Personal information is information about a living person that includes name, social security number and data that allows to identify (or data that can be combined together to identify) an individual such as symbols, characters, voice, sound effects, message, or biological characteristics.
Through this document entitled handling of personal information, the Company notifies the user of how the personal information is being used, and what we are doing to protect the user's privacy.
2. Scope and Method of Collecting Personal Information
- 01) When registering an account to use our services, the Company collects minimal amount of personal information, and asks for agreement from the user. The user must enter the following information to use our online services. The optional data are collected in order to provide a better quality of service, but are not required and not entering the optional data does not restrict the user from accessing any part of the service.
- • Scope of Collected Personal Information
- - Required: ID, password, password confirmation, foreigner registration number and passport (in case of foreigner), name, resident registration number, e-mail, password reset question and answer, telephone (or cell phone number)
- - Optional: Address, opt-in for newsletter
- • Credit card payment: Issuing company name, card number, expiration date, etc.
- • Mobile payment: Cell phone number, authorization number, etc.
- • Bank account transfer: Bank name, account number, account password, etc.
- • Bank account transfer: Bank name, account number, account password, etc.
- • When legal representative agrees on behalf of a user under the age of 14: Resident registration number of the legal representative, name, address
- 02) The Company collects the minimal amount of data required to register as a member to use member services through the home page, written form, or telephone.
3. Agreement to Collect Personal Information
- 01) The Company provides a process to click "I Agree" or "I Do Not Agree" within the "Handling of Personal Information" or the "Usage Agreement" in which if a user clicks on the "I Agree" button, it is assumed the user agrees to allow the Company to collect the personal information.
- 02) If the user clicks on "I Agree" in regards to receiving commercial advertising through e-mail or mobile phone, it is assumed that the user has agreed to receive such commercial advertising.
4. Purpose of Collecting Personal Information
- 01) The Company collects the personal information for the following purpose:
- • Name, ID, password, resident registration number, foreigner registration number and passport number (foreigners only): Used to identify a person during registration, check the identity through credit ratings institutions, prevent duplicate registration, customize the service to the person, restrict certain services by age, operation of customer service center, prevention of bad members registering again
- • E-mail, phone number: Used to notify users, check the user's intention, communication channel for users for trouble shooting and customer inquiries, provide information about new service, product, or event, authenticate the user
- • Password reset question and answer: Used to authenticate the user when the user has lost his/her password or needs to change his/her password
- • Bank account information, credit card information, mobile phone number, coupon information: Used to pay for paid services and/or to authenticate the user
- • Address: Used for statistical purposes (statistics based on age, sex, and place of residence), shipping prizes
- • Resident registration number of legal representative, name, address: Used when an agreement or approval is needed by a legal representative for an act of a minor, prove the agreement or approval through agreement form
- • Other optional items: Used to provide customized personal services
- 02) The Company does not collect sensitive personal information (race, ideology or beliefs, place of birth, political interests, criminal records, history of illness, genetic information, health status, sexual activities, etc.) that may violate user's privacy.
- 03) The Company may collect the user's IP address and the date and time of visit to prevent bad users that violate the laws or the Company's usage agreement from using the Company's services
- 04) If the purpose or scope of collecting personal information is changed, the Company receives agreement from the user through the home page (Internet site), written form, telephone, or e-mail.
5. Collecting of Personal Information through Cookies
6. The Use of Personal Information Beyond the Purpose and Providing the Information to Third Party
- 01) The Company uses personal information for the purposes defined in "Purpose of Collecting Personal Information," and does not use it for other purposes or provide the information to third party without the user's consent. However, the following are exemptions to this:
- • The user has previously agreed to share the information.
- • The user has violated the service usage agreement, member service usage agree, or another policy
- • There Is sufficient evidence that the user has caused mental or physical harm to another user and that personal information sharing is required to take lawful action
- • When it is deemed necessary by law (ex: government institution requests the information through lawful proceedings)
- • The user participants in an event operated by the Company and the Company needs to provide name, address, and contact information to a partner company to ship the prize
- • The Company provides name and resident registration number to Korea Credit Rating Information, Inc. to verify the person's identity. This information is used only to verify the person's identity, and the Korea Credit Rating Information, Inc. cannot view the user's personal information.
- • The Company may provide the user's information to mobile/ARS dispute resolution center when it is requested due to the user's claim or dispute of the charges until the dispute is resolved, and the information is stored for 3 years. The information is provided only after the user has agreed to this.
- - Mobile/ARS Dispute Resolution Center (www.spayment.org)
- - Telephone: 02-563-4033,4012
- 02) Further, the Company may share personal information to develop new technology and provide better service after getting agreement from the user.
7. Viewing and Editing of Personal Information
- 01) The user may at any time view or edit the user's personal information. The user may view and edit personal information through the home page at my page's "change personal information" page. However, the user may not change the ID, resident registration number, and name for any reason. If the user needs to change any of those items, the user must cancel the membership and register again. If the user has forgotten ID or password, the user should use the "Find ID/Password" menu.
- 02) When the user requests a correction of the personal information, the personal information is not used or provided until the correction has been made.
- 03) If the Company changes the personal information, this is notified immediately to the user. If there is a proper reason to deny the user to view or edit all or part of the personal information, the user shall be notified immediately including the reason for the denying.
8.Storage and Usage Period or Personal Information
- 01) The user's personal information is destroyed when the purpose of collection and provision is achieved. However, some personal information regarding payment is stored for a certain period of time according to the laws regarding customer protection in electronic purchases.
- • Records regarding signing and revocation of agreement: 5 years
- • Records regarding payment and shipment: 5 years
- • Records regarding customer dissatisfaction or dispute resolution: 3 years
- • Copy of the user's ID card (or legal representative's ID card): 1 year
- • Agreement of legal representative: 1 year
- • When storage period was previously notified or the user has agreed individually: Period that was notified or agreed
10.Protection of Person Information of Children
Children under the age of 14 must go through the Purpose of Collecting Personal Information and get permission from a parent or a legal representative. The legal representative's agreement is used to resolve customer dissatisfaction or disputes regarding signing or revoking of an agreement, or regarding provision of payment and services. The Company does the following to protect the personal information of children under the age of 14:
- 1. Agreement of legal representative: User registration of children under the age of 14 is done through a different form and requires the agreement of legal representative before personal information is collected. In this case, the legal representative must enter the following information. The Company follows the "protection of personal information policy" set forth by the department of information and communications, and uses the information of the legal representatives to verify the agreement only. – the name of the legal representative, contact information – the resident registration information of the legal representative.
- 2. Notice to legal representative: If needs arise that the legal representative shall be notified of the handling of personal information of children under the age of 14, the Company informs the legal representative according to the "protection of personal information policy" set forth by the department of information and communications.
- 3. Rights of legal representative: The legal representative may request to view, edit, or delete personal information of children under the age of 14, and the Company shall immediately take action upon such request.
11.Protection Policy for Youth
In order to protect user's under the age of 19 from accessing harmful information, the Company plans and executes protection policy for youth. Also, the Company takes the following action to protect the youth from harmful information such as pornographic, unlawful information and unethical and antisocial behaviors.
- • Establish protection policy for youth from harmful information
- • Disallow youths from accessing such harmful information
- • Educate the employees regarding the protection of youths from harmful information
- • Counsel youth in case of damages and/or suffering caused by harmful information
- • Any other actions needed to protect youth from harmful information
12.Rights and Duties of the User
- 01) Enter the latest and accurate personal information to prevent any unnecessary accidents. Any accidents caused by entering inaccurate information are the sole responsibility of the user, and using other person's information or false information may cause the account to be restricted or suspended.
- 02) The user has the right to have his/her personal information protected, and at the same to protect his/her own information as well as not infringe upon other person's information. Please take care to protect personal information such as passwords, and do not deface other person's personal information including postings. The user may be punished to the full extent of the law according to "Act of Promotion of Information and Communication Network Utilization and information Protection" if the user defaces or defames other users.
13. Rights of Notification
This policy was set forth on June 26th, 2009. If there are any additions, deletions, or corrections to this policy, the information will be notified through the home page's notice section at least 7 days before such a change is made.
14. Person in Charge of Personal Information Management
The Company shall make best effort to provide services safely to the users. In case, an accident occurs through the Company's fault, the responsibility is solely upon the person in charge of personal information management. However, in case information or visitor's posting is damaged or leaked due to network risks such as hacking, the Company does not take any responsibility.
The person in charge of personal information management is as follows:
- • Name: Choi Dong Beom
- • Department: Operations Team
- • Position: Senior Manager
- • E-mail: firstname.lastname@example.org
- • Telephone: 02-890-6767
- • Fax: 02-890-6766
15. Counseling and Reporting of Infringement of Personal Information
The Company operates a customer service center to accept feedback from the users regarding personal information and to resolve any complaints.
- 01) Customer Service Center
- • E-mail: email@example.com
- • Telephone: 02-890-6768
- • Fax: 02-890-6766
- • Address: Hone International, Inc., Person in Charge of Personal Information Management, Mario Tower 14th floor 1416, 222-12, Guro 3 Dong, Guro-gu, Seoul, Korea
- 02) In case of any additional counseling regarding personal information, you may consult KISA Personal Information Protection Center (http://www.cyberprivacy.or.kr/), or Cyber Terror Response Center (http://ctrc.go.kr/).