Effective: 2026-04-23 · Applies to users in Singapore, Thailand, Indonesia, Vietnam, Philippines, Malaysia.
This page supplements our Master Privacy Policy
and Terms of Service with Southeast Asian
jurisdiction-specific disclosures. Where a country is not explicitly
listed, local law applies to the extent of any conflict.
1. Applicable Data Protection Laws
Singapore — Personal Data Protection Act 2012 (as amended 2020) (PDPA)
Thailand — Personal Data Protection Act B.E. 2562 (2019) (PDPA, effective 2022)
Indonesia — Law No. 27 of 2022 on Personal Data Protection (PDP Law)
Vietnam — Decree 13/2023/ND-CP on Personal Data Protection (effective July 2023)
Philippines — Data Privacy Act of 2012 (RA 10173)
Malaysia — Personal Data Protection Act 2010 (PDPA)
2. Common Principles (PDPA/PDPL framework)
Across the region, Hanlimworld adheres to these principles:
Principle
Our practice
Consent
Explicit consent obtained at sign-up and for each data-requiring feature (camera, gallery, mic).
Purpose limitation
Data used only for stated purposes: service delivery, AI analysis, service improvement.
Notification
Purposes disclosed in this policy before collection.
Access & correction
Available in-app (Settings → Profile) and via email.
Accuracy
Users can update profile data anytime.
Protection
TLS 1.2+ in transit, AES-256 at rest, RLS policies on DB.
Retention
Data deleted upon account closure (see Retention section of master policy).
Transfer limitation
Cross-border transfers safeguarded by standard contractual clauses and vendor certifications (ISO 27001, SOC 2).
Openness
Master policy + regional supplements published.
Breach notification
Users and regulators notified within 72 hours of a qualifying breach.
3. Country-Specific Provisions
3.1 Singapore (PDPA)
Data Protection Officer: Privacy Team, privacy@hanlimworld.com
Do Not Call Registry: We do not conduct voice/SMS telemarketing; DNC provisions are not applicable.
Complaints: Personal Data Protection Commission (PDPC) —
pdpc.gov.sg
3.2 Thailand (PDPA B.E. 2562)
Lawful bases: Consent (Sec. 19) and Contract performance (Sec. 24(3)).
Data subject rights: access, rectification, erasure, restriction, portability, objection, withdrawal of consent (Secs. 30–36).
Supervisory authority: Personal Data Protection Committee (PDPC Thailand).
Cross-border transfers permitted with user consent or adequate protection measures.
3.3 Indonesia (PDP Law 2022)
Data Controller: Hanlimworld. Data Protection Officer: privacy@hanlimworld.com
Retention and deletion procedures per Article 43.
Cross-border transfers comply with Article 56 via equivalent protection safeguards and user consent.
Regulator: Ministry of Communication and Informatics (Kominfo) / PDP Authority (once operational).
3.4 Vietnam (Decree 13/2023)
Cross-border transfer impact assessment maintained on record.
Personal data processing notified with consent (Article 11).
Regulator: Ministry of Public Security — Department of Cyber Security and High-Tech Crime Prevention (A05).
3.5 Philippines (RA 10173)
Data Protection Officer: privacy@hanlimworld.com
Rights under §§16–18 of the Data Privacy Act: informed, access, correction, erasure/blocking, damages, data portability, complaint.
Regulator: National Privacy Commission (NPC) —
privacy.gov.ph
3.6 Malaysia (PDPA 2010)
Processing limited to service-related purposes as disclosed.
Rights of access, correction, and to prevent processing likely to cause damage or distress.
Regulator: Department of Personal Data Protection (JPDP) —
pdp.gov.my
4. Data Subject Requests
All users in Southeast Asia may exercise their rights via
privacy@hanlimworld.com.
We respond within 30 days (extendable with notice under applicable law).
5. Terms of Service — Regional Provisions
Age of Consent: Users must meet the minimum age of
digital consent in their jurisdiction (typically 13 or 16). Minors
require parental/guardian consent where required by law.
Language: The Master Terms are published in Korean
and English. Where local law requires native-language consumer
information (e.g., Indonesian Law 24/2009), the English version is
authoritative, but a local-language summary is available upon request
to support@hanlimworld.com.
Consumer rights: Nothing in the Master Terms limits
mandatory consumer protection rights under local law.
Dispute resolution: Users may bring claims in
their country of residence. Seoul (Republic of Korea) is the default
venue for non-consumer disputes.