The Company uses personal information for following purposes:
① Homepage Account Sign up and management
User’s consent to sign up, User verification upon membership service, User right & management, user consent for limited user verification restriction,
② Provide service
Personal information is used to manage membership, to provide and improve Services and to develop new service.
③ Grievance Handling
The Company processes personal information for the purpose of verifying the identity of the complainant, confirming the complaints, contacting, and notifying for fact-finding, and notifying the result of processing.
④ Marketing and Advertise
Recommend customized contents based on demographic features, users' interest, taste and propensity, and utilized the foregoing information as marketing methods
⑤ Technical measures against hacking
Company use personal information to practice legal adjustments against justifiable fraud/hacking
2. Use and Collection of Personal Information
The Company collects below personal information:
① List of Personal Information
- Email address, SNS account information (SNS platform and linked email address)
- IP address, cookies, date of visit, chat history and service usage record may be automatically created and collected while the user uses the PC web or mobile web & apps
② The method to collect personal information
- Personal information collected from user provided information when user sign up for account on homepage.
③ Storage policy
- Member identification, confirmation of the user’s will to sign up, user and age verification, prevention of improper usage
- Confirmation of consent of a legal representative in case of collecting personal information of children under 14 years of age, verification of identity of the legal representative thereafter
④ Storage period
- The Company will immediately destroy any personal information collected once the personal information retention period expires or else the purpose of processing thereof has been achieved. In the event that personal information needs to be retained pursuant to other laws even if the personal information retention period, to which the information principal consented, has expired, or the purpose of processing thereof has been achieved, the personal information will be moved to a separate database (DB) or storage space.
- Storage of personal information confirmation in service use (log-in record): Article 2 Subparagraph 11 of the Protection of Communications Secrets Act.
- Storage period: 3 months
3. Provision of Personal Information
Company does not provide personal information to any third party without your consent or unless demanded by applicable laws.
Company entrusts the following personal information to a third party to connect Company Services to third-party services.
Company shall provide no personal information to any third party without user's prior consent; provided, however, that Company provides the foregoing personal information to the third parties within a scope required to provide affiliated services to users, only upon user's prior consent.
The following affairs are entrusted to provide the Services.
Company provides personal information to third parties in the course of entrusting some parts of the affairs required for service provision. Company also supervises and monitors the entrusted parties to abide by the relevant laws and regulations.
Some personal information is transferred overseas to perform the following affairs.
4. Destruction of Personal Information
The user's personal information is to be destroyed immediately once the purpose of the collection and use of personal information is fulfilled.
User’s personal information will be deleted using technical means which make the information unrecoverable.
- Personal information recorded and stored in the form of electronic files must be deleted using a technical method ensuring that the records cannot be reproduced.
- Personal information recorded and stored on paper documents must be shredded on the paper shredder or incinerated.
Company is committed to protecting the user’s rights.
Any user may view and edit his/her personal information at any time (via a legal representative for users aged 14 or under), and may withdraw his/her consent to collection and use of personal information, or request for the withdrawal of the Service at any time.
In particular, users can modify personal information or withdraw the membership via Settings in the Service. Upon any request via email, document, phone call, the Customer Center shall take measures without delay.
If any user requests for the revision of personal information, such information shall not be used or provided until the revision is completed.
In addition, Company also provides a page containing information on the user’s right protection in accordance with the Privacy Guidelines for Online Customized Ads.
Cookies can be used to provide the web-based services.
Cookies are used to support a faster and more convenient use of websites and to provide customized services.
What is a Cookie?
A cookie is a small piece of text file usually set by the web server, sent from a website and stored in a User's computer hard disk while the user is browsing that website.
Purpose of use
Rejection of cookies
Cookie does not collect personally identifiable information automatically or actively, and a user has an option for setting a cookie. Hence, a user may allow all cookies by setting the option on the web browser; whenever a cookie is stored, the confirmation thereof shall be completed; or, otherwise, a user may reject the storage of all cookies. Provided, however, when a user rejects the storage of a cookie, then the user may have some difficulties in using a service.
Examples of Settings
- 1) Internet Explorer
- Select "Tool" menu at the top of the browser. > "Internet Options" > "Personal Data" Tab > Settings
- 2) Chrome
- Select "Settings" menu at the top right side of the browser. > "Show advanced settings" > In the "Privacy" section, click "Content settings". > Cookies
Company works hard to protect our users' precious personal information.
The protection of our users' personal information is our utmost priority. In order to protect users' valuable personal information, we at Company are making the following efforts.
- Users' personal information is encrypted.Users' personal information is transmitted through encrypted communication channels, and important information, including passwords, are encrypted when stored.
- Personal information is protected from hacking attempts and computer viruses. Systems are installed in areas restricted from external factors to prevent users' personal information from being leaked or damaged by hacking or computer viruses. A 24-hour monitoring system has been installed to detect and block any hacking attempts, and vaccine programs are being used to protect the system from the latest malware and viruses. Company is also continuously researching new security and anti-hacking technologies and applying the new technologies to our services.
- Valuable personal information is handled by minimum personnel. Risk of personal information breach is minimized by assigning only a necessary handful of people to handle users' personal information and by blocking work computers from accessing external internet services.Systematic standards are applied when creating and updating passwords in systems that store personal information database and process personal information. Standards are also applied to authorizing access to systems and audits are conducted on a regular basis.
- Company employee receive regular training on personal information protection.Training and campaigns on personal information protection and security are held for all Company employees who handle users' personal information.
- Company meets national and international certification standards on user information protection activities and systems. Company is verified annually by an independent auditing organization to ensure that we meet national and international certification standards on information protection and privacy management. The result of the audit is applied to any improvements needed.
Company complies with the General Data Protection Regulation (GDPR) as well as the domestic laws of each member country.
The following may apply when Company provides services to users in EU countries.
[Purpose/Basis of Personal Information Processing]
Company uses personal information collected from users only for purposes specified in "3. Use of Personal Information", informs users prior to any use thereof and asks for agreement.
In addition, Company may process personal information in accordance with applicable laws including GDPR in any of the following cases:
- Consent of the data subject
- Sign and fulfil a contract with the data subject
- legal compliance
- When personal information processing is necessary for the material benefit of the data subject
- For the pursuit of legitimate interests of the company (except for cases where the benefits, rights or freedom of the data subject is more important than that of the company.)
[Guarantee of Users' Rights in EU Countries]
As described in "Company protects your personal information", Company is committed to protecting your privacy. In accordance with applicable laws including GDPR, a user may request that his or her personal information be transferred to another manager, and refuse the processing of his or her information. In addition, a user has a right to file a complaint with data privacy protection authorities.
Company may also use personal information for marketing purposes such as event promotion or advertisements, for which Company obtains a prior agreement. A user may withdraw the agreement at any time if he or she doesn't want it.
A user may inquire the foregoing matters to the Customer Service via document, phone or email. The request will be handled in a proper and timely manner.
When a user requests for the correction of personal information, the concerned information shall not be displayed until such correction is completed.
Questions regarding Privacy Protection
For any inquiries, complaints, feedback or other matters related to personal information protection which arise while you use the Services, please contact the Privacy Protection Officer or the responsible department. Company will do its best to listen to you and promptly answer any questions you may have.
Privacy Protection Officer and Responsible Department
- Privacy Protection Officer/DPO: Jong Hoon Cho
- Department: Business Development
- Contact : email@example.com
Please make inquiries to the following organizations if you need to report or consult in regards to the violation of personal information.
KISA Report Center for Personal Information Breach
- (Toll free)118
Cyber Crime Investigation, Supreme Prosecutors' Office
- (Toll free)1301
Cyber Terror Response Center, National Police Agency
- (Toll free)182
However, any major change in user rights, including personal information items to be collected and the purpose of collecting thereof, will be notified at least 30 days in advance.
- Enforcement Date: 2021.12.28