INCEN KOREA Co., Ltd. (hereinafter referred to as Company) complies with the personal information protection regulations of relevant laws and regulations to be followed by information and communication service providers, including the Act on the Promotion of Information and Communication Network Use and Information Protection, Personal Information Protection Act, Communication Secret Protection Act, Telecommunication Business Act, and others. INCEN KOREA Co., Ltd. is doing the best to protect the rights of users by establishing a Privacy Policy in accordance with the law.
The Company will inform you about the purpose and method of using the personal information you provide us on the Privacy Policy and what measures are taken to protect your personal information.
Effective Date : March 27, 2023
I. COLLECTING METHOD AND ITEMS OF PERSONAL INFORMATION
Items of Collected Personal Information
Collection of Essential Information: The Company collects user ID, password, name, date of birth, gender and contact information upon registration.
Collection of Optional Information: In order to provide better services, the Company collects additional information as optional. There are no further restrictions on the use of the service even if you do not enter optional information.
Collecting Method of Personal Information
The Company collects personal information in the following process.
Website, mobile web pages, mobile applications, customer center (in writing, fax, phone, email), from affiliated partners and through a specified collecting tool.
Processing of Unique Identification Information
The Company collects personal information in the following process.
Unique identification information is the information prescribed by Presidential Decree of Article 24 (1) of the Personal Information Protection Act and Article 19 of the Enforcement Decree of the Personal Information Protection Act. It refers to the resident registration number, passport number, driver's license number, alien registration number.
The Company collects and processes unique identification information for the following purposes.
Obligations to Use Transaction and Payment Services
Public Charge and Tax Imposed on Spot Prize Winners
Complaint Handling and Management
The collected personal information is not used or provided for any purpose other than the purpose of collecting personal information , except as otherwise provided by the Personal Information Protection Act and other laws .
II. PURPOSE OF COLLECTING AND USING PERSONAL INFORMATION
Contract Execution By Service Provision And Settlement Fees by Service
Providing Content, Providing Specific Custom Services, Shipping Items or Invoices, Identity Verification, Purchase and Billing, and Collection Fees
Membership Management
Provision of membership services, personal identification, restrictions on members who violate the terms of use, sanctions for disrupting the smooth operation of the service and sanctions of misuse of the service, confirmation of membership intention, restriction on the number of subscriptions and subscriptions, Confirmation of consent of legal representative when collecting personal information of children under 14 years old, Confirmation of consent of legal representative when payment of minors under 19 years old, Confirmation of verifying legal representative, keeping record for dispute settlement, complaint handling, delivering disclaimer, confirmation of membership withdrawal.
New Service Development And Utilizing Marketing & Advertisement
Development of new services and provision of customized services, provision of services and advertisements according to statistical characteristics, validation of services, provision of event information and participation opportunities, provision of advertising information, identifying user access frequency, statistics of the use of services by members.
III. SHARING AND PROVIDING OF PERSONAL INFORMATION
The Company shall use the personal information of the users within the statement in "II. Purpose of Collecting and Using Personal Information", and without the prior consent of the user, the Company will not use it beyond the scope or disclose the user's personal information to the outside in principle. In case, the following cases are handled with an exception.
User Agreement in Advance
In case if a situation in which personal information is shared or provided to other sites separately for the purpose of providing the service occurs, the company will notify the member in advance or obtain the consent in accordance with the ‘Act on the Promotion of Information and Communication Network Use and Information Protection’, and the Company’s Privacy Policy.
In case of providing personal information for each service and providing personal information according to events, or If there are difficulties in revising the privacy policy due to various service alliances and events, the member may check the details of service provision and event provision through the 'Privacy Policy' on the website and each service page.
In case of providing personal information to the external content provider(s) for the purpose of participating event(s), product payment, advertisement and others in each service, the user voluntarily provides his / her personal information to a third party in order to use the service. In this case, the Company will notify the user in advance of the person who receives the personal information, the purpose of providing the personal information, the items of personal information provided, and the period of retention and use of the personal information provided, and obtain explicit and individual consent.
If there is a request from the investigating agency in accordance with the procedures and methods specified for the purpose of investigation under the laws and regulations, we may cooperate for the situation.
IV. CONSIGNMENT OF PROCESSING OF PERSONAL INFORMATION
The Company entrusts personal information as below to improve service, and regulates the necessary matters so that personal information can be safely managed in the consignment contract according to related laws.
The Company's personal information consignment processing agency and its tasks are as follows.
INCEN KOREA Co., Ltd. – Platform Operating and monitoring, Software maintenance
Sejong Telecom Co., Ltd. – Sending Message, Identifying Authentication, Product Payment (Face-to-Face, Non-Face-to-Face), and collection fees
For some services, external content operators may contact you about payments and refunds.
V. RETENTION AND USE PERIOD OF PERSONAL INFORMATION
User personal information is destroyed without delay when the purpose of collecting and using personal information is achieved. The following information will be preserved based on the provisions of Article 29 of the Act on the Promotion of Information and Communication Network and Information Protection, etc. during the specified retention period. In this case, in order to comply with Article 21 (3) of the Personal Information Protection Act, it is stored in a separate safe storage space separate from the existing storage space.
Reasons For Information Retention by Company Internal Policy
Reason for retention: Preventing confusion and fraudulent use of services, such as resolving consumer complaints and disputes when a member withdraws from membership
Preserving Items : User ID, User’s Identity Data (CI, DI)
Retention Period: 6 months
Reasons For Information Retention According to Related Laws
In case the need of preserving it according to the provisions of related laws such as the law on consumer protection in commercial law, e-commerce, etc., the company keeps the member information for a certain period of time. In this case, the Company shall use the information kept only for the purpose of the storage, and during the retention period according to the reasons specified in the reason for retention, and the personal information of the user will be destroyed without delay when the retention period ends.
Reasons to keep records regarding contract or withdrawal of subscription: Act on Consumer Protection in Electronic Commerce (Retention period: 5 Yrs)
Reasons for preservation of records concerning payment and supply of goods and others: Retention period for consumer protection in electronic commerce, and others. (Retention Period : 5 Yrs)
Reasons for Preservation of Records Related to Electronic Financial Transactions: Electronic Financial Transactions Act (Retention Period : 5 Yrs)
Reasons for preservation of records concerning consumer complaints or disputes: Act on Consumer Protection in Electronic Commerce, and others ( Rentention Period : 3 Yrs)
Reasons for Preserving Website Visits: Protection of Communications Secrets Act (Retention Period: 3 Mo.)
VI. DISPOSAL PROCESURE AND METHOD OF PERSONAL INFORMATION
User's personal information will be disposed of without delay once the purpose of collecting and using personal information is achieved. However, the information to be kept by other laws shall be destroyed immediately after separate storage for a certain period determined by the law.
Disposal Procedure
If the purpose of collecting and using the user's personal information is achieved, it will be destroyed without delay. If it should be kept according to other laws, it will be transferred to a separate DB and stored safely for a period of time in accordance with the related laws and internal regulations and destroyed without delay.
The personal information will not be used for any purpose other than the purpose of retention, except as specified in the law.
Disposal Method
Personal information printed on paper is disposed of shredding or incineration.
Personal information stored in the form of electronic files is deleted using technical methods that cannot reproduce the record.
Validity Period of Personal Information (Dormant Account Policy)
Personal information of a dormant user who has no service usage records for one year is stored and managed separately from the user's personal information. In case if requested by the dormant service user, personal information will be provided again when the service is resumed.
The Company will notify the users 30 days prior to the transition to the dormant account by email or other methods.
Separately stored personal information will not be used or provided unless otherwise specified in the legislation. In addition, personal information stored separately will be disposed of without delay after a certain period of time specified in the relevant laws and regulations, and the user will be notified to the user by e-mail 30 days prior to the time of destruction.
VII. Rights of Users and Legal Representatives and Method of Exercise of Rights
Users and legal representatives may view or modify the personnel and the personal information of their registered children under the age of 14 at any time, and in case of disagree to the processing of the company's personal information, they may refuse to accept the agreement or request termination of membership (withdrawal of membership). In such cases, however, some or all of the Services may be difficult to use.
Users may edit the personal information and the children under 14 years old by selecting 'Change Personal Information' (or Modify Member Information). In case of canceling the membership (withdrawal of consent), the user may view, correct or withdraw directly after going through the verification process in order to select "Withdrawal of membership". In case you contact the personal information officers by phone or email, the Company will proceed to your request without delays.
In case if a user requests correction of personal information, the personal information will not be used or provided until the correction is completed. In addition, if incorrect personal information has already been provided to a third party, the Company will notify the third party of the result of the correction so that the correction can be processed properly.
The Company processes the personal information that has been terminated or deleted at the request of the user or legal representative as described in "5. Period of Retention and Use of Personal Information" and shall not be viewed or used for any other purpose.
VIII. Installation & Operating System of Auto-Collecting Personal Information, and Matter of Rejection
What is a Cookie?
The Company uses 'cookies' that store and retrieve the user's information from time to time to provide personalized and customized services.
Cookies are tiny text files that a website server sends to your browser and are stored on your computer's hard disk. After that, when you visit the website, the web server reads the contents of the cookies stored on your hard disk and is used to maintain your preferences and provide you with personalized services.
Cookies do not automatically or actively collect information that personally identifies the user, and user may refuse or delete these cookies at any time.
Purpose of Use of Cookies
It is used to provide optimized and customized information including advertisements to users by grasping the types of visits and usage of the services and websites visited by users, popular search terms, secure access, news editing, and user size.
Installation of Cookies, Operation and Rejection
User has an option to install cookies. User may allow all cookies on a web browser, or it may check every time a Cookie is saved, or user may refuse to store all cookies.
In case if user refuses to store cookies, some services that require login process may not be available.
Here's how to specify whether cookies are allowed (based on Internet Explorer):
① Select [Internet Options] from the [Tools] menu.
② Click the [Personal Information Tab].
③ Set the [Processing Level of Personal Information].
IX. Technical And Management Protection Measures
The Company takes the following technical and managerial measures to ensure safety in processing personal information of users so that personal information is not lost, stolen, leaked, altered or damaged.
Password Encryption
The password of user ID is being encrypted and stored for the management. Managing and access to the personal information can only be done by the user who knows the password.
Protection Against Hacking
The Company does its best to prevent user's personal information from being leaked or damaged by hacking or computer viruses. The Company regularly back up the data to protect the personal information based on the latest vaccine program. In addition, through encrypted communication, personal information can be transmitted securely over the network. In addition, we use intrusion prevention system to control unauthorized access from the outside, and we try to equip all possible technical devices to secure security systematically.
Assigning Security Roles And Officer
Employees related to personal information are limited to the person in charge and are regularly updated by assigning a separate password for the matters. The Company always emphasize the compliance of the personal information processing policy through on-the-job training of the person in charge.
Operation of Personal Information Protection Organization
Through the Company's internal personal information protection organization, the Company does regular check-ups for the implementation of the personal information processing policy and the compliance of the person in charge. On the other hand, despite the Company's duty to protect the user’s personal information, the Company shall not be held liable for any damages that are not attributable to the Company, such as negligence of the user or accidents in areas not controlled by the Company.
X. Contact Information for Personal Information Protection Officer and Responsible Personnel
You can report any privacy complaints arising from the use of the Company's services to the Privacy Officer or the responsible department. The company will promptly and fully respond to the report of users.
While using the company's services, you can report any concerns related to personal information protection to the personal information protection officer or the responsible department. The company will provide prompt and sufficient responses to users' reports.
Personal Information Dispute Resolution Committee ( www.kopico.go.kr , Phone 1833-6972)
Privacy Infringement Report Center ( privacy.kisa.or.kr / 118 without prefix)
Supreme Prosecutors' Office Cyber Crime Investigation Unit ( www.spo.go.kr / 02-3480-3571)
National Police Agency Cyber Bureau ( cyberbureau.police.go.kr / 182 without prefix)
Youth Information Safety Net Green i- Net ( www.greeninet.or.kr / 02-523-3566)
XI. Others
The Company may provide you with links to other companies' websites or materials. In this case, the Company has no control over the external sites and materials, and so the Company may not be held responsible or guarantee the usefulness of the services or materials provided therefrom.
* Duty of Notice
This Privacy Policy shall be notified through the 'Notice' on the website at least 7 days before the enforcement of the Privacy Policy that is changed in the event of the addition, deletion, or modification of contents in accordance with the change of the regulations or the security technology.
Privacy Policy Version No.: 1.0.0
Privacy Policy Effective Date: March. 27, 2023
The Company will inform you about the purpose and method of using the personal information you provide us on the Privacy Policy and what measures are taken to protect your personal information.
Effective Date : March 27, 2023
I. COLLECTING METHOD AND ITEMS OF PERSONAL INFORMATION
Items of Collected Personal Information
Collection of Essential Information: The Company collects user ID, password, name, date of birth, gender and contact information upon registration.
Collection of Optional Information: In order to provide better services, the Company collects additional information as optional. There are no further restrictions on the use of the service even if you do not enter optional information.
Collecting Method of Personal Information
The Company collects personal information in the following process.
Website, mobile web pages, mobile applications, customer center (in writing, fax, phone, email), from affiliated partners and through a specified collecting tool.
Processing of Unique Identification Information
The Company collects personal information in the following process.
Unique identification information is the information prescribed by Presidential Decree of Article 24 (1) of the Personal Information Protection Act and Article 19 of the Enforcement Decree of the Personal Information Protection Act. It refers to the resident registration number, passport number, driver's license number, alien registration number.
The Company collects and processes unique identification information for the following purposes.
Obligations to Use Transaction and Payment Services
Public Charge and Tax Imposed on Spot Prize Winners
Complaint Handling and Management
The collected personal information is not used or provided for any purpose other than the purpose of collecting personal information , except as otherwise provided by the Personal Information Protection Act and other laws .
II. PURPOSE OF COLLECTING AND USING PERSONAL INFORMATION
Contract Execution By Service Provision And Settlement Fees by Service
Providing Content, Providing Specific Custom Services, Shipping Items or Invoices, Identity Verification, Purchase and Billing, and Collection Fees
Membership Management
Provision of membership services, personal identification, restrictions on members who violate the terms of use, sanctions for disrupting the smooth operation of the service and sanctions of misuse of the service, confirmation of membership intention, restriction on the number of subscriptions and subscriptions, Confirmation of consent of legal representative when collecting personal information of children under 14 years old, Confirmation of consent of legal representative when payment of minors under 19 years old, Confirmation of verifying legal representative, keeping record for dispute settlement, complaint handling, delivering disclaimer, confirmation of membership withdrawal.
New Service Development And Utilizing Marketing & Advertisement
Development of new services and provision of customized services, provision of services and advertisements according to statistical characteristics, validation of services, provision of event information and participation opportunities, provision of advertising information, identifying user access frequency, statistics of the use of services by members.
III. SHARING AND PROVIDING OF PERSONAL INFORMATION
The Company shall use the personal information of the users within the statement in "II. Purpose of Collecting and Using Personal Information", and without the prior consent of the user, the Company will not use it beyond the scope or disclose the user's personal information to the outside in principle. In case, the following cases are handled with an exception.
User Agreement in Advance
In case if a situation in which personal information is shared or provided to other sites separately for the purpose of providing the service occurs, the company will notify the member in advance or obtain the consent in accordance with the ‘Act on the Promotion of Information and Communication Network Use and Information Protection’, and the Company’s Privacy Policy.
In case of providing personal information for each service and providing personal information according to events, or If there are difficulties in revising the privacy policy due to various service alliances and events, the member may check the details of service provision and event provision through the 'Privacy Policy' on the website and each service page.
In case of providing personal information to the external content provider(s) for the purpose of participating event(s), product payment, advertisement and others in each service, the user voluntarily provides his / her personal information to a third party in order to use the service. In this case, the Company will notify the user in advance of the person who receives the personal information, the purpose of providing the personal information, the items of personal information provided, and the period of retention and use of the personal information provided, and obtain explicit and individual consent.
If there is a request from the investigating agency in accordance with the procedures and methods specified for the purpose of investigation under the laws and regulations, we may cooperate for the situation.
IV. CONSIGNMENT OF PROCESSING OF PERSONAL INFORMATION
The Company entrusts personal information as below to improve service, and regulates the necessary matters so that personal information can be safely managed in the consignment contract according to related laws.
The Company's personal information consignment processing agency and its tasks are as follows.
INCEN KOREA Co., Ltd. – Platform Operating and monitoring, Software maintenance
Sejong Telecom Co., Ltd. – Sending Message, Identifying Authentication, Product Payment (Face-to-Face, Non-Face-to-Face), and collection fees
For some services, external content operators may contact you about payments and refunds.
V. RETENTION AND USE PERIOD OF PERSONAL INFORMATION
User personal information is destroyed without delay when the purpose of collecting and using personal information is achieved. The following information will be preserved based on the provisions of Article 29 of the Act on the Promotion of Information and Communication Network and Information Protection, etc. during the specified retention period. In this case, in order to comply with Article 21 (3) of the Personal Information Protection Act, it is stored in a separate safe storage space separate from the existing storage space.
Reasons For Information Retention by Company Internal Policy
Reason for retention: Preventing confusion and fraudulent use of services, such as resolving consumer complaints and disputes when a member withdraws from membership
Preserving Items : User ID, User’s Identity Data (CI, DI)
Retention Period: 6 months
Reasons For Information Retention According to Related Laws
In case the need of preserving it according to the provisions of related laws such as the law on consumer protection in commercial law, e-commerce, etc., the company keeps the member information for a certain period of time. In this case, the Company shall use the information kept only for the purpose of the storage, and during the retention period according to the reasons specified in the reason for retention, and the personal information of the user will be destroyed without delay when the retention period ends.
Reasons to keep records regarding contract or withdrawal of subscription: Act on Consumer Protection in Electronic Commerce (Retention period: 5 Yrs)
Reasons for preservation of records concerning payment and supply of goods and others: Retention period for consumer protection in electronic commerce, and others. (Retention Period : 5 Yrs)
Reasons for Preservation of Records Related to Electronic Financial Transactions: Electronic Financial Transactions Act (Retention Period : 5 Yrs)
Reasons for preservation of records concerning consumer complaints or disputes: Act on Consumer Protection in Electronic Commerce, and others ( Rentention Period : 3 Yrs)
Reasons for Preserving Website Visits: Protection of Communications Secrets Act (Retention Period: 3 Mo.)
VI. DISPOSAL PROCESURE AND METHOD OF PERSONAL INFORMATION
User's personal information will be disposed of without delay once the purpose of collecting and using personal information is achieved. However, the information to be kept by other laws shall be destroyed immediately after separate storage for a certain period determined by the law.
Disposal Procedure
If the purpose of collecting and using the user's personal information is achieved, it will be destroyed without delay. If it should be kept according to other laws, it will be transferred to a separate DB and stored safely for a period of time in accordance with the related laws and internal regulations and destroyed without delay.
The personal information will not be used for any purpose other than the purpose of retention, except as specified in the law.
Disposal Method
Personal information printed on paper is disposed of shredding or incineration.
Personal information stored in the form of electronic files is deleted using technical methods that cannot reproduce the record.
Validity Period of Personal Information (Dormant Account Policy)
Personal information of a dormant user who has no service usage records for one year is stored and managed separately from the user's personal information. In case if requested by the dormant service user, personal information will be provided again when the service is resumed.
The Company will notify the users 30 days prior to the transition to the dormant account by email or other methods.
Separately stored personal information will not be used or provided unless otherwise specified in the legislation. In addition, personal information stored separately will be disposed of without delay after a certain period of time specified in the relevant laws and regulations, and the user will be notified to the user by e-mail 30 days prior to the time of destruction.
VII. Rights of Users and Legal Representatives and Method of Exercise of Rights
Users and legal representatives may view or modify the personnel and the personal information of their registered children under the age of 14 at any time, and in case of disagree to the processing of the company's personal information, they may refuse to accept the agreement or request termination of membership (withdrawal of membership). In such cases, however, some or all of the Services may be difficult to use.
Users may edit the personal information and the children under 14 years old by selecting 'Change Personal Information' (or Modify Member Information). In case of canceling the membership (withdrawal of consent), the user may view, correct or withdraw directly after going through the verification process in order to select "Withdrawal of membership". In case you contact the personal information officers by phone or email, the Company will proceed to your request without delays.
In case if a user requests correction of personal information, the personal information will not be used or provided until the correction is completed. In addition, if incorrect personal information has already been provided to a third party, the Company will notify the third party of the result of the correction so that the correction can be processed properly.
The Company processes the personal information that has been terminated or deleted at the request of the user or legal representative as described in "5. Period of Retention and Use of Personal Information" and shall not be viewed or used for any other purpose.
VIII. Installation & Operating System of Auto-Collecting Personal Information, and Matter of Rejection
What is a Cookie?
The Company uses 'cookies' that store and retrieve the user's information from time to time to provide personalized and customized services.
Cookies are tiny text files that a website server sends to your browser and are stored on your computer's hard disk. After that, when you visit the website, the web server reads the contents of the cookies stored on your hard disk and is used to maintain your preferences and provide you with personalized services.
Cookies do not automatically or actively collect information that personally identifies the user, and user may refuse or delete these cookies at any time.
Purpose of Use of Cookies
It is used to provide optimized and customized information including advertisements to users by grasping the types of visits and usage of the services and websites visited by users, popular search terms, secure access, news editing, and user size.
Installation of Cookies, Operation and Rejection
User has an option to install cookies. User may allow all cookies on a web browser, or it may check every time a Cookie is saved, or user may refuse to store all cookies.
In case if user refuses to store cookies, some services that require login process may not be available.
Here's how to specify whether cookies are allowed (based on Internet Explorer):
① Select [Internet Options] from the [Tools] menu.
② Click the [Personal Information Tab].
③ Set the [Processing Level of Personal Information].
IX. Technical And Management Protection Measures
The Company takes the following technical and managerial measures to ensure safety in processing personal information of users so that personal information is not lost, stolen, leaked, altered or damaged.
Password Encryption
The password of user ID is being encrypted and stored for the management. Managing and access to the personal information can only be done by the user who knows the password.
Protection Against Hacking
The Company does its best to prevent user's personal information from being leaked or damaged by hacking or computer viruses. The Company regularly back up the data to protect the personal information based on the latest vaccine program. In addition, through encrypted communication, personal information can be transmitted securely over the network. In addition, we use intrusion prevention system to control unauthorized access from the outside, and we try to equip all possible technical devices to secure security systematically.
Assigning Security Roles And Officer
Employees related to personal information are limited to the person in charge and are regularly updated by assigning a separate password for the matters. The Company always emphasize the compliance of the personal information processing policy through on-the-job training of the person in charge.
Operation of Personal Information Protection Organization
Through the Company's internal personal information protection organization, the Company does regular check-ups for the implementation of the personal information processing policy and the compliance of the person in charge. On the other hand, despite the Company's duty to protect the user’s personal information, the Company shall not be held liable for any damages that are not attributable to the Company, such as negligence of the user or accidents in areas not controlled by the Company.
X. Contact Information for Personal Information Protection Officer and Responsible Personnel
You can report any privacy complaints arising from the use of the Company's services to the Privacy Officer or the responsible department. The company will promptly and fully respond to the report of users.
While using the company's services, you can report any concerns related to personal information protection to the personal information protection officer or the responsible department. The company will provide prompt and sufficient responses to users' reports.
Personal Information Dispute Resolution Committee ( www.kopico.go.kr , Phone 1833-6972)
Privacy Infringement Report Center ( privacy.kisa.or.kr / 118 without prefix)
Supreme Prosecutors' Office Cyber Crime Investigation Unit ( www.spo.go.kr / 02-3480-3571)
National Police Agency Cyber Bureau ( cyberbureau.police.go.kr / 182 without prefix)
Youth Information Safety Net Green i- Net ( www.greeninet.or.kr / 02-523-3566)
XI. Others
The Company may provide you with links to other companies' websites or materials. In this case, the Company has no control over the external sites and materials, and so the Company may not be held responsible or guarantee the usefulness of the services or materials provided therefrom.
* Duty of Notice
This Privacy Policy shall be notified through the 'Notice' on the website at least 7 days before the enforcement of the Privacy Policy that is changed in the event of the addition, deletion, or modification of contents in accordance with the change of the regulations or the security technology.
Privacy Policy Version No.: 1.0.0
Privacy Policy Effective Date: March. 27, 2023