Realbyte Inc. (hereinafter referred to as “Company”) establishes and presents the privacy policy as follows, in order to protect the personal information of data subjects who use “Money Manager” (both the application and PC version, collectively, “Application”), and resolve any relevant complaint.


1. Purpose of Processing Personal Information


Company collects and uses personal information for the following purposes.

(1) Membership registration and management: confirmation of membership intent, identification/authentication, maintenance and management of membership, prevention of illegal use of services, sending various notices, etc.

(2) Provision of goods or services: provision of service, delivery of contract/invoice, provision of basic service and customized service, verification of identity, age verification, bill payment and settlement, debt collection, etc.

(3) Managing consumer complaints: identification of the data subject, confirmation of complaints, contact/notification for fact-finding, and notification of processing results

(4) Marketing and Advertising: provision of customized advertisements, opportunities to participate in events, statistics on the use of services by data subjects, etc.

(5) Improvement of existing services and development of new and customized services

(6) Processing of pseudonymized information for statistical preparation, scientific research, and preservation of records in the public interest.


2. Items of Personal Information Processed


Company collects and processes the following personal information of users of Application.

(1) Information collected through membership registration (obligatory): email, password, nickname

(2) Information obtained from third party companies through each membership registration method:

Registration Method Obtained Information
Obligatory Optional
Registration through Kakaotalk Email, name Age, gender
Registration through Google ID Email, name, profile image, locale (geography and language)
Registration through Apple ID Email

(3) Information collected when using paid service
  • - When paying by credit card: payment information such as the name of the card company and card number
  • - In case of bank transfer: payment information such as the name of the account holder, account number, and bank holding the account
  • - When paying by mobile phone number: payment information such as phone number and telecommunication company

(4) Information automatically collected through user’s input, user’s receiving of text messages or Application notices, or user’s reconnection to Application

OS Applied to Mobile Phone Collected Information
Android SMS/app notification and its contents (payment method, payment time, payment destination, withdrawal bank, amount, balance after payment, etc.) of the financial company (bank, credit card company, securities company, payment agency, etc.)
iOS Text messages and its contents (same as above) of the financial company (same as above)

(5) When using the service, the following personal information items are automatically created and collected: cookies, service use records (visit records, bad use records), device information (mobile phone model name, OS name, and version information), advertisement identifiers, etc.

(6) For managing consumer complaints: collects and processes necessary information among the above from the user

3. Period of Retention and Use for Personal Information


(1) Company retains and uses the user's personal information while the user uses services as a member, and when either the user requests withdrawal from membership or Company achieves the purpose of collection and use of personal information, the Company will immediately destroy the relevant personal information. However, if the Company terminates the service use contract according to the Terms of Use, the relevant personal information will be preserved for one year to prevent unauthorized re-registration and use of service, and the information is deleted immediately after the end of the relevant period.

(2) Notwithstanding the foregoing, the following information is retained for the period specified for the following reasons.
- Personal information related to use of service (log records): 3 months (Communications Secret Protection Act)
- Records on withdrawal of contract or subscription, etc., and records on payment and supply of goods: 5 years (Consumer Protection Act in Electronic Commerce, Etc.)
- Records on handling consumer complaints or disputes: 3 years (Consumer Protection Act in Electronic Commerce, Etc.)


4. Provision of Personal Information to Third Parties


(1) The company may provide personal information to third parties only with the consent of the data subject or when there are special provisions in the Personal Information Protection Act or other laws.

(2) The Company may provide pseudonymized information to a third party, and in that case, the Company shall comply with Personal Information Protection Act.


5. Processing Personal Information Subsequent to Outsourcing of Work and Overseas Transfer


(1) The Company entrusts the following personal information processing tasks for smooth personal information processing.

Trust Companies Outsourced Work
Google Inc. (Google Cloud Platform) Storage of data, provision of cloud service

(2) The Company entrusts the following personal information processing tasks to consignees who use servers located overseas, for smooth personal information processing.

ⅰ. Twilio Inc.
  • - Personal information transferred: e-mail address
  • - Country: United States of America
  • - Date and method of transfer: transfer through the network when using the service
  • - Consignee’s purpose of use: sending out e-mails
  • - Period of retention and use: until either the purpose of use for each personal information is achieved, or the user requests withdrawal from membership

ⅱ. Zendesk, Inc.
  • - Personal information transferred: e-mail and contents of inquiries
  • - Country: Japan, the United States of America
  • - Date and method of transfer: transfer through the network when writing a service inquiry or a review
  • - Consignee’s purpose of use: providing user consultation support services such as sending/posting answers to inquiries via email/comments to reviews/Facebook messenger
  • - Period of retention and use: until either the purpose of use for each personal information is achieved, or the user requests withdrawal from membership

ⅲ. Google Inc. (Google Firebase, Google Analytics)
  • - Personal information transferred: app store/version used, country of residence, language setting, device model information, time of accessing the service/history of use, etc.
  • - Country: United States of America
  • - Date and method of transfer: transfer through the network when using the service
  • - Consignee’s purpose of use: collection and analysis of usage history of Application and crash
  • - Period of retention and use: fourteen (14) months from collection

6. Use and Provision of Personal Information within the Scope Reasonably Related to the Purpose of Collection


The Company may use or provide personal information to a third party without the consent of the data subject, considering each of the following criteria within a reasonable scope and the original purpose of collection.

(1) Whether or not it is related to the original purpose of collection: Judgment based on whether the original purpose of collection and the purpose of additional use and provision are related in terms of their nature or tendency;

(2) Whether or not the further use or provision of personal information is predictable considering the circumstances in which the personal information was collected or the processing practices: Judgment based on the relationship between the personal information controller and the data subject, the level of technology, and the rate of development, and general circumstances (practice) established over a substantial amount of time;

(3) Whether the interests of the data subject are unreasonably infringed: Judgment based on whether the interests of the data subject are substantially infringed in relation to the additional purpose of use and whether the infringement of the interests is unreasonable; and

(4) Whether measures necessary to secure safety, such as pseudonymization or encryption, have been taken: Judgment by considering whether safety measures are taken in consideration of the possibility of infringement.


7. User’s Rights and Methods for Exercising the Rights


(1) The user can exercise the right to read, correct, delete and suspend processing his or her personal information against the Company at any time.

(2) The exercise of the rights pursuant to Paragraph 1 can be made to the Company in writing, by phone, or by e-mail, and the Company will take action without delay.

(3) The exercise of rights pursuant to Paragraph 1 may be done through an agent such as a legal representative of the data subject or a person who has been delegated. In this case, a power of attorney must be submitted to the Company.

(4) In accordance with relevant laws such as Article 35(4), Article 36(1), and Article 37(2) of the Personal Information Protection Act, the exercise of the user's right to access, correct, delete, or suspend the processing of personal information may be restricted.

(5) Request for correction and deletion of personal information cannot be requested if the information is required to be collected according to other laws.

(6) The Company confirms whether the person who made the request, such as a request for reading, correction, or deletion, or request for suspension of processing, holds such right or is a legitimate agent.


8. Destruction Procedures and Methods for Personal Information


(1) The Company destroys the personal information without delay when the personal information becomes unnecessary, such as in the cases of the expiration of the personal information retention period, or achievement of the purpose of processing.

(2) If personal information needs to be preserved in accordance with the laws and regulations even when the personal information retention period agreed by the user has elapsed or the purpose of processing has been achieved, the personal information will be moved to a different place or stored in a separate database (DB).

(3) The destruction procedures and methods are as follows:


9. Technical and Administrative Measures to Ensure Safety of Personal Information


For users’ personal information, Company is taking the following technical/administrative measures to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged.

(1) Administrative measures: establishment and implementation of internal management plans for personal information, regular employee training, etc.

(2) Technical measures: password encryption, security program installation, etc.


10. Installation, Operation, and Rejection of Automatic Personal Information Collection Devices


The Company uses 'cookies' to store and frequently retrieve usage information to provide users with individually customized services. Cookies are a small amount of information sent to the user's PC browser by the server (HTTP), which are used to operate the website, etc., and are also stored in the user's hard disk in the computer.

(1) Purpose of using cookies: It is used for security management and improving services, developing new services, and providing customized services and advertisements by analyzing access frequency and visit time of users, identifying the patterns of service usage and tracking traces, secure access status, and the number of users.

(2) Installation, operation, and rejection of cookies: Users have the option with regard to the installation of cookies. Therefore, the users can accept all cookies via options in the mobile device, order to request for confirmation each time a cookie is saved, or refuse to save all cookies.

However, if you refuse to store cookies, it may be difficult to use some services of Company that require login.


11. International Transfer of Personal Information


The Company may store, process, and transmit personal information in the Republic of Korea or other locations outside the European Economic Area (“EEA”). Data may also be stored locally on the devices user uses to access the service. When the Company transfers personal information outside the EEA or the Republic of Korea, the Company will ensure that a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

(1) The Company will only transfer personal information to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.

(2) Where the Company uses certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.


12. Protection of personal information of children


Our service is not directed at children. The Company does not knowingly collect personal information of children under the age of 13 or an equivalent minimum age as prescribed in the laws of the relevant jurisdiction.


13. Personnel for Management of Personal Information


(1) The Company has designated the person in charge of personal information management and handling complaints about personal information, and the contact information is as follows.

- Personal information manager

  • - Name: Dong Gi Park
  • - Affiliation: CEO
  • - Contact: help@realbyteapps.com

(2) The user can inquire about all personal information protection-related inquiries, handling complaints, damage relief, etc. that occurred while using the Company's service (or business) to the person in charge of personal information protection and the department in charge. The Company will respond and handle the inquiries without delay.

14. Amendment


If there are any additions, deletions, or changes to the contents of this Privacy Policy, we will notify users in advance through a notice on the website at least 7 days prior to the revision. However, we will notify users at least 30 days in advance of any major changes such as the items of personal information to be collected or provision of third parties.


Addendum (November 23, 2021)


The subject Privacy Policy shall take effect from November 23, 2021.