Privacy Policy

CYCLOPS Co., Ltd. (the “Company”) values and puts its best efforts in protecting safely the information of Users and complies with applicable laws and regulations including the ‘Privacy Protection Act’ and the guidelines of government. The Company establishes this privacy policy (the “Privacy Policy”), protects the personal information (the “Personal Information”) of the members (the “Members”), and expressly sets forth this in the homepage and informs the usage and method to use the Personal Information provided to the Company by the Members in online and which measures the Company will take for the protection of the Personal Information.  

Article 1. Collection Method and Use of Personal Information 

A. Method of Personal Information collection

The Company collects the Personal Information in the following ways:

  1. homepage, mobile application, mobile webpage, written form, fax, telephone, customer center inquiries and event entry; and
  2. automatic collection through tools for collection of generated information.

B. Collection and Use of Personal Information

The Company collects the Personal Information for the following purposes:

  1. Service Membership and Use Management

The Company processes the Personal Information for the purpose of check of intent to become a member, self- identification/verification, maintenance of User qualification, prevention of wrongful use of service, check of legal representative’s consent while collecting the Personal Information of minor under 19, various notification and notice related to the service use, record retention for grievance treatment and dispute mediation, etc.

  1. Handling of Office Work of Civil Complaints  

Check of personal background of person filing a complaint, check of matters of a complaint, contact and notice for factual investigation, notice of result of treatment, etc.

  1. Provision of Goods or Services

The Company processes the Personal Information for the purpose of provision of service, sending of written contract and invoices, provision of contents, provision of customized service, self-authentication, age-verification, settlement and calculation of fees, debt collection, etc.

  1. Utilization in Marketing and Advertisement

The Company processes the Personal Information for the purpose of new service (product) development and provision of customized service, provision of events, advertising information and participation opportunity, provision of service and post of advertisement depending on the demographic characteristics, check of effect of services, identification of connection frequency, statistics of Members’ service use, etc. 

C. Effect and Modification of Privacy Policy

  1. This Privacy Policy of the Company may be revised due to the modification of the laws and guidelines on the ‘Privacy Policy’ or internal operational policy of the Company. 
  2. If this Privacy Policy is modified, such modification will be notified in the bulletin board, email or other method under the obligation to give a notice as set forth in Clause SS. 
  3. Modified matters may be checked by visiting the homepage and, if you have any inquiries thereon, you may make an inquiry through the Customer Center at any time. 
  4. The provision of Personal Information in the Terms and Conditions prevails over the one of the Privacy Policy. 

Article 2. Items of Personal Information to be Collection and Method of Collection 

  1. The Company does not collect any sensitive information of the User which may infringes on basic human rights (including race, ethnicity, thought and belief, hometown and family registration place, political inclination, crime record, and health condition) unless otherwise consented by the Member or stated in the laws and regulations. 
  2. Collected Personal Information is processed and retained not beyond the period of use/retention of the Personal Information as required by the laws or consented by the principal of Personal Information while collecting the Personal Information. 
  3. The Company may collect and use the Personal Information including text, image and voice. The details of the information collected by the Company and retention period of the information are as follows: 

A. Purpose of Collection and Use and Items to be Collected 

Type 

Purpose of Collection and Use 

Items for Collection and Use

Member identification (Membership)

1) Member identification and adult identification

2) Provision of Member service

3) Notification of service use

4) Consulting and handling of civil complaint of service use

5) Check and prevention of wrongful use

[User Members]

Nationality, account information (nickname, ID and password), name, birth date, sex, email, address, and telephone number (for some countries)

 

[Seller Members]

1) Individuals

 – Copy of resident registration certificate

(issuance of tax invoice under Article 32 of the Value Added Tax Act), account number, bank name, and profile related selective information (copy of license, graduation certificate and employment certificate)

2) Entrepreneurs (Individual/corporate entity)

– Type of corporation, company name, corporate registration certificate, registered seal certificate of representative or corporate entity, mail order business report certificate, and profile related selective information (copy of license, graduation certificate and employment certificate) 

3) Minors under 19

– Name, birth date, sex, email, address, telephone number, and legal representative’s consent letter 

Order/Settlement

1) Settlement and refund for ordered goods

2) Notification of guides of details of contract and order

3) Check and prevention of wrongful use

[Collection under selection of payment means]

1) Credit card: Name of card company, card number and expiration date

2) Account transfer: Bank name and account number

3) Deposit without bankbook: Bank name and account number

4) Mobile phone: Mobile phone number and name of telecom company

5) Information of cash receipt issuance: Mobile phone number, information of cash receipt card, and resident (corporate registration) number

Cancellation/Refund

 

Accountholder name, bank name, and account number

Service use record

1) Quality control including analysis of statistics of service use record

2) Compliance with legal obligations for consumer protection

3) Management of check and prevention of wrongful use

4) Mediation of dispute between members

5) Check of information of sending for sending goods (giveaway)

1) Record of use of cookies and service (including visiting date, IP, and poor use record), and device information (including unique device identification value, and OS version)

2) IP address, cookies, connection date, mobile device information (UDID, advertisement identifier, etc), message ID, record of safe number service use (voice recording), and record of other service use

Calculation

1) Calculation of sales payment

2) Issuance of tax invoices

Type of business, item, email for issuance of e-tax invoice, and business office or contact of person in charge

Marketing

1) Marketing for User

2) Provision of customized information
3) Statistics and survey questionnaire of service use

E-mail, contact (mobile phone number), sex, other service use and transaction record, occupation and business area

B. Retention and Use Period

The Company continues to retain the Personal Information of Users when the Users continue use the services and uses for providing the services. 

The Personal Information of Users will be destructed in a way that such Personal Information will not be regenerated when the purpose (including temporary purpose including survey and event) of the collection and use of such Personal Information is achieved and the Members withdraw from membership: provided that, if there is a request for prevention of misuse and abuse of Users’ rights, dispute on right infringement/reputation damage and cooperation in investigation, the Company may retain the Personal Information of Users for 1 year from the withdrawal date of Users in preparation for reoccurrence. If necessary for preservation under applicable laws and regulations including the ‘Commercial Act’ and ‘Act on Consumer Protection in E-Commerce’, the Company will retain the member information for certain period as prescribed in applicable laws and regulations. In such event, the Company uses retained information only for the purpose of retention, and the retention periods are as follows:  

Classification

Ground and Reason of Retention 

Retention Period

Retention of information under internal policy of the Company

Prevention of wrongful use, and re-subscription of poor member, and cooperation in dispute on defamation and right infringement and investigation 

1 year after withdrawal of membership

Record of withdrawal of contract or subscription

Act on Consumer Protection in E-commerce

5 years

Record of payment and supply of goods

Act on Consumer Protection in E-commerce

5 years

Record of member complaints or dispute treatment

Act on Consumer Protection in E-commerce

3 years

Record of self-verification 

Act on Promotion of Communication Network Use and Information Protection 

1 year 

Record of visit

Act on Promotion of Communication Network Use and Information Protection

3 months

C. Miscellaneous

  1. The Company allows any person over 14 to become a member, and the Personal Information of children under 14 necessary for the consent of legal representative for collection and use of the Personal Information will not be collected, in principle: provided that, if obtaining consent of legal representative, the Company may collect and use the Personal Information of a Member under 14 and, in such event, the Company may additionally collect the name, birth date, mobile phone number, email address, and self-verification value (CI, DI) of the legal representative. 
  2. The Company collects, analyzes and utilizes for providing better service to the Members legally disclosed information, service use record (log) and metadata of Members without any restriction on disclosed purpose or subject in the web. In particular, the Company may provide the Members with the customized service to the interest of the Members, provide advertisement suitable to the area of interest of Members as a marketing, and provide opportunities of event participation. The Company will not provide or share with a 3rd party the information collected like this. 
  3. The person voluntarily disclosing his/her Personal Information and posts in the course of service use provided by the Company shall be responsible for the rights and responsibility. 
  4. Any information voluntarily disclosed is not likely to be protected and may be collected and processed by unauthorized others, and please be informed that the person voluntarily disclosing his/her Personal Information will be liable for the loss or problem incurred from such collection and processing. Please be cautious to ensure that the Personal Information will not be disclosed in the course of using the services. 

Article 3. Sharing and Provision of Personal Information

The Company uses the Personal Information of Users within the scope of purpose of collection and use of the Personal Information and does not use or disclose/provide to outside beyond such scope except for the following cases: 

  1. When the Member consents to provide or share with a 3rd party such Personal Information in advance; and 
  2. When it is required by the laws, regulations or required for the purpose of investigation by an investigation agency under the process and method as prescribed in laws and regulations.

 

Article 4. Consignment of Personal Information Processing   

The Company consigns and operates the business of Personal Information processing as follows in order to carry out smooth business including user service management and handling of civil complaints. In addition, while entering into a consignment agreement, the Company clearly sets forth the compliance with applicable laws and regulations for privacy protection, prohibition of supply of the Personal Information to a 3rd party, and bearing responsibilities in case of accidents in order to secure the safety of privacy protection. 

A. Present Condition of Consignment of Personal Information processing for Domestic Services

Person accepting consignment (Consignee)

Description of consigned duties 

PayLetter Co., Ltd. 

Settlement processing of credit card, account transfer, and virtual account, issuance of cash receipt, etc.

B. Present Condition of Consignment of Personal Information processing for Overseas Services

Person accepting consignment (Consignee)

Description of consigned duties

AWS (Amazon Web Services Inc.)

Management of infra for storing data and providing services

Article 5. Procedure and Method of Destruction of Personal Information

In principle, the Company destructs the Personal Information immediately after the purpose of its collection and use is achieved without delay. 

A. Process of Destruction and Separate Storage

  1. After achieving the purpose, the information entered by the users for membership application will be moved to and maintained in a separate DB (in case of hard copies, in a separate file box) for certain period of time and destructed thereafter for the reason of information protection in accordance with internal policy and other applicable laws and regulations. 
  2. Unless required by the law, the Personal Information moved to a separate DB will not be used for the other purposes and, if the Personal Information is consigned to a 3rd party, the destruction of such Personal Information will be also directed to the consignee. 

B. Method of Destruction 

  1. The Company destructs hard copies of the Personal Information by shredding with a pulverizer or incinerating them.
  2. The Company deletes the Personal Information stored in the form of electric file by using technological method that makes that information not to be regenerated.

C. Destruction of Personal Information of Dormant Users

  1. For the User who has not used the Services for 1 year, in order to protect the Personal Information of Users under Article 29 of the ‘Information Communications Network Act’, the Company will destruct or store and manage after separating the Personal Information after giving a prior notice to the User: provided that, if a separate period is prescribed in other laws and regulations, the Company will store the Personal Information of Members for such period. 

Article 6. Rights and Method of Exercise of Rights of Users and Legal Representatives

The Company protects the rights of Users and Legal Representatives as follows: 

  1. Users and Legal Representatives may make an inquiry on and make corrections in their Personal Information at any time. 
  2. Users and Legal Representatives may request for withdrawal (cancellation) of consent to the provision of the Personal Information at any time. 
  3. The Company guarantees the statutory right of Legal Representative of the minor under 19 (Legal Representative’s rights to request for access, correction/deletion, suspension of processing of the Personal Information of the minor under 19).
  4. Upon User’s correction of the Personal Information, the Personal Information of the User will not be used or provided until such correction is completed for the use and provision of correct Personal Information. If such Personal Information has been already provided to a 3rd party, the Company will immediately inform to the person receiving such Personal Information without delay so that the correction thereof will be made. 
  5. Any exercise of these rights may be made not only by the User, User’s Legal Representative but also through the agent including the delegated person. In such event, additional documents (including evidentiary materials and power of attorney for self-verification) as required by the Company. 

   

Article 7. Installation, Operation and Rejection of Automatic Collection Device of Personal Information

In order to provide customized services, the Company uses ‘Cookie’ which stores and frequently brings in the use information. 

Cookie means a small text file which the server used for operation of the Company’s website sends to the User’s browser, and such file will be stored in the hard disk of the User’s computer. Cookie identifies the User’s computer but does not identify the User individually. 

  1. Purpose of Use of Cookies

The Company uses the Cookies for the following purposes: 

  1. Keep the service use environment set by the User and provide convenient internet service; and
  2. Analyze the manner of visit and use of the User and provide optimized services.
  3. Method of Rejection to Set of Cookies

Users have an option to installation of cookies. Thus, the users may allow all the cookies by setting the option in web browser, make the cookies to be checked whenever it is stored or reject to the storage of any cookie. However, in order to connect to the homepage of the Company and use services, the users shall allow cookies and, otherwise, the users may have difficulty in using the services of the Company.

  1. Rejection to set Cookie in Internet Explorer: ‘Tool’ menu on the top of web browser 🡪 Internet Option 🡪 Personal Information 🡪 Advanced Setting
  2. Rejection to set Cookie in Chrome: ‘Setting’ menu in the right of web browser 🡪 ‘Advanced Setting’ at the bottom of screen 🡪 Personal Information and Security 🡪 Site Setting 🡪 Cookie and Site Data 

Article 8. Technical/Managerial Measures for Personal Information Protection

The Company limits the number of persons from the Company in charge of Personal Information processing to the minimum under Article 29 of the Privacy Protection Act and ensures that such persons are well aware of the importance of privacy protection through managerial measures including education for such persons along with technical measures. 

A.  Technical Measures

  1. The password of member account is to be encoded and stored to ensure that such password is known only by the Member him/herself, and the conformation and changes in the Personal Information required for account login will be available only to him/her who knows relevant ID and password.
  2. The Company frequently makes backup the data in preparation for the damage of the Personal Information, uses cutting edge vaccine program and prevents the leakage or damage of the Personal Information or data of Users caused by computer virus. 
  3. For settlement and payment, the Company adopts security devices to ensure that the Personal Information will be safely transmitted in the network.  
  4. The Company carries out continuous security intensification through analysis of and measures to be taken for internal/external weakness for each server in preparation of external invasion including hacking. 

B. Managerial Measures

The Company minimizes the number of persons authorized to access to the Personal Information of Users and such persons are as follows: 

  1. person carrying out the privacy protection duties including the ones responsible for and in charge of such duties; 
  2. person carrying out marketing duties by working directly with the Members; and
  3. person inevitably handling the Personal Information in his or her duties. 
  4. The Company conducts regular internal educations on acquisition of new security technologies and the privacy protection obligations for its employees handling the Personal Information. By collecting security declaration at the time of employment, the Company prevents leakage of information by persons and prepares internal process in order to monitor the matters performed for the rules of privacy protection and whether the employees comply with such rules. 
  5. The Company is not responsible for any Personal Information problem arising out of the mistake of Members without the fault of the Company. In order to protect his or her own Personal Information, the Member shall properly manage his or her ID and password and be responsible therefor.  

 

Article 9. Contact Information of Persons Responsible and in Charge of Privacy Protection 

The Company designates a person responsible for privacy protection who is responsible for general duties of Personal Information handling for handling complaints of the principal of such Personal Information and remedy for damage. Such person shall be fully responsible for any accident caused by the violation of the matters noticed to the Members in protecting the Personal Information. However, the Company is not responsible for the damage of information caused by unforeseeable accidents arising out of the danger in basic network including hacking and various disputes from the posts prepared by the visitors even though the Company takes technical supplementary measures. The person responsible for privacy protection is as follows and he promptly and faithfully respond to any inquiries on the Personal Information: 

Name

Yoonkyu Park

Position

The director of headquarters

Name of Dept.

publ business headquarters

Contact

+82-2-6463-0777

E-mail

contact@publ.biz

Article 10. Method of Remedy for Infringement on Right or Interest 

The following agencies are independent from the Company and, if necessary for report or consultation of infringement of the Personal Information, please contact the Report Center of Personal Data Infringement of KISA. In addition, if you are incurred any monetary or mental damage from any infringement on the Personal Information, you may file an application for remedy for damage with the Personal Information Dispute Mediation Committee.   

A. Information of Agencies

Agencies for Inquiries

Contact

Homepage

Report Center of Personal Data Infringement

118 without local code

https://privacy.kisa.or.kr/

Personal Information Dispute Mediation Committee

1833-6972 without local code

https://www.kopico.go.kr/

Cyber Crime Investigation Team of the Supreme Prosecutor’s Office

1301 without local code

http://www.spo.go.kr/

Cyber safety guard of the National Police Agency

182 without local code

https://www.police.go.kr/

B. Measures for Stolen Personal Information

If it is discovered that the User steals others’ Personal Information in order to become a member, the Company will take necessary measures including suspension of service use or withdrawal of membership for relevant ID without delay. In such event, as a method for self-verification of the User asserting the theft of the Personal Information, the verification service of resident registration certificate executed by the e-government is to be used. 

Article 11. Obligation of Notice

  1. This Policy may be added, deleted, or amended when the policy of the government or the Company is modified and, in such event, the Company will give a prior notice through its homepage or email at least 7 days prior to execution and, if such prior notice is difficult, the Company will announce it without delay: provided that, upon material changes in the right of Users including collection and utilization of the Personal Information and provision to a 3rd party, the Company will give 30 day notice. 
  2. The User may reject to consent if he or she does not want the matters as described above in terms of the collection, use, provision and consignment of the Personal Information: provided that, if the User rejects to consent, the User may not use the entire or the part of the services. 
  3. Should the User fail to clearly express its intent to reject until the application date of modification as guided by the Company through the notice of details of modification, the User shall be deemed to have consented to the details of such modification.  
  4. In addition, in cases where there is an addition and modification of the details related to the matters requiring a separate consent of the User including collection and utilization of the Personal Information and provision to a 3rd party under applicable laws and regulations including the ‘Act on Promotion of Communication Network Use and Information Protection’, the Company will obtain a separate consent from the User under applicable laws and regulations. 

Addenda

. Version No.: v. 20211007

. Announce date: Oct. 07, 2021

. Execution date: Oct. 07, 2021 

  •