Privacy Policy

SecureFirst, operated by HK Solution ("we", "us", "our"), is committed to protecting the privacy of our clients and website visitors. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the Korean Personal Information Protection Act (PIPA), the EU General Data Protection Regulation (GDPR), and other applicable laws.

Company: HK Solution (에이치케이솔루션) CEO: HeeKyung Kim Business Registration: 740-05-03702 Address: 53 Biraeseoro, Daedeok-gu, Daejeon 306, South Korea Email: hksolution2025@gmail.com Phone: +82 10-5769-4366

We collect the following categories of personal information: Contact Information: Name, email address, phone number, company name — collected when you submit our contact form or request an assessment. Technical Information: IP address, browser type, device information — collected automatically when you visit our website. Audit-Related Information: Product URLs, application credentials (when provided by client for authorized testing), security findings — collected during the course of our security audit services. Payment Information: Billing details processed through third-party payment providers. We do not store credit card numbers directly.

We use your personal information for the following purposes: • To respond to inquiries and provide security audit services • To deliver security assessment reports • To communicate about our services, including follow-ups and support • To process payments for our services • To improve our website and service quality • To comply with legal obligations We do not use your information for automated decision-making or profiling.

Under GDPR and PIPA, we process personal data based on: • Consent: When you submit our contact form or request services • Contract: To fulfill our security audit service agreements • Legitimate Interest: To improve our services and ensure website security • Legal Obligation: To comply with applicable laws and regulations

We do not sell, trade, or rent your personal information to third parties. We may share information with: • Cloud service providers (for hosting and data storage) • Payment processors (for billing) • Legal authorities (when required by law) All third-party service providers are contractually obligated to protect your data and use it only for the specified purposes.

As a security audit provider, we handle sensitive technical data about our clients' systems. Confidentiality: All audit findings, vulnerabilities, and technical details are treated as strictly confidential. Data Minimization: We only collect the minimum data necessary to perform the requested audit. Secure Storage: Audit reports and findings are encrypted at rest and in transit. Retention: Audit data is retained for 90 days after report delivery, unless a longer retention period is agreed upon. After this period, all audit data is permanently deleted. No Disclosure: We never disclose client-specific audit findings to third parties without explicit written consent. Case studies on our website are fully anonymized.

• Contact form submissions: 2 years • Client audit data: 90 days after report delivery (default) • Payment records: As required by tax law (5 years in Korea) • Website analytics: 26 months • Cookies: See our cookie settings below

Under PIPA and GDPR, you have the following rights: • Right to Access: Request a copy of your personal data • Right to Rectification: Request correction of inaccurate data • Right to Deletion: Request deletion of your personal data • Right to Restrict Processing: Request limitation of data processing • Right to Data Portability: Receive your data in a structured format • Right to Withdraw Consent: Withdraw consent at any time • Right to Lodge a Complaint: File a complaint with the relevant supervisory authority To exercise any of these rights, contact us at hksolution2025@gmail.com. We will respond within 10 business days (PIPA) / 30 days (GDPR).

We implement appropriate technical and organizational measures to protect your personal information: • TLS/HTTPS encryption for all data in transit • Encryption at rest for stored data • Access controls and authentication • Regular security assessments of our own systems • Secure deletion procedures for expired data As a security company, we hold ourselves to the highest standards of data protection.

Our website uses the following cookies: Essential Cookies: Required for website functionality (session, language preference). Analytics Cookies: Google Analytics to understand website usage (can be opted out). We do not use advertising or tracking cookies.

Your data may be processed in South Korea and, where necessary, transferred to servers in other countries. Any such transfers are protected by appropriate safeguards including standard contractual clauses.

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. Significant changes will be communicated via email to active clients.

For privacy-related inquiries: HK Solution Email: hksolution2025@gmail.com Phone: +82 10-5769-4366 Address: 53 Biraeseoro, Daedeok-gu, Daejeon 306, South Korea Korean Privacy Supervisory Authority: Personal Information Protection Commission (PIPC) Website: https://www.pipc.go.kr