Loihi Technology Pte. Ltd. (hereinafter referred to as “company”) shall protect the personal information of “Likey” (hereinafter referred to as “service”) users (hereinafter referred to as “user” or “users”)in accordance with the Act on Promotion of Information Network Usage and Information Protection, Personal Information Protection Act. In order to facilitate the handling of complaints promptly and smoothly, We establish and disclose personal information policy below.
Article 1 (Collection and Usage of Private Information)
The company processes the user's personal information for the following purposes. The personal information being processed will not be used for any purpose other than the following, and if the purpose of use is changed, necessary measures will be implemented, such as obtaining separate consent under Article 18 of the Personal Information Protection Act.
1. Membership Registration and Management
- Identifying users, identifying customers, managing user information, and delivering various notices
2. Provision of Goods or Services
- Prevention of Unauthorized Use
- Statistics and analysis of service use, provision of new and customized services, etc
3. Event Information Announcement
- Provides various events and advertising information
4. Complaint Handling
- Customer counseling, damage relief, etc
Article 2 (Processing and Retention Period of Personal Information)
① The company processes and holds personal information within the period of processing and holding personal information in accordance with laws and regulations or within the period of processing and holding personal information agreed upon by users when collecting personal information.
② Each personal information processing and retention period is as follows.
- Membership registration and management: Until withdrawal
- Provision of goods or services: Until the completion of the supply of goods or services and the completion of the settlement and settlement of related expenses. Provided, That the usage records and behavioral information generated in the process of using the service for the purpose of preventing fraudulent use, handling civil petitions, and responding to litigation shall be retained for five years after the withdrawal of membership
- Event information announcement: Until the end of the event
- Complaint handling: Five years after withdrawal from membership or the end of a long-term storage period prescribed by relevant laws and regulations
③ Notwithstanding paragraph (2), in the following cases, personal information may be processed and retained until the end of the relevant grounds. However, if the period of personal information processing and retention is different, the period is the longest.
- If it falls under the reasons prescribed by the relevant laws and regulations of each of the following items, by the end of the relevant period
Classification | Relevant Laws | Retention Period |
---|---|---|
Records on Contract or Subscription Withdrawal, etc. | Act on Consumer Protection in Electronic Commerce | 5 years |
Records on Contract or Subscription Withdrawal, etc. | Act on Consumer Protection in Electronic Commerce | 5 years |
Records of Consumer Complaints or Dispute Resolution | Act on Consumer Protection in Electronic Commerce | 3 years |
Log In History | Protection of Communications Secrets Act | At least 3 months |
Tax Payment Records | Framework Act on National Taxes | 5 years |
Cash Receipts Processing Records | Framework Act on National Taxes | 5 years |
- If an investigation/investigation is in progress due to a violation of related laws and regulations, until the relevant investigation/investigation is completed
- If the bond-debt relationship remains due to the use of the service, until the settlement of the relevant bond-debt
- If the legal dispute procedure, such as a lawsuit, continues between the user and the company, until the termination of the procedure is confirmed
④ The company stores and manages the user's personal information separately from other users' personal information that is not used for a period (one year) prescribed by the law, except when a separate period is set in other laws or requested by the user. However, the user is notified of the fact that personal information is stored and managed separately until 30 days before the expiration of the period, the expiration date, and the items of the personal information by e-mail, written, fax, phone, or similar methods.
Article 3 (Information Collected by Third Parties)
① The company processes the user's personal information within the scope specified in Article 1 of the Personal Information Processing Policy (Purpose of Collecting and Using Personal Information) and provides personal information to third parties only if it falls under Articles 17 and 18 of the Personal Information Protection Act (Restriction on Use and Provision of Personal Information).
② The company provides the following personal information to a third party with the prior consent of the user. The recipient is subject to change without notice, depending on the nature of the affiliated service and the contract.
Article 4 (Consignment of Personal Information Processing)
① The company entrusts personal information to external companies to perform some of the tasks necessary to provide services. And we manage and supervise the entrusted company so that it does not violate the relevant laws and regulations.
② The company entrusts the processing of personal information as follows.
- Personal Information Processing Trustee (Domestic)
Trustee | Purposes |
---|---|
KT alpha Co.,Ltd | SMS delivery service |
KSNET Co.,Ltd | Card VAN service |
Payple Co.,Ltd | Payment Gateway service |
Sentry Inc. | Collection and analysis of activity logs |
Google Inc. | Collection and analysis of activity logs |
MixPanel Inc. | Collection and analysis of activity logs |
Appsflyer Ltd. | Collection and analysis of activity logs |
Amazon Web Service Inc. | Service operation and data storage |
Zendesk Inc. | Customer support |
SendGrid Inc. | Automatic email delivery service |
Article 5 (Transfer of Personal Information Overseas)
The company is transferring personal information abroad as follows.
- Overseas trustees processing personal information
Trustee | Purposes | Entrusted Categories | Location, contact information | Time of entrustment, method | Period of Retention and Usage |
Sentry Inc. | Collection and analysis of activity logs | User ID, device information(OS, model name, language information, IP address, ADID, IDFA, IDFV) | The United States of America, compliance@sentry.io |
Transfer over the network | Upon account termination or end of entrustment contract period |
Google Inc. | Collection and analysis of activity logs | Device information(OS, model name, language information, network used to access),IP address, ADID | The United States of America, googlekrsupport@google.com |
Transfer over the network | Same as above |
Amplitude Inc. | Collection and analysis of activity logs | User ID, device information (OS, model name, language information, IP address, ADID, IDFA, IDFV) | The United States of America, privacy@amplitude.com |
Transfer over the network | Same as above |
Appsflyer Ltd. | Collection and analysis of activity logs | Device information (OS, model name, language information, type of access network),IP address, ADID, IDFA | Ireland, Belgium, privacy@appsflyer.com |
Transfer over the network | Same as above |
MixPanel Inc. | Collection and analysis of activity logs | User ID, device information (OS, model name, language information, IP address, ADID, IDFA, IDFV) | The United States of America, compliance@mixpanel.com |
Transfer over the network | Same as above |
Amazon Web Service Inc. | Service operation and data storage | Device information (OS, model name, language information, type of network access),IP address, ADID | Japan, The United States of America aws-korea-privacy@amazon.com |
Transfer over the network | Same as above |
Zendesk Inc. | Customer support | Nickname, email, consultation contents | The United States of America, Ireland, Germany, Japan, Australia privacy@zendesk.com |
Transfer over the network | Same as above |
SendGrid Inc. | Automatic email delivery service | Nickname, email, email message metadata | The United States of America, datasubjectrequests@sendgrid.com |
Transfer over the network | Same as above |
PayPal | Payment Gateway service | Card Information, E-mail Address | The United States of America, https://www.paypal.com/kr/smarthelp/contact-us/privacy |
Transfer over the network | Same as above |
Instarem. Co. Ltd | Payment of proceeds through creative activities |
Name, account number, contact information, address |
Singapore, customer.success@instarem.com |
Transfer over the network | Same as above |
- Foreign companies that provide personal information
The company provides the following personal information to foreign third parties with the prior consent of the user. Overseas transfer providers are subject to change without notice, depending on the nature of the affiliated service and the contract.
Article 6 (Rights and Obligations of Users and Legal Representatives and How to Exercise Them)
① Users can exercise their rights to the company at any time, such as requesting to view, correct, delete, and stop processing personal information.
However, the exercise of users' rights, such as requests for access, correction, deletion, and suspension of processing of personal information, may be restricted as prescribed by related laws such as Articles 35(4), 36(1) and 37(2) of the Personal Information Protection Act.
② The exercise of users' rights may be conducted in writing, e-mail, fax, etc. in accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, and the company will take action without delay.
③ The exercise of rights under paragraph (1) may be carried out through the legal representative of the user or through an agent such as a delegated person. In such cases, a power of attorney in accordance with attached Form 11 of the "Notice on How to Process Personal Information" shall be submitted.
④ When requesting the correction or deletion of personal information, if other laws and regulations specify the personal information as the subject of collection, the deletion cannot be requested.
⑤ The company checks whether it is the person who made the request, such as a request for access according to the user's right to use, a request for correction or deletion, or a request for suspension of processing.
Article 7 (Personal Information Processed)
① The company collects and uses essential information and selection information for the establishment, maintenance, implementation, management, and provision of services as follows.
Classification | Information Collection·Usage |
---|---|
User resigtration and management | Registration |
Login and account management | Name, phone number, email, date of birth, gender, access area, encrypted user confirmation value (CI) |
Phone identity verification | Name, phone number, date of birth, gender, nationality information, phone service provider, encrypted user confirmation value (CI) |
When enabling biometrics authentication use | [Optional] fingerprint information, face information |
(**Only the result value is used against the information registered on the device, not transmitted or stored to a separate server, and use can be controlled by ON/OFF under the user's selection.) | |
Provision of goods or services | Paying the creator's proceeds |
Use of paid services | - When making a deposit without a bankbook: account name, bank name, and account number |
Event information announcement | Event win |
Handling complaints | Damage relief, etc |
Items created and processed in the course of service use | Service use |
② In accordance with Article 15 of the Personal Information Protection Act (collection and use of personal information), the company may collect personal information in any of the following cases and use it within the scope of the purpose of collection.
- Where there are special provisions in the law or it is inevitable to comply with legal obligations
- Where it is inevitably necessary for the conclusion and implementation of a contract with the information subject
- Where the information subject or its legal representative is unable to express his/her intention or cannot obtain prior consent due to unknown address, etc., and is clearly deemed necessary for the urgent life, body, and property interests of the information subject or a third party
- Cases where it is necessary to achieve the legitimate interests of the personal information processor and clearly takes precedence over the rights of the data subject. In such cases, this is limited to cases that are significantly related to the legitimate interests of the personal information controller and do not exceed the reasonable range.
Article 8 (Measures to Ensure the Safety of Personal Information)
In accordance with Article 29 of the Personal Information Protection Act, the company is taking administrative, technical, and physical measures necessary to ensure safety as follows.
1. Administrative measures
- Establishment of internal management plan: The company establishes and implements an internal management plan for the safe management of personal information processed by the company.
- Minimizing and Training of Personal Information Handlers: The company limits the number of personal information handlers to the minimum necessary for performing its work and recognizes the importance of personal information protection through management measures such as education for personal information handlers.
2. Technical Action
- Personal Information Processing System Access Management: We take necessary measures to control access to personal information by granting, changing, and deleting access to the database system that processes personal information.
- Encryption of personal information: The company encrypts, stores, and manages personal information such as user's unique identification information and bank account number using a secure encryption algorithm.
- Technical countermeasures against hacking, etc.: The company is doing its best to prevent the leakage or damage of users' personal information by hacking or computer viruses. Data is backed up in preparation for personal information damage, users' personal information or data is prevented from being leaked or damaged using the latest anti-virus program, and personal information can be safely transmitted on the network through encryption communication.
3. Physical Action
- In order to prevent the leakage or damage of users' personal information, the company installs a system in an area where access is controlled from the outside, and establishes and operates access control procedures.
Article 9 (Matters Concerning the Installation and Operation of Automatic Personal Information Collection and Its Refusal)
① In order to provide convenience to users, the company uses 'cookie' that stores information and calls it from time to time.
② Cookies are a small amount of information that a website sends to a customer's computer browser (such as chrome).
1. Purpose of use of cookies
It stores settings preferred by users through cookies to support a faster web environment for users, and is used to improve services for convenience. This makes it easier for users to use the service.
2. Installation, operation and rejection of cookies
Users have the option to install cookies and can refuse or delete them at any time.
3. How to reject cookie settings
Users have the option to install cookies and can refuse or delete them at any time.
- Microsoft Edge: Settings > Site Permissions > Cookies and Site Data > Cookie Level Settings
- Chrome: Select Settings Menu > Select Advanced Settings Display > Privacy and Security > Cookies and Other Site Data > Cookie Level Settings
- Safari : Select Configuration Menu > Select Privacy Tab > Set Cookie and Website Data Levels
Article 10 (Management of Behavioral Information)
① Behavioral information refers to online user activity information that can identify and analyze users' interests, interests, preferences, and tendencies, such as website visit history, purchase and search history.
② The company processes behavioral information for product, service development, customer analysis, and service provision according to usage behavior.
1. Behavioral information items to be collected
Collect user activity information such as web/app service visit records, usage records such as search/click, device information, and IP address.
2. Collection method
When the user uses the service, it is automatically generated and stored through the log information analysis tool.
3. Collection purpose
It is handled for the purpose of product and service development, statistics and customer analysis, service speed and status improvement, and other user behavior information-based services.
4. Retention and use period
It will be held for up to 26 months from the date of collection, and will be deleted without delay if the retention period has elapsed.
5. How to exercise user control
Customers can adjust their browser settings to deny access by refusing to save cookies, etc.
- Web browser (example): Settings > Site Permissions > Cookies and Site Data > Cookie Level Settings
- Smartphone (may vary slightly depending on example / OS version)
- Android Phone: Settings > Personal Information Protection > Advertising > Select or Turn Off Advertising Customization
- iPhone: Settings > Privacy > Tracking > Allowing or disabling apps to request tracking
- Google Analytics 설정해제 안내
6. How to submit user damage relief
- Email: support@vlum.co
Article 11 (Personal Information Protection Officer and Responsible Department)
① In order to protect users' personal information and handle complaints related to personal information, the company designates the relevant department and the person in charge of personal information protection as follows.
Role | Person in Charge | |
---|---|---|
Personal Information Protection Leader | Jung Hyun Baek | support@likey.me |
Personal Information Protection Officer | Eui Chul Lee | |
Department receiving and processing personal information reading request | Operation Team |
② Any complaints related to personal information protection arising from users using the company's services can be contacted by the person in charge of personal information protection and the department in charge. The company will answer and handle your inquiries.
③ Although the company has taken technical supplementary measures, it is not responsible for information damage caused by unexpected accidents caused by network risks such as hacking.
Article 12 (Relief for Infringement of Rights and Interests)
If you need damage relief or counseling for personal information infringement, you can contact the following institutions.
Institution Name | Website Address | Phone Number |
---|---|---|
Personal Information Dispute Mediation Committee | https://www.kopico.go.kr | (Without country code) |
1833-6972 | ||
Supreme Prosecutors' Office's Cybercrime Investigation Team | http://www.spo.go.kr | (Without country code) 1301 |
Cyber Crime Reporting System | https://ecrm.police.go.kr | (Without country code) 182 |
Personal Information Infringement Reporting Center | http://privacy.kisa.or.kr | (Without country code) 118 |
Article 13 (Responsibility to Linked Sites)
The company can provide users with links to other external sites. In this case, the company has no control over external sites, so users cannot be responsible for and guarantee the usefulness, integrity, and legality of services or data provided by external sites.
Article 14 (Change of Personal Information Processing)
This personal information processing policy will take effect from the date of enforcement, and if there is any addition, deletion, or modification of the contents, it will be notified through the "Notice" in the service seven days before the change is implemented.
Comments
0 comments
Article is closed for comments.