Privacy Policy

EGG Co., Ltd. (주식회사 에그) operates the AdaptOrch reliability-kernel SaaS website and application ("AdaptOrch", "we", "us") and is the controller of the personal information described in this policy.

Registered office: 126 Wolbong-ro, Ssangyong-dong, Seobuk-gu, Cheonan-si, Chungcheongnam-do, Republic of Korea · 901-D52, Daerim Plaza. Business Registration No. 205-86-03848. Privacy contact: ict03@rfems.com.

Account data: name, email address, authentication identifiers, tenant/workspace identifiers, role, and login metadata.

Business contact data: company name, team size, demo request details, support messages, and communication preferences.

Service usage data: run identifiers, orchestration metadata, API usage, quota counters, error events, device/browser metadata, and security audit events.

Billing data: plan, transaction state, customer reference, and payment-processor metadata. We do not intentionally store full payment card numbers.

Agent input data: prompts, task descriptions, system instructions, and retrieval snippets you submit for inference.

Cookies and local storage: as described in the Cookies section below.

To provide and secure the service, authenticate users, enforce tenant isolation, issue API keys, operate quotas, and diagnose failures (performance of a contract).

To handle demo and support requests, and to send service, billing, security, and legally required communications (contract and legal obligation).

To improve reliability, prevent fraud and abuse, and maintain audit evidence for business customers (our legitimate interests, balanced against your rights).

Where required by law, we rely on your consent — for example, certain cookies and certain cross-border transfers. You can withdraw consent at any time.

Depending on the customer's configuration and routing policy, agent input — prompts, instructions, and retrieval snippets — may be sent to third-party large-language-model (LLM) providers to perform inference. We aim to transmit only what is needed for the requested operation.

Customers control which providers and routes are enabled. Further detail is provided in the LLM Provider Data-Transfer document.

We use strictly necessary cookies and local storage for authentication, session management, security, and language preference. Any analytics or non-essential technologies are used only where permitted and, where required, with your consent.

We share personal information only with service providers acting on our behalf, by category: hosting and deployment, database and authentication, caching and rate-limiting, payment processing, and LLM inference. Representative providers include Railway (hosting/deploy), Supabase (database/authentication), Upstash Redis (caching/rate-limiting), Paddle (payments), and LLM inference providers used according to routing policy.

We do not sell personal information. We may disclose information where required by law, or to protect rights and safety.

We are based in the Republic of Korea and use providers that may process data outside your country, including outside Korea, the EEA/UK, or China. Where we transfer personal information across borders, we use a lawful transfer mechanism appropriate to the destination and applicable law, and provide the notices or obtain the consents required in your market.

We keep personal information only as long as necessary for the purposes described, for contractual and legal obligations, for security evidence, and for legitimate operational needs, after which we delete or anonymize it. Retention periods per data class are defined in our Data-Retention document.

We apply administrative, technical, and physical safeguards, including tenant isolation, access controls, encryption in transit, audit logging, and least-privilege practices. See the Security document for detail. No method of transmission or storage is perfectly secure.

Subject to applicable law and identity verification, you may request access, correction, deletion, a portable copy, restriction, or objection, and you may withdraw consent. Users in the EEA/UK have rights under the GDPR; users in Korea have rights under PIPA; users in China have rights under PIPL.

To exercise your rights, contact ict03@rfems.com. You may also lodge a complaint with your competent supervisory authority.

The service is not directed to children below the applicable minimum age in each market, and we do not knowingly collect their personal information. If you believe a child has provided us personal information, contact us and we will take appropriate action.

Our website may link to third-party sites and services that are governed by their own privacy notices. We are not responsible for the privacy practices of those third parties.

We may update this policy from time to time. We will post the new effective date and, for material changes, provide additional notice where required.

Privacy requests: ict03@rfems.com. General support: ict03@rfems.com. Security reports: ict03@rfems.com.

Postal: EGG Co., Ltd., 126 Wolbong-ro, Ssangyong-dong, Seobuk-gu, Cheonan-si, Chungcheongnam-do, Republic of Korea. You may also contact your competent data-protection supervisory authority.