Personal Information Protection Policy


Geocube Inc. (Hereinafter referred to as “The Company”) is in compliance with the provisions of personal information protection under the relevant laws and regulations such as the Protection of Communications Secrets Act, the Telecommunications Business Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc, the Personal Information Protection Act etc, which must be complied by ICT service providers, and it has endeavored to protect rights applicable to the User by establishing the Personal Information Protection Policy according to the relevant laws and regulations.

The Company considers the User rights subscribing Hoyatag & other incidental services to be paramount, and its Personal Information Protection Policy is as below.

Article 1 (Purpose of Collecting Personal Information)

The Company collects personal information of the User for the following purposes. Such personal information shall not be used other than as prescribed below, and in the case that any change occurs, necessary measures such as requiring a separate consent etc. according to the relevant legislations are scheduled to be taken.

Providing Hoyatag Service

Purposes including confirmation of the Service usage intention, self confirmation in line with execution of the limited identity confirmation mechanism, prevention for illegal service use, confirmation on legal agent consent when processing the personal information for under 14 years old, various notices/ notifications, payment etc.

Member Management & Complaints etc

Purposes including self verification/certification in terms of the provision of membership service, maintenance/management of member eligibility, various notices/notifications & ID confirmation on complainer, confirmation of complaining matters, liaison/notification for fact finding, notification of processing results etc.

New Service Development & Marketing

Purposes including new service development & provision of customized service, service provision in accordance with statistical characteristics & advertisement display, confirmation on service effectiveness, provision of event information & participating opportunity, marketing information provision, understanding contact frequency, statistics regarding member service use etc.

Article 2 (Personal Information Items to be Collected)

The Company collects the following personal information in the process of using Hoyatag & other incidental services.

Performing the Agreement regarding Hoyatag Service etc.

Compulsory Items : Email, nickname, or name & the User ID of SNS account permitted to access by Member or the User, profile value that SNS provides
Optional Items : Sex, age
Member Management & Complaints etc.

Email address, name etc (If Member makes a query to the Company via email or other method it should process and reply to the request, and for purposes of improving Hoyatag Service, it may keep the relevant contents including the User name, email address.)
Personal information items below may be automatically generated and collected subsequently in the process of using the internet service..

Information such as Log data (Including IP information, browser type, domain searched, visiting page, telecom company classification, mobile equipment and application ID, search word etc) & link, cookie data, Hoyatag Service usage records, poor usage records etc.
Article 3 (Personal Information Sharing and the Provision thereof)

The Company shall utilize personal information of the User only within the limit prescribed in Article 1, neither exceeding the standards nor disclosing in public without a prior consent of the User. Provided that the below are exceptions.

If the User provides a prior consent
If necessary for settling any payments due to the provision of information communications services
If necessary for statistics, academic research or market research, providing in a form of processed data that any particular individual cannot be identified
If the relevant institutions request according to standard procedures and method pursuant to the relevant legislations
If other laws contain special provisions
If Information Communications Ethics Commission (ie. ICEC) requests pursuant to the relevant legislations
Article 4 (Maintaining and Utilization Period of Personal Information)

The Company shall maintain and use personal information within the period of maintaining and utilization according to the relevant laws or upon consent given by the User.

The User information shall be destroyed in principle without any delay once the purposes for maintaining and using information have been achieved. Provided that the Company may maintain until a period stipulated in the relevant legislations if the Company is obliged or allowed to keep the information containing personal details pursuant to the relevant legislations such as the Commercial Act etc.

Article 5 (Destroying Procedure and Method of Personal Information)

The Company destroys personal information of the User without any delay when such information becomes unnecessary after passing a maintaining period, achieving the purposes for personal information process etc.

Despite of passing a maintaining period regarding personal information consented by the User or achieving the process purposes thereof, if the Company is obliged to keep the personal information according to other legislations, it should transfer such information to a separate database or maintain in the different storage place.

The destroying procedure and method of personal information of the Company shall be as in the following.

Destroying Procedure

The Company shall destroy personal information after selecting the information based on destroying reasons, upon approval of the Protection Supervisor at the Company.

Destroying Method

The Company shall destroy personal information recorded/stored in hardcopy by way of utilizing paper shredder or incineration, and personal information recorded/stored in softcopy by deleting technically to prevent any restoration.

Article 6 (Rights of the User & Legal Agent and the Exercise Method)

The User & legal agent (Hereinafter referred to as “the User etc”) may at any time search and modify personal information of self / children under 14 years old, and request the membership cancellation.

The User etc for the purpose of membership cancellation (ie. withdrawal of agreement), click “#My” menu at the homepage and subsequently complete identity confirmation process, then direct inspection, correction, or withdrawal would become possible.

With respect to the preceding provision of Article 6(2), if the User etc contact Protection Supervisor of Personal Information to request for inspection, correction or withdrawal via letter, telephone, or email, the Company should act immediately without any delay.

In the case that the User etc require correction for an error, the Company will not use the relevant information or provide for a 3rd party until being corrected. If any incorrect personal information has already been provided, the Company should notify the 3rd party of such correction, and consequently complete a correcting process

The Company shall process personal information cancelled or deleted upon request by the User etc pursuant to Article 4 & Article 5, preventing it from inspecting or utilizing for other purposes.

Article 7 (Technical / Managerial Measures regarding Personal Information Protection)

The Company shall consider following technical / managerial measures to secure safety that the personal information is not lost, stolen, leaked, falsify or harmed while in a process of handling personal information of the User.

Measures Taken for Preparation against Hacking etc : It frequently conducts backups of data to prepare against any harm on personal information, prevents the User’s personal information from leakage or damage with the latest vaccine program, and transmits personal information safely on the network via encrypted communications etc. Further, it controls unauthorized access from outside by utilizing the hacking firewall system, and has committed to installing all technical equipments as much as to secure the system’s safety otherwise.

Minimizing Handling Staffs & Training : Personal information handling staffs of the Company are limited to the person in charge, in that regard it grants a separate password to renew regularly, and further constantly emphasizes the relevant compliance with Personal Information Protection Policy of the Company through frequent trainings for the person in charge.

Operating Exclusive Personal Information Protection Task Force : Execution of Personal Information Protection Policy & compliance with respect to the person in charge are confirmed by operating the exclusive personal information protection task force etc, and the Company has endeavored to resolve any problems as may occur.

Provided that the Company is not responsible at all for the matters resulting from exposure of personal information such as ID, password, national ID number etc. due to the User negligence or internet problems.

Article 8 (Responsible Persons for Personal Information Protection)

The Company shall be responsible in general for a personal information process, and designate the relevant responsible persons as below for the purpose of processing complaints & remedy etc regarding personal information.

Protection Supervisor of Personal Information

Name : Lee Ju Yeon
Position : Online Marketing Team
Contact details : +82-70-7350-0888, hoyatag21@gmail.com

Dept Responsible for Personal Information Protection, Application/Processing of Inspection Request on Personal Information

The User can make a query to Protection Supervisor of Personal Information & Dept in Charge regarding all privacy matters, complaints, remedy etc, which has occurred while using the Company Hoyatag & other incidental services. The Company is committed to fast and satisfactory reply regarding such matters.

If reporting or consultation regarding personal information infringement is required, please contact the following institutions.

Korea Internet Security Center (www.118.or.kr / 118)
ePrivacy Mark Certifying Committee (www.eprivacy.or.kr / +82-2-580-0533~4)

Internet Crime Investigation Center, Supreme Prosecutors’ Office (www.spo.go.kr / +82-2-3480-2000)
Cyber Terror Response Center, Korean National Police Agency (www.ctrc.go.kr / +82-2-392-0330)

Article 9 (Changes on Personal Information Protection Policy)

Personal Information Protection Policy may change according to government policy or the Company necessities, and in the event that the contents thereof are added, deleted or amended, it shall give at least 7 days notice prior to an effective date, by way of display ‘Notice’ on the Homepage website, further if such prior notice is difficult, it should notify immediately as the Policy becomes effective from a notice date. Provided that crucial matters including collection / use of personal information etc. are added, deleted or amended, it should give a prior notice of 30 days and be effective after passing 30 days.

In addition, if contents requiring the User’s separate consent are added, modified pursuant to the relevant legislations such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc regarding information collection & utilization, provision for a 3rd party etc, the Company receives a separate consent from the User.

Article 10 (Miscellaneous)

Please be informed that “The Company’s Personal Information Protection Policy” will not apply to the personal information collecting activities by linked websites of the Company.

Public Notice Date : August 1, 2018
Effective Date : August 1, 2018

Open
Report
Translation