- Items of Personal Information Managed, Purpose of Management and Period of Management and Holding
(1) The items of the personal information managed by the Company, the purpose of management of personal information and the period of management and holding thereof shall be as follows.
|Items of Personal Information Managed||Name, e-mail address, account ID, account password, Item purchase information|
|Purpose of Management of Personal Information||To verify the identity of you and confirm your intent to use the Customer Support Systems|
|Period of Management and Holding of Personal Information||Until the purposes above are accomplished or until the consent of clients is withdrawn|
* The Company, in principle, shall not collect the personal information of children under age 16 without consent of his legal representatives. * Refusal to consent: you have the right to refuse to collection of information. However, if you refuse to consent, you will be unable to generate your account and unable to use related services. (2) The Company may collect and manage information, which may not identify you, including but not limited to device information (e.g., your hardware model, operating system version), used language, region and behavior pattern information, to enhance services through Firebase, Flurry, Fabric, AdMob. You have the right to refuse or withdraw consent to collection of these information. However, if you refuse or withdraw consent, some features might not be supported. The Company will use these information only in the following ways: * To improve service quality such as target advertisement service, customized support service and etc. * To determine minimum requirements for using service * To examine details of use for calculation of royalty revenue * To understand behavior pattern of using services
- Providing Personal Information for Third Party
(1) The Company shall manage the personal information of the subject of personal information within the scope of the purposes set forth in Article 1. The Company shall neither manage personal information beyond the original scope of purposes without the prior consent of subject of personal information nor provide any personal information to any third party. Provided, however, that in any of the following cases, the Company may use personal information for purposes other than those set forth herein or provide such to any third party, unless the interest of subject of personal information or any third party is likely to be unreasonably infringed upon.
- If any separate consent is obtained from any subject of personal information;
- If there are any special provisions under other laws;
- If any subject of personal information or its legal representative is not in a position to express its intention or a prior notice cannot be obtained due to an unknown address, etc and it is explicitly acknowledged that such use or provision of personal information is urgently necessary for the benefit of the life, body, or property of any subject of personal information or any third party.
(2) The Company shall inform subjects of personal information of the following when obtaining consent under subparagraph 1 of Paragraph (1). If there is any change in any of the following, the Company shall inform subjects of personal information of such change and obtain consent therefrom.
- The person who are provided with personal information;
- The purposes of using personal information (when personal information is provided, the purposes of using by the person to whom personal information is provided);
- Items of personal information that is used or provided;
- Period of holding and using personal information (when personal information is provided, it refers to the period of holding and using by the person to whom such personal information is provided);
- The fact that relevant subject of personal information is entitled to refuse to grant consent and the details of disadvantage (if any) arising from a refusal to grant consent.
- Entrustment of Management of Personal Information
The Company, in principle, shall not entrust the management of personal information to any third party. If it is necessary to entrust the management of personal information hereafter, the Company shall notify of the persons subject to the entrustment, content of the entrusted work, period of entrustment and the terms and conditions of the entrustment contract (which sets forth compliance with laws and regulations relating to the protection of personal information, the prohibition of providing personal information to any third party and responsibilities, etc.) through its personal information protection policy. If necessary, the Company shall receive a prior consent thereto.
- Rights and Obligations of Subjects of Personal Information
(1) Subjects of personal information and the legal representatives of children under age 16 (hereinafter collectively referred to as “subject of personal information” for the purpose of this Article) may file an application for inspection of personal information to the Company by submitting to the Company a written request for inspection of personal information of relevant subjects of personal information and children under age 16 (only in the case of legal representatives) managed by the Company. In such case, except upon special circumstances, the Company shall reply to such request whether such inspection is possible or not within ten days after the submission of a request for inspection. If the Company refuses or delays a request for inspection, the Company shall notify relevant subject of personal information of its reasons for refusal or delay. In any of the following cases, the Company may restrict or refuse an inspection of personal information after notifying a subject of personal information of the reasons therefor.
- If any inspection is prohibited or restricted under laws; or
- If any inspection of personal information is likely to cause harm to the life or body of other person or likely to infringe unreasonably on the property or other interest of other person;
(2) Any subject of personal information who has inspected its own personal information may request the Company to correct or delete its personal information which is untrue or impossible to Company. Provided, however, that a subject of personal information may not make a request for deletion of personal information if such personal information is explicitly classified as personal information subject to collection under other laws. (3) In case the Company corrects, deletes, etc relevant personal information within ten days after the receipt from a subject of personal information of a request for correction or deletion of personal information pursuant to Paragraph (2), the Company shall inform relevant subject of personal information of the measures taken, and if the Company does not act on such request, the Company shall notify relevant subject of personal information of the fact that the Company refused to act on such request, the reasons therefor and the ways to raise an objection thereto, with a notice on the result of correction or deletion of personal information. (4) Any subject of personal information may request the Company to suspend managing its personal information. Provided, however, in any of the following cases or if there is any justifiable reason, the Company may turn down such request for the suspension of management of personal information by notifying relevant subject of personal information of the reasons therefor.
- If there are special provisions under laws or if it is inevitable in order to perform obligations under laws;
- If it is likely to do harm to the life or body of other person or it is likely to infringe unreasonably on the property or other interest of other person;
- If it is difficult to perform an agreement such as the case in which the service agreed with any subject of personal information is not provided if personal information is not managed, and if the subject of personal information has failed make its intention to terminate relevant agreement clearly known;
(5) Within ten days after the receipt of a request for suspension of management of personal information from any subject of personal information under Paragraph (4), if any measures were taken to suspend the management of relevant personal information, the Company shall notify relevant subject of personal information of the details of the measures taken with a notice on the result of suspension of management of personal information. If the Company does not act on such request, the Company shall notify relevant subject of personal information of the reasons therefor and the ways to raise an objection with the notice above.
- International transfer of personal information
The data that the Company collects from you will be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It will also be processed by staff operating outside the EEA who work for the Company. (1) The personal information the Company collects is processed in, or transferred to, the following jurisdictions:
- where the Company headquarters and IT servers are located: Republic of Korea
(2) The purpose of such personal information transfers are the following:
- the storage and further processing on the Company’s servers in Seoul;
- the handling of your services requests
- Destruction of Personal Information
(1) If the period of holding personal information under Article 1 ends, the Company shall destroy relevant personal information within five days after the last day of such period of holding, unless there is a justifiable reason. If personal information is deemed to be unnecessary because the purpose of management of personal information is achieved, the Company shall, unless there is a justifiable reason, destroy relevant personal information within five days after it is deemed that management of personal information is unnecessary. (2) The printouts, documents, etc on which personal information is written shall be destroyed through crushing or incineration, and any personal information in an electronic file shall be destroyed by deleting such information permanently in a way that is impossible to restore such personal information.
- Measures to Secure Safety of Personal Information
The Company shall take technical, administrative and physical measures necessary to secure safety as follows. (1) Encryption of Personal Information Your passwords will be kept and managed after encryption, and only you who know the passwords can check and modify your passwords. (2) Anti-hacking Measures To prevent leak of your personal information as a result of intrusion to our information and communications networks, such as hacking, computer virus, etc., the Company installs the security program within the area where external access is limited. To prevent an intrusion, your personal information is backed up from time to time and the newest vaccine program is using, and for secure transmission on networks, personal information in transit is protected through encryption and so on. (3) Minimization and Training of Personal Information Managers We limit the number of our employees who handle personal information to the minimum level necessary and impress on them the compliance of protection of personal information through managerial safeguards, including but not limited to their training.
The Company may install and manage automated tools such as “cookies” for the purpose of correct operation like the user language preferences. You have an option to accept or refuse installation of cookies. Therefore, you can choose the options of your web browser to accept all cookies, to receive notice when cookies are installed, or to refuse all cookies. The following site, https://www.aboutcookies.org/how-to-control-cookies/,will provide information how to enable/disable cookies.
- Openness and Your Refusal or Withdrawal of Consent
You have the right to refuse or withdraw consent to collection of personal information. – How to to refuse or withdraw consent to collection of personal information *Click Settings, and then click Privacy Information Management.
- Data Protection Officer
The Company exerts his best efforts to help you use our services safely. You can report any complaint on privacy issues in relation to the use of our services, to the personal information protection manager as follows.
|Classification||Data Protection Officer|
|Name||Jinan Changtai CNC Technology Co., Ltd.|
- Changes in Personal Information Management Policies
(1) The personal information processing policy will be implemented from December 28, 2019. (2) The Company shall continue to disclose any change in personal information management policies, time of implementation thereof and the details of such change.