MarkPilot
HomeApplyPricingRegistrability AnalysisMy Page
MarkPilot
AI-powered Global Trademark Filing Platform
Services
ApplyRegistrability AnalysisPricing
Support
My Page
Legal
Privacy PolicyTerms of Service
MarkCloud | Est. 2019© 2026 MarkPilot. All rights reserved.

Privacy Notice & Policy for MarkPilot

This Privacy Notice explains how MarkCloud Co., Ltd. (“we”, “us”, “our”) collects, uses, and protects your personal data when you use MarkPilot (the “Service”).

Effective Date 19 May 2026
Last Updated 19 May 2026

1. Controller and Contact

Data Controller: MarkCloud Co., Ltd.
Address: 4F, Building A, 14-8 Teheran-ro 70-gil, Gangnam-gu, Seoul, Republic of Korea
Email: info@markcloud.co.kr
Phone: +82-2-1833-4992

EU Representative (Art. 27): To be designated. Please contact info@markcloud.co.kr for inquiries.

Data Protection Officer (DPO): To be designated. Please contact info@markcloud.co.kr for inquiries.

2. Personal Data We Collect

Account Data

Items: email address, password, username, phone number.
Source: directly from you during registration.

Trademark Filing Data

Items: applicant information (name, address, contact details, nationality), trademark images, power of attorney (including signature), country-specific filing documents.
Source: directly from you during the filing process.

Technical Data

Items: IP address, browser type and version, access logs, approximate geolocation derived from IP address.
Source: automatically collected during your use of the Service.

3. Purposes and Legal Bases

Account Management

GDPR legal basis: Performance of a contract (Art. 6(1)(b)). CCPA business purpose: service delivery. Processing is necessary for registration, identity verification, and account management.

Trademark Filing Service

GDPR legal basis: Performance of a contract (Art. 6(1)(b)). CCPA business purpose: service delivery. Processing is necessary to file trademark applications, prepare documents, and manage filings on your behalf.

AI Trademark Class Recommendation

GDPR legal basis: Performance of a contract (Art. 6(1)(b)). The AI provides recommendations based on your input text; no training data from users is used. The final classification decision rests with you.

Customer Support

GDPR legal basis: Legitimate interest (Art. 6(1)(f)). We have a legitimate interest in responding to inquiries and resolving complaints effectively.

Legal Compliance

GDPR legal basis: Legal obligation (Art. 6(1)(c)). We process certain data to comply with applicable laws, including Korean e-commerce and tax regulations.

4. Recipients and Data Sharing

We share personal data with the following recipients:

RecipientPurposeCategory
National patent offices and local agentsTrademark filing submissionThird party (controller)
Local law firms and agentsCountry-specific filing executionThird party (controller)
Amazon Web Services (AWS)Cloud hosting and data storageProcessor / Service provider
Google LLCTranslation API servicesProcessor / Service provider

We have not sold or shared personal information as defined under CCPA/CPRA in the last 12 months.

5. International Transfers

We transfer personal data outside the European Economic Area (EEA) to the Republic of Korea. Safeguard: Explicit consent of the data subject (Art. 49(1)(a)). By creating an account and using our Service, you explicitly consent to the transfer of your personal data to the Republic of Korea for processing purposes described in this Notice.

6. Retention

  • Account data: Until account deletion.
  • Contract and filing records: 5 years (Korean e-commerce consumer protection law).
  • Payment records: 5 years (Korean e-commerce consumer protection law).
  • Consumer complaint records: 3 years (Korean e-commerce consumer protection law).
  • Access logs: 3 months (Korean telecommunications law).

After the retention period, data is deleted or anonymized.

7. Your Rights

Under GDPR (EU/EEA residents)

  • Right of Access (Art. 15) — obtain a copy of your data
  • Right to Rectification (Art. 16) — correct inaccurate data
  • Right to Erasure (Art. 17) — request deletion
  • Right to Restriction (Art. 18) — restrict processing
  • Right to Data Portability (Art. 20) — receive data in machine-readable format
  • Right to Object (Art. 21) — object to processing based on legitimate interests
  • Right Not to Be Subject to Automated Decision-Making (Art. 22)
  • Right to Withdraw Consent (Art. 7(3))

Response time: within one month (extendable by two months for complex requests).

Under CCPA/CPRA (California residents) and US state laws

  • Right to Know — categories and specific pieces of personal information collected
  • Right to Delete — request deletion, subject to exceptions
  • Right to Correct — correct inaccurate personal information
  • Right to Opt-Out of Sale or Sharing — we do not sell or share personal information
  • Right to Data Portability — receive data in JSON or CSV format
  • Right to Non-Discrimination

Response time: confirmation within 10 business days, substantive response within 45 calendar days (extendable to 90 days with notice).

To exercise any right: info@markcloud.co.kr. You may designate an authorized agent with written permission.

8. Right to Lodge a Complaint

EU/EEA residents may lodge a complaint with their local supervisory authority: EDPB Members

California residents may file a complaint with the California Privacy Protection Agency (cppa.ca.gov) or their state Attorney General.

9. Cookies and Tracking Technologies

We use only essential cookies required for service operation: authentication tokens (access_token, refresh_token) and language preference (locale). We do not use analytics, advertising, or tracking cookies.

10. Automated Decision-Making

  • AI Trademark Class Recommendation
    • Logic: Analyzes your product/service description against the Nice Classification system.
    • Significance: Advisory only. No legal effects. The final classification decision is yours.
    • No automated decision is made without human involvement.

You have the right to request human intervention, express your point of view, and contest any automated decision.

11. Sensitive Personal Information

We do not collect Sensitive Personal Information as defined in CPRA §1798.140(ae), nor Special Categories of data under GDPR Article 9.

12. Children

Our Service is not intended for children under 16. We do not knowingly collect personal data from children under 16.

13. Security

We implement appropriate technical and organizational measures including encryption at rest and in transit, access controls, regular security audits, and staff training.

14. US State-Specific Rights

Residents of Virginia, Colorado, Connecticut, Utah, Indiana, Kentucky, Rhode Island, and other states with comprehensive privacy laws have similar rights. Colorado residents may use a Universal Opt-Out Mechanism. Residents of applicable states may appeal a denial of privacy request.

15. Changes to This Notice

We review and update this Notice at least every 12 months. Material changes will be communicated at least 30 days before taking effect via email or prominent notice on the Service.

Revision History

  • 19 May 2026 — Initial version

This Privacy Notice takes effect on 19 May 2026.