← Back
DYAX
Privacy Policy
Last updated: June 3, 2026
DYAX (hereinafter "Dyax.io") values your personal information and complies with the Personal Information Protection Act and other relevant laws. This policy applies to all services provided by Dyax.io.
1. Personal Information We Collect
Dyax.io collects the following information for membership registration and smooth service provision. Required items are essential for providing the service, while optional items can be declined without affecting your use of the service.
- Required — email address, login ID, password (stored encrypted), username (nickname).
- Optional — profile photo, preferred news categories, preferred language (Korean, English, Japanese).
- Email verification — verification codes and records of verification requests and completions.
- When purchasing paid credits — purchase history, payment identifiers, payment status. Actual payment method details (card numbers, crypto wallet addresses, etc.) are handled by an external payment processor and are not stored by Dyax.io.
- Information automatically generated/collected — paper-trading records, activity history such as votes and comments, access logs, access IP, cookies, device/OS information, advertising identifiers (ADID/IDFA), push notification tokens.
- All investment features provided by Dyax.io are paper trading using virtual assets and do not broker real securities or crypto asset trades. We do not collect sensitive information such as resident registration numbers or bank account numbers.
2. Purpose of Collecting and Using Personal Information
Collected personal information is used only for the following purposes. We will obtain prior consent if the purpose changes.
- Member management — member identification, identity verification, prevention of fraudulent use, customer inquiry response.
- Service provision — paper-trading portfolio management, real-time news curation, community/comment/voting features.
- Service improvement — feature improvement and new service development through usage behavior analysis.
- Payment and purchase processing — paid credit payment processing, purchase history management, and refund/dispute handling.
- Sending notifications — verification codes, important announcements, and breaking-news push notifications (only where the user has consented).
- Marketing and advertising — announcements of new features and personalized advertising (only where the user has consented).
3. Retention and Use Period of Personal Information
Your personal information is destroyed without delay once the purpose of collection and use is achieved. Upon account withdrawal, account information is deleted and login sessions on all devices are promptly cleaned up.
- Where retention is required by applicable law, the information is stored securely and separately for the relevant period.
- Access records — retained for 3 months under the Protection of Communications Secrets Act.
- Fraudulent use records — may be retained for a period after withdrawal to prevent fraudulent registration and use.
4. Outsourcing of Personal Information Processing and Overseas Transfer
Dyax.io outsources some tasks to external specialized providers, and the servers of some processors may be located overseas.
- Push notification delivery — Google LLC (Firebase Cloud Messaging): device identifiers and push tokens.
- Email delivery — email delivery service provider: email address, verification code.
- Payment processing — payment processor (NowPayments): payment identifiers and information necessary for payment processing.
- Service operation/hosting — cloud infrastructure provider: storage and processing of data necessary for service provision.
- We stipulate the matters necessary under relevant laws in outsourcing contracts and manage and supervise the processors.
5. Provision of Personal Information to Third Parties
Dyax.io does not provide personal information to third parties without the user's consent. Exceptions apply where there are special provisions in the law or where an investigative agency makes a request in accordance with procedures prescribed by law.
6. Rights of Users and Legal Representatives
Users may view and correct their personal information at any time, and may withdraw consent (account withdrawal) through the Account Withdrawal feature in My Page or by email request to the Personal Information Protection Officer.
- You may request to view, correct, or delete your personal information or to suspend its processing, and we will take action without delay.
- Rights may also be exercised through a legal representative or an authorized agent.
7. Personal Information of Children Under 14
Dyax.io does not accept membership registration from children under 14 and does not intentionally collect children's personal information. If confirmed, such information will be destroyed without delay.
8. Measures to Ensure the Security of Personal Information
Dyax.io takes the following measures to protect personal information safely.
- Important information such as passwords is encrypted for storage and management.
- Access to personal information is restricted to the minimum necessary personnel.
- Encrypted communication (HTTPS) is applied to information transmission.
- Security measures against hacking and malware are applied and inspected periodically.
9. Cookies and Advertising Identifiers
Dyax.io uses cookies and advertising identifiers to provide customized services.
- Cookies — you can refuse storage through your browser settings, but some services may be limited.
- Advertising identifiers (ADID/IDFA) — on iOS, under "Settings > Privacy & Security > Tracking"; on Android, under "Settings > Privacy > Ads."
10. Personal Information Protection Officer
Dyax.io has designated a Personal Information Protection Officer to take overall responsibility for personal information processing and to handle user inquiries/complaints.
- Personal Information Protection Officer — email: rch8821@naver.com
11. Remedies for Infringement of Rights
If you need to resolve a dispute or obtain consultation due to a personal information breach, you may contact the following organizations.
- Personal Information Dispute Mediation Committee — kopico.go.kr / 1833-6972
- Personal Information Infringement Report Center (KISA) — privacy.kisa.or.kr / 118
- Supreme Prosecutors' Office Cyber Investigation Division — spo.go.kr / 1301
- National Police Agency Cyber Investigation Bureau — ecrm.police.go.kr / 182
12. Changes to the Privacy Policy
This privacy policy may be supplemented, deleted, or amended in accordance with changes in laws, policies, or services, and any changes will be announced in advance through in-service notices or this page.