Privacy Policy
1. Overview
DAYLAB ("we", "us", "our") operates the website daylab.dev and its subdomains. This Privacy Policy explains what information we collect when you visit our websites, how we use it, and your rights regarding that information.
2. Purpose of Processing
We process personal information for the following purposes:
- Website traffic analysis and user experience improvement (Google Analytics)
- User behavior analysis via heatmaps and session recordings (Microsoft Clarity)
- Display of advertisements (Google AdSense)
3. Information We Collect
We do not require account registration and do not directly collect personal information. The following data is collected automatically through third-party analytics and advertising services:
| Service | Data Collected |
|---|---|
| Google Analytics (GA4) | Page views, session duration, approximate location (IP-based), device/browser type, OS, screen resolution, referral source, language settings |
| Microsoft Clarity | Mouse movements, clicks, scrolls, heatmaps, session recordings. Sensitive input content is masked before transmission. |
| Google AdSense | Browsing history, interests, IP address, device identifiers, ad interaction data. Third parties may collect information through cookies, web beacons, IP addresses, or other identifiers. |
4. Children Under 14
Our services are not directed at children under 14 years of age. We do not knowingly collect personal information from children under 14.
5. Retention Period
| Service | Retention Period |
|---|---|
| Google Analytics (GA4) | 14 months (default) |
| Microsoft Clarity — aggregated analytics/heatmaps | 13 months |
| Microsoft Clarity — session recordings | 30 days |
| Google AdSense | Per Google's retention policies |
6. Destruction of Data
As we do not directly store personal information on our servers, there is no separate destruction procedure. Data collected by third-party services is automatically deleted according to each service's retention policy. When the purpose of processing is achieved, data is destroyed without delay.
7. Third-Party Provision
We do not provide personal information to third parties beyond what is described in this policy.
8. Processing Delegation (Entrustment)
We entrust the processing of personal information to the following service providers:
| Service Provider | Delegated Tasks |
|---|---|
| Google LLC | Website analytics (GA4), advertisement serving (AdSense) |
| Microsoft Corporation | User behavior analytics (Clarity) |
9. Cross-Border Transfer
Data collected through the above services may be transferred to and processed in the following countries:
| Recipient | Country | Data Transferred | Purpose |
|---|---|---|---|
| Google LLC | United States | Analytics data, ad interaction data, IP address, device identifiers | Analytics & ad serving |
| Microsoft Corporation (MIOL) | United States / Ireland | Session recordings, heatmap data, cookies | Behavior analytics |
These transfers are conducted based on Standard Contractual Clauses (SCCs) or equivalent safeguards provided by each service provider.
10. Cookies
We use the following cookies:
| Cookie | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Google (1st party) | User identification for GA4 | 2 years |
| _ga_* | Google (1st party) | Session state for GA4 | 2 years |
| _clck | Clarity (1st party) | User ID and preferences | 1 year |
| _clsk | Clarity (1st party) | Session connection | 1 day |
| CLID | Clarity (3rd party) | Cross-site user identification | 1 year |
| MUID | Microsoft (3rd party) | Unique browser identifier | 1 year |
| ANONCHK | Microsoft (3rd party) | Ad flag | 10 minutes |
| MR | Microsoft (3rd party) | MUID renewal | 7 days |
| SM | Microsoft (3rd party) | Domain sync | Session |
Google AdSense may also set additional third-party cookies for ad personalization. You can control cookies through your browser settings. You can opt out of personalized advertising at Google Ads Settings.
11. Behavioral Advertising
Google AdSense uses cookies and similar technologies to display personalized advertisements based on your browsing history and interests. You may opt out of personalized ads through Google Ads Settings or aboutads.info.
12. Security Measures
- All communications are encrypted via HTTPS (TLS)
- We apply the principle of minimum data collection
- No personal information is stored on our servers
- Access to analytics dashboards is restricted to authorized personnel
13. Your Rights
You have the following rights regarding your personal information:
- Access: Request access to your personal information
- Correction: Request correction of inaccurate information
- Deletion: Request deletion of your personal information
- Suspension: Request suspension of processing
- Withdrawal of consent: Withdraw consent at any time
To exercise these rights, contact us at contact@daylab.dev. As we do not directly store personal information, exercising these rights may involve adjusting browser cookie settings or contacting the respective third-party services directly.
14. Privacy Officer
| Field | Details |
|---|---|
| Name | Dasong Sim |
| Title | Representative |
| Department | DAYLAB |
| contact@daylab.dev | |
| Phone | 0505-007-7703 |
15. Remedies for Rights Infringement
If you believe your privacy rights have been violated, you may seek assistance from the following organizations (Republic of Korea):
- Personal Information Protection Commission (PIPC) — privacy.go.kr / 1833-6972
- KISA Privacy Center — privacy.kisa.or.kr / 118
- Personal Information Dispute Mediation Committee — kopico.go.kr / 1833-6972
- Supreme Prosecutors' Office Cyber Investigation — spo.go.kr / 1301
- National Police Agency Cyber Bureau — ecrm.police.go.kr / 182
16. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be posted on this page at least 7 days prior to taking effect, with an updated effective date.
Effective date: April 14, 2026