given consent to such processing, provided that such consent is not withdrawn. Furthermore, the Data Controller may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted within a reasonable timeframe. Therefore, the rights to access, erasure, rectification, and data portability cannot be exercised after the expiration of the retention period.

7. Rights of Users

7.1. Users’ Rights Regarding Their Data

Users are entitled to exercise certain rights with respect to their Data processed by the Data Controller. In particular, Users have the right to:

Be informed.

Give consent.

Withdraw their consent at any time. Users have the right to withdraw their consent where they have previously consented to the processing of their Personal Data.

Object to the processing of their Personal Data. Users have the right to object to the processing of their Personal Data if such processing is carried out on a legal basis other than consent. Further details on this right are provided in the relevant section below.

Access their Data and request disclosure. Users have the right to know whether their Data is being processed by the Data Controller, to obtain information regarding certain aspects of the processing, to request a copy of the Data being processed, and to request that the Data Controller provide them with their Data (as collected by the Data Controller).

Verify and request rectification. Users have the right to verify the accuracy of their Data and request that it be updated or corrected.

Restrict the processing of their Data. In certain circumstances, Users have the right to restrict the processing of their Data. In such cases, the Data Controller will process the Data solely for storage purposes.

Request the deletion or removal of their Personal Data. In certain circumstances, Users have the right to request the Data Controller to erase their Personal Data.

Lodge complaints, denunciations, or initiate legal proceedings.

Seek compensation for damages.

Seek the right to self-protection.

7.2. Details Regarding the Right to Object to the Processing of Personal Data

Where Personal Data is processed for reasons of public interest, in the exercise of official authority vested in the Data Controller, or for the purposes of the legitimate interests pursued by the Data Controller, Users may object to such processing by providing grounds and evidence relating to their particular situation as the basis for the objection.

7.3. Procedure for Exercising the Rights Set Out Above

Any requests related to the exercise of Users’ rights may be submitted to the Data Controller using the contact details provided in this document. Such requests may be exercised free of charge and will be addressed by the Data Controller within the shortest possible timeframe and in any event no later than one month

8. Additional Information on the Collection and Processing of Data

8.1. Legal Proceedings

The User’s Personal Data may be used by the Data Controller for legal purposes in court or in the stages leading to possible legal action arising from improper use of the Mini Application or the related Services.

The User acknowledges that the Data Controller may be required to disclose Personal Data upon the request of governmental authorities and/or in order to protect the Data Controller against disputes, threats, or potential risks.

8.2. Additional Information Regarding Users’ Personal Data

In addition to the information contained in this Privacy Policy, the Mini Application may provide Users with additional contextual information concerning specific Services or the collection and processing of Personal Data upon request.

8.3. System Logs and Maintenance

For operation and maintenance purposes, and/or as required by law, this Jungji Mini Application and any third-party services may collect system logs (files that record interactions with the Application) and use other Personal Data (such as the IP address) for this purpose.

8.4. Information Not Contained in this Policy

More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time. Please refer to the contact details provided at the beginning of this document.

8.5. How “Do Not Track” Requests Are Handled

This Application does not support “Do Not Track” requests.

To determine whether any third-party services used by the Application honor “Do Not Track” requests, please refer to their respective privacy policies.

9. Changes to This Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time by providing notice to Users on this page and, where technically and legally feasible, within the Mini Application and/or by sending a notice to Users via any contact information available to the Data Controller.

Users are strongly encouraged to check this page frequently, referring to the date of the last modification listed at the bottom.

10. Processing and Transfer of Information

User accounts and other data shall not be transferred to any third party, except in those cases expressly provided for in this Policy, in the policies of individual Services, in other applicable regulations, and under relevant laws.

11. Information Protection Measures

Jungji implements the necessary technical, organizational, and legal measures to ensure the protection of User information against unauthorized or accidental access, destruction, alteration, blocking, copying, distribution, as well as against any other unlawful actions.

The technical security measures implemented by Jungji take into account the requirements of applicable law, the current level of technological development, the nature of the information being processed, and the risks associated with such processing.

The main categories of information are processed automatically without the need for intervention by the Company’s employees or partners. Where access is granted to employees or partners of the Company, such access is provided solely to the extent necessary for the performance of their work duties or contractual obligations with the Company, and such individuals must comply with confidentiality obligations when accessing the information.

To ensure confidentiality and data protection, all employees and partners are required to comply with internal rules and procedures governing information processing. These individuals must also adhere to all technical and organizational security measures required by applicable law and necessary to safeguard Users’ information.

12. Limitation of Liability of Jungji

Jungji shall not be held liable for the disclosure or distribution of User information by other Users of the Service or by other internet users in cases where such individuals have gained access to the information pursuant to the privacy settings chosen by the User within the relevant Service; or in cases where the User has violated the confidentiality of their username and/or password or other data required for authentication.

13. Appendix

Definitions and Legal References

Personal Data (or Data): Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of an individual.

Usage Data (network resources): Information collected automatically through the Application or by third-party services employed by the Application, which may include: the IP addresses or domain names of the computers used by Users, URI (Uniform Resource Identifier) addresses, the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s response (successful, error, etc.), the country of origin, the features of the browser and operating system used by the User, information about the time spent on each page of the Application (e.g., time spent on each screen), details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the User’s operating system and/or IT environment.

User: The individual using the Application, who, unless otherwise specified, coincides with the Data Subject.

Data Subject: The natural person to whom the Personal Data refers.

Data Processor (or Data Manager): The natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Data Controller.

Data Controller (or Owner): The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. Unless otherwise specified, the Data Controller is the Owner of this Application, namely the entity to which the Application belongs.

Application: The means by which the User’s Personal Data is collected and processed.

Service (or Services): The service(s) provided by this Application as described in the relevant terms (if available) and on this website/application.

European Union (or EU): Unless otherwise specified, all references in this document to the European Union include all current member states of the European Union and the European Economic Area.

Legal Information: This privacy statement has been prepared based on multiple pieces of legislation, including Articles 13 and 14 of Regulation (EU) 2016/679 (General Data Protection Regulation).

Unless otherwise specified, this document applies solely to this Application.

Last updated: September 6, 2025.