1. General Provisions
INKA Entworks Inc. (the “Company”) guides this Privacy Policy.
The Company considers Customer’s Personal Information as important and complies with relevant laws and regulations such as the privacy protection provisions of the ‘Act on Promotion of Information and Communication Network Use’ (the “Information Communication Network Act”). Through this “Privacy Policy” (the “Policy”), the Company informs to the User how to collect and use the Personal Information provided by the Customer and what measures to be taken for privacy protection. In modifying the Policy, the Company will give a notice through email.
2. Items and Method of Collection of Personal Information
1) Items to be Collected
For membership, customer consultation, and application and use of Service, the Company collects the Personal Information as follows:
- Required items: Account ID, email address, password, name, company name and nationality
In the course of Service use and business treatment, the following information may be generated and collected:
- Information of User condition, ID of other services for service linkage, service use record, access log, access IP information, device unique number (device ID or IMEI), payment record and use suspension record.
In using the Service at cost, the following payment information may be collected:
- While making payment with credit card- Name of credit card company
- While issuing tax invoices: Name of entity/corporate entity, name of representative, business license registration number, business place address, business type, business item, name of person in charge, telephone number of name of person in charge, mail for receipt of tax invoices, copy of business license certificate, etc.
2) Method of Collection
- Collection through Personal Information collection consent process through homepage of Company, written form, telephone/fax, e-mail and entry in a giveaway and collection from partners through the process of consent to provision and utilization of Personal Information.
- Collection of information automatically collected and generated in the course of ordinary service provision including details and history of consultation, payment record and use record.
3. Purpose of Use of Personal Information to be Collected
The Company utilizes the Personal Information collected for the following purpose:
(1) Settlement of fees for performance of contract of Service provision and provision of Service
(2) Member management
(3) Provision of various Service and delivery of notice
(4) Utilization for information delivery, marketing and advertisement for new Service development and events.
4. Period of Retention and Use of Personal Information
The Company collects the Personal Information for membership, consultation and Service application as follows:
1) The Company uses Customer’s Personal Information from the service membership registration date to withdrawal thereof and retains such Personal Information up to 6 months thereafter for the preparation for fee settlement dispute: provided that such Personal Information will be retained until when excessive, failure in payment of service fee or the dispute is resolved.
- Items to be retained (individual): Name, address, wire/wireless telephone number, email, details of fee payment (charged amount, received amount, receipt date and method of fee payment)
- Items to be retained (business entity): Corporate name, business operator name, representative’s name, business license registration number, corporate registration number, details of fee payment (invoiced amount, received amount, receipt date and method of fee payment)
- Ground for retention: Article 85-3 of the Framework Act on National Tax
- Retention period: 5 years
2) If necessary for retention as required in applicable laws and regulations, the Company will retain the Personal Information as follows:
- Record on conclusion and termination of contract or subscriptions: Retention period – 5 years (Act on Consumer Protection in E-commerce)
- Record on payment and supply of goods: Retention period – 3 years (Act on Consumer Protection in E-commerce)
- Record on consumer complaint and dispute handling: Retention period – 3 years (Act on Consumer Protection in E-commerce)
- Record on collection/processing and use of credit information: Retention period – 3 years (Act on Use and Protection of Credit Information)
5. Procedure and Method of Destruction of Personal Information
1) Procedure of Destruction of Personal Information
- After stored for certain period and upon achievement of purpose of collection and use, Customer’s Personal Information will be destroyed for information protection under the internal policy and other applicable laws and regulations.
- Information subject to destruction: Customer information the retention and use period of which has been expired under applicable laws and regulations
2) Method of Destruction of Personal Information
- The Company deletes personal information stored in the form of electric file by using technological method that makes that information not to be regenerated.
- The Company destructs hard copies of personal information by shredding with a pulverizer or incinerating it.
6. Provision and Consignment of Personal Information
The Company uses Customer’s Personal Information within the scope as set forth in ‘the Purpose of Use of Personal Information’ hereof and as expressly set forth in the Terms of Service, and does not provide Personal Information to a 3rd party beyond such scope except for the cases where the Customer consents thereto or the case falls under any of the followings:
(1) when necessary for service fee payment for provision of Service
(2) when the Personal Information is necessary for performance of agreement on Service provision, and normal consent thereto is strikingly difficult to be obtained for economic and technical reasons
(3) when required specially by applicable laws and regulations (in such event, the Personal Information will be provided under lawful procedure as prescribed by the laws).
In order to improve the Service, the Company consigns the Personal Information to a 3rd party and sets forth necessary matters to secure that the Personal Information will be safely managed while consigning it under applicable laws and regulations. The details of consignee processing agencies and consigned duties are as follows:
| Congisnee | Description of consigned duties | Period of retention and use of Personal Information |
| Management and marketing operation of Customer data | Until member withdrawal or termination of consignment agreement | |
| Adroll | Management and marketing operation of Customer data | Until member withdrawal or termination of consignment agreement |
| Freshworks | Management and marketing operation of Customer data | Until member withdrawal or termination of consignment agreement |
| Stripe | Payment agency | |
| Zendesk Inc. | Operation of Customer support system |
7. Right and Method to Exercise Rights of User and Legal Representative
1) Members may at any time make an inquiry on and corrections in their Personal Information registered or request for membership withdrawal. In particular and upon User’s request for such corrections, the Company will not use or provide such Personal Information until such corrections are completed.
2) For such inquiry and correction, Members may log-in by using their ID and passwords and make corrections in ‘My Account’.
3) For membership withdrawal, please make an inquiry separately: provided that the withdrawal may be delayed if the Member owes any debt to the Company.
4) In collecting the Personal Information of children under 14 (the “Children”), the Company seeks for consent from legal representatives of them without fail. The Company may request the Children to give minimum information including the name and contact information of legal representatives of them. The legal representatives of them may request for access, correction and deletion of the Children’s Personal Information through letter, telephone call, e-mail and fax, and upon such request, the Company will take necessary measures without delay.
8. Installation, Operation and Rejection to Automatic Collection Equipment of Personal Information
In order to provide customized Service, the Company uses ‘Cookie’ which stores and frequently brings about the Customer’s information.
Cookie is a tiny text file which the server used for website operation sends to Customer’s browser and is stored in the hard disk of Customer’s computer. Then, if the Customer visits the website, the website server will read the details of Cookies stored in such hard disk, and such details will be used for maintaining Customer’s environment set-up and providing customized Service.
Cookie does not automatically/actively collect any information identifying individuals, and the Customer may reject or delete the storage of Cookies at any time.
More details may be checked in the Cookie Policy.
9. Technical and Managerial Measures for Personal Information Protection
In order to secure stability of collected Personal Information, the Company seeks for technical/managerial measures as follows:
1) Technical Measures
- In order to prevent any divulge of Customer’s Personal Information through hacking, the Company carries out blockage and monitoring by using separate security devices (including firewalls, IPS and server security) from the aspect of network and system blocking external invasion.
- The Company takes measures to prevent a damage caused by computer virus by using automatic installment programs for vaccine and patch. Such programs are to be updated on a regular basis, and patch is applied immediately upon sudden appearance of virus for prevention from infringement on Personal Information.
- The Company uses cryptographic algorithm and adopts security devices (including encryption protocol such as SSL) which safely transmit Personal Information on the network.
2) Managerial Measures
The Company limits the number of personnel who has the right to access to Customer’s Personal Information, and such personnel is as follows:
(1) Person carrying out marketing business directly to Users
(2) Person carrying out Personal Information management duties including the ones responsible for and in charge of Personal Information management
(3) Person who has to handle the Personal Information in its duties.
- The Company continues to provide education and cultivate awareness to ensure that the Personal Information will not be lost, stolen or divulged by the person handling Personal Information.
- The transfer of duties of person handling Personal Information is strictly carried out on the condition that security is maintained, and the responsibility for any Personal Information accident is clarified after employment and resignation.
- Computer Room and Data Storage Room are designated as special zone, and the access thereto is controlled.
- The Company is not responsible for any matters arises out of the mistake of User or basic internet risks. Each Member shall properly manage his or her ID and password and be responsible for such matters in order to protect his or her own Personal Information.
- Upon the loss, divulge, alteration and damage of Personal Information caused by a mistake or technical/managerial accident of the internal manager, the Company will promptly inform to Customers and seek for proper measures and compensation.
10. Service for Personal Information Complaint
In order to protect Customer’s Personal Information and handle any complaint related to Personal Information, the Company designates the person responsible for Personal Information as follows:
- Name: Woonsang Ahn
- Department: PallyCon team
- E-mail: pallycon@inka.co.kr
- Tel.: 02-538-9058
The Customer may report any Personal Information related complaint generated from using the Service of Company to the responsible person for Personal Information protection or department in charge thereof, and the Company will make prompt and sufficient respond to such Customer’s report.
For report and consultation of Personal Information infringement, please contact to the following agencies:
- Personal Information Dispute Mediation Committee (www.1336.or.kr, 1336)
- Data Protection Mark Authentication Commission (www.eprivacy.or.kr, 02-580-0533)
- Cyber Crime Investigation Team of the Supreme Prosecutor’s Office (icic.sppo.go.kr, 02-3480-3600)
- Cyber Terror Response Center of the National Police Agency (www.ctrc.go.kr, 02-392-0330)
11. Miscellaneous
Please be informed that this Privacy Policy does not apply to any act of Personal Information collection of other websites linked to the Company.
Addendum : This Privacy Policy has been revised on the 1th day of July, 2020 and will be applied from the 1th day of July, 2020.