Article 1. Items of Personal Information to be Collected and Methods of Collection
Article 2. Purpose of Collection and Use of Personal Information
Article 3. Period of Retention and Use of Personal Information
Article 4. Provision of Personal Information to Third Parties
Article 5. Outsourcing Personal Information Processing and Cross-Border Transfer
Article 6. Rights and Obligations of Information Subjects, and How They Are Exercised
Article 7. Installation, Operation and Rejection of the Automated Personal Information Collection System
Article 8. Procedures and Methods of Destruction of Personal Information
Article 9. Measures to Ensure the Safety of Personal Information
Article 10. Chief Privacy Officer and Contact Information
1) Items to be collected
The Company shall collect the following personal information.
<Information to be Collected on the Website>
<Information to be Collected on the App>
<Information to be Used on the App>
Information to be used on the app shall be neither collected nor used by the Company. It shall be used only within the app and deleted when the app is deleted.
2) Methods of Collection
The Company shall collect personal information in the following ways.
- Users entering information via the website
- Transmissions when an error occurs while the app is in use or when any bug is reported
- Users registering information on the app (only within the app)
The Company shall collect and use personal information for the following purposes. The collected personal information shall not be used for any purposes other than the following, and if the purposes of use are changed, the Company shall take legally necessary measures such as asking for prior consent.
<Information to be Used on the App>
Unless it is required by applicable laws and regulations to retain personal information, in principle, the Company shall destroy personal information without delay after the purpose of collecting and using said personal information has been achieved.
If informed consent is obtained directly from the user when collecting personal information, it shall be retained for the agreed period.
If you wish to withdraw consent, you can unregister from the website or send a request to the department in charge of personal information protection (email@example.com). Your request will be handled immediately after your identity is confirmed.
However, if it is necessary to retain the member's information under the applicable laws and regulations, the Company shall keep it for a certain period of time as stipulated by the relevant laws and regulations, as follows:
The Company shall not use users' personal information or provide it to a third party under any circumstances, except in cases where the user has consented to such a provision or where it is required by applicable laws and regulations.
The Company shall use the following cloud service in order to smoothly provide information, stable service and the latest technologies, etc. The technical and administrative protection measures of the cloud service shall comply with the entrustee's policy. The entrustee shall only perform physical management and shall not access users' data.
The Company shall manage and supervise theentrustee to ensure that it does not process personal information other thanfor the intended purposes, that it complies with technical and administrativeprotection measures, and that it does not violate other laws and regulationsrelated to personal information.
1) A user may exercise the following rightsrelated to the protection of personal information specified against the Companyat any time.
2) The exercise of the rights under Paragraph1 against the Company may be done in writing, by phone, email, fax, etc., andthe Company will take proper actions without further delay once your identityhas been confirmed.
3) In principle, the Company shall notcollect personal information about subjects under the age of 16.
The Companyshall use session and local storage technologies, which are technologiessimilar to cookies. The storage technology is a small text file stored on auser's PC when they log in. This text file stores any information that thewebsite can read for when the website is re-visited.
The Companyshall use the session and local storage technology as follows:
• To maintainthe users' session when they use the services
• To provide improved usability when usersuse the services
Anyinformation stored in session and local storage is as follows:
• Any tokeninformation to maintain the session
• Servicelanguage chose by users
• User ID for simple log-in, if chosen by theuser
2. A cookierefers to a text file automatically transmitted to a user's computer when theCompany's website is accessed.
② Methods toreject cookies
1. InternetExplorer: At the top of the web browser, Tools → Internet options → Privacy →Advanced
2. Chrome: On the right of the web browser,Settings menu → Advanced (at the bottom of the screen) → Content Settings ofPersonal Information → Cookies
1. The Companyaims to analyze and evaluate how customers use its service, identify customerneeds, improve and customize its service and goods, and provide an effectiveservice by using a web analytics service, Google Analytics (hereinafterreferred to as "Google") provided by Google, Inc. for the purpose ofproviding a better service to its customers.
2. GoogleAnalytics analyzes how users use the website using a text file (cookie) storedon the user's computer.
3. Anyinformation collected through the cookie shall be transmitted to and stored inthe Google server located in the United States.
4. Google mayprovide this information to any third party as required by law, or to any thirdparty which handles the information on behalf of Google.
5. Googleshall not associate customer IP addresses with any data retained by Google.
6. Unless theuser rejects usage of cookies, they consent to usage of all information createdthrough the Google cookie or Google Analytics by using the Company's service.
7. You maycheck the details of Google’s personal information protection here.
8. If you wishto check methods to reject the usage of Google Analytics, you may restrict orreject storage of all information through the Google website. However, ifyou reject storage of the cookie, it may restrict parts of the servicerequiring log-in. In such cases, users should be mindful that they bear thesole responsibility for this.
In principle, once the Company has achievedthe intended purpose of processing personal information, it shall delete saidpersonal information without delay. This deletion shall be subject to thefollowing procedures, schedule and methods:
1) Procedures for Deletion
Information entered by a user shall betransferred to a separate database (or a separate document if provided in hardcopy) once the intended purpose has been achieved, and stored for a certainperiod in accordance with internal policies and other related laws. Otherwise,it will be immediately deleted. At this time, the personal informationtransferred to the database shall not be used for any other purpose, except asrequired by law.
2) Methods for Deletion
Any information in the form of electronicfiles shall be deleted through a technical method that makes the recordsunrecoverable. Personal information printed in hard copy shall be shredded orincinerated.
The Company shall take all technical,administrative and physical measures necessary to ensure safety, as follows:
1) Administrative Measures
Establishment of, compliance with, inspectionof, and education regarding information-security-related regulations andguidelines, and internal management plans, etc.
2) Technical Measures
Access authority management/verification ofpersonal information processing system, etc., installation/operation of anaccess control system and security program, encryption of personal information,encryption transmission, etc.
3) Physical Measures
Establishment/operation of regulations oncomputer room access control, etc.
In order to protect user personal informationand deal with related complaints, the personal information manager and relateddepartments shall be designated by the Company as follows, and the ChiefPrivacy Officer shall serve as the Data Protection Officer (DPO).
1) Chief Privacy Officer
2) Department in Charge of PersonalInformation Protection
You will be notified at least 30 days in advance of any significant changes touser rights, such as collection and use of personal information, provision to athird party, etc.
1) Notification Date: 04/26/2022
2) Enforcement Date: 05/03/2022