Article 1. Purpose of processing personal information
The company processes personal information for the following purposes. The personal information will not be processed other than the following purpose and, if the purpose of use is changed, necessary measures may be taken, such as obtaining separate consent in accordance with Article 18 of the 「Personal Information Protection Act」, ‘Restriction on Use and Provision of Personal Information for Other Purposes’.
- Free trial service provision and customer management
- The company provides a free trial service for up to two months (hereinafter referred to as 'Trial service') when providing the first service, and handles personal information for smooth service provision.
- During the trial service period, the company may provide service usage and related guides through e-mail or wire communication for smooth service use of users.
- When the user does not want to use the paid service after the trial service, the company provides a partial free service, and accordingly, personal information will be processed for the purpose of user identification and authentication and prevention of illegal use of the service.
- Personal information will be processed for customer management purposes following conversion to paid service (hereinafter referred to as ‘Premium service’).
- When applying for a service introduction or quotation for other services, personal information will be processed for customer guidance and management purposes.
Article 2. Personal information processing and retention period
- The company processes and retains personal information within the period of retention and use of personal information in accordance with laws and regulations or within the period of retention and use of personal information consented when collecting personal information from the information subject.
- Each personal information processing and retention period is as follows.
- A. Records on display and advertisement: 6 months (Act on Consumer Protection in Electronic Commerce, etc.)
- Records on contract and subscription withdrawal: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- Records related to payment and supply of goods, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- Record related to consumer complaints and dispute resolution: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)
- Records on electronic financial transactions: 5 years (Act for Electronic Financial Transactions)
- Books and all documents about transactions in accordance with tax laws: 5 years (Basic act for National Tax)
Article 3. Items of personal information to be collected
1. The company collects and uses the following personal information when applying for the first use of the service to provide customer use, consultation, and various services.
|Purpose of collection and use||Personal information items|
|Organization creation and customer management on the first service use (All required information)||Company Name (Organization Name), Organization ID, Default Language, Country/Region, Date Indication Format, Time Zone, Phone Number (Contact for Person in Charge)|
|Customer management when using trial and free services (All required information)||Company Name (Organization Name), Organization ID, Default Language, Country/Region, Date Indication Format, Time Zone, Phone Number (Contact for Person in Charge)|
|Customer management for using premium services or using paid services (All required information)||Business registration number (or date of birth) other than the above information and information for payment of use (card company, card number, first two digits of card password)|
|Others: When applying for service introduction or quotation for service use||Company name (organization name), company address, number of employees, contact information for person in charge and other service information|
- Furthermore, the following information is collected and used in the process of using services.
- Cookie Information
- Other statistics and usability analysis information
- The company uses information related to statistics and usability for better service. The relevant information will be used only for service improvement and usability analysis.
Article 4. Entrustment of personal information
The company entrusts the following personal information processing tasks for smooth personal information processing.
|Entrusted person (consignee)||Entrusted work|
|나이스페이먼스||Payment for service usage (When using a credit card direct debit payment method)|
|Zendesk||(When managing and responding to customer inquiries)|
- When concluding a consignment contract, in accordance with Article 26 of the 「Personal Information Protection Act」, 'Restriction on processing of personal information due to entrustment of work', the company clearly states in documents such as contracts, responsibilities, such as prohibition of personal information processing other than for the purpose of performing entrusted tasks, technical and administrative protection measures, restrictions on re-entrustment, management, supervision and compensation for consignees and, supervises the trustee for safe handling of personal information.
- If the contents of the entrusted work or the entrusted person is changed, we will disclose it through this personal information processing policy without any delay.
Article 5. Destruction of personal information
- The company destroys the personal information without delay when the personal information becomes unnecessary, such as the expiration of the personal information retention period or achievement of the purpose of processing.
- When the personal information retention period agreed by the information subject has elapsed or the personal information needs to be kept in accordance with other laws despite the achievement of the purpose of processing, the relevant personal information is moved to a separate database (DB) or stored in a different storage location.
- The procedure and method of personal information destruction are as follows.
- Destruction procedure: The company selects the personal information for which the reason for destruction occurred and destroys the personal information with the approval of the person in charge of company's personal information.
- Destruction method: The company destroys personal information recorded and stored in electronic file form so that the record cannot be reproduced, and personal information recorded and stored in paper documents will be destroyed by crushing or incineration.
Article 6. Measures to protect personal information and ensure stability
- The main data and contents of the service are transmitted, processed, and stored on Google Cloud Platform. The company makes the following efforts to prevent loss, theft, leakage, alteration, or damage of users' personal information.
- The user's personal information is transmitted through an encrypted communication section (SSL method), and important information is encrypted and stored.
- The company takes systematic measures to protect users' personal information from forgery, falsification, and unauthorized access.
- The company designates a person in charge of protection (person or department in charge) who can access other users' personal information and establishes and implements an internal management plan.
- However, the company is not responsible for any problems caused by the leakage of personal information such as ID and password due to the user's negligence or problems on the Internet.
Article 7. Person in charge of protection of personal information
The company is responsible for overall handling of personal information and designates a person in charge of personal information as follows to handle complaints and damage relief from information subjects related to personal information processing.
Responsible officer for Personal Information Protection
|Name :|| Shin Dong Soo|
|Position :||Docswave Unit Leader|
|Contact :||+82) 1522-8752|
Article 8. Request for access to personal information
The information subject may file a request to view personal information in accordance with Article 35 of the 「Personal Information Protection Act」 to the following department. The company will make its best to quickly process the personal information access request of the information subject.
Department for personal information access request reception, processing
Department Name : Business Department
Contact : +82) 1522-8752
Email : firstname.lastname@example.org
Article 9. Remedies against Infringement of Rights
The information subject may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, Korea Internet & Security Agency's Personal Information Infringement Report Center. In addition, for other personal information infringement reports and consultations, please contact the following organization.
The company guarantees the information subject's right to self-determination of personal information and strives for counseling and damage relief due to personal information infringement and, when you need a report or consultation, please contact the department in charge below.
Customer consultation and reporting related to personal information protection
Department Name: Business Department
Contact: +82) 1522-8752
Regarding requests under the provisions of Article 35 ‘Access to Personal Information’, Article 36 ‘Correction and Deletion of Personal Information’ and Article 37 ‘Suspension of Personal Information Processing, etc.’ of the 「Personal Information Protection Act」, a person whose rights or interests have been infringed due to a disposition or omission taken by the head of a public institution may file an administrative appeal in accordance with the Administrative Judgment Act.
|Central Administrative Judgment Committee||(Without area code) 110 ||www.simpan.go.kr|
- The company may, if necessary, change this personal information processing policy to the extent that it does not violate the relevant laws and regulations. When the personal information processing policy is changed, the company will notify the change from 7 days before the effective date to the effective date. However, if there is a significant change in the user's rights, it will be notified 30 days prior to the effective date and notified by email to the email address registered by the user or sending a notification message within the service.