[Crevasse AI Co., Ltd.] ("www.pinply.com") (hereinafter referred to as "Company") has the following measures to protect users' personal information, rights, and interests in accordance with the Personal Information Protection Act and to smoothly deal with their personal information-related complaints.
1. Purpose of processing personal information
The company processes personal information for the following purposes: Personal information processed will not be used for any purpose other than the following purposes, and prior consent will be sought if the purpose of use is changed.
A. Homepage member registration and management
Personal information is processed for the purpose of verifying the intention of membership, identifying and certifying oneself according to the provision of membership service, maintaining and managing membership status, personal information collection for real name verification, preventing unfair use of services, verifying consent of legal representatives for minors under 14, and various notices.
B. Providing goods or services and handling complaints
Personal information is processed for the purpose of providing services, contents, customized services, self-certification, payment and settlement of charges, related inquiries and complaints, and delivering notices.
C. Improve services and use for marketing and advertising
Personal information is processed for the purpose of improving existing services, developing new services (product) and providing customized services, providing event and advertising information and opportunities for participation, advertising services tailored to demographic or individual characteristics of the members, verifying the validity of the services, checking the frequency of access, or statistics on the members' use of the services.
2. Items of personal information processed and methods of collection
The company collects and processes the following personal information items.
A. Enter information at time of membership registration: e-mail, gender, age group
B. Information provided in service use process: photos, name used in service
C. During the course of service use, personal information below is automatically generated and collected: device properties (operating system, hardware and software versions, browser type), network information (language, time zone, IP address, Wi-Fi access point), cookies, service usage records, visit records, bad usage records
3. Processing and retention period of personal information
The company disposes the member's personal information immediately once the member withdraws membership. However, the personal information shall be retained until the end of a given period in the following cases:
Personal information related to service use (login record): retention period under the Communications Secrets Protection Act: 3 months
Records of contract or subscription withdrawal, etc.: retention period under the Act on Consumer Protection in Electronic Commerce, etc.: 5 years
Records on payment, supply of goods, etc.: retention period under the Act on Consumer Protection in Electronic Commerce, etc.: 5 years
Records on consumer complaints or dispute handling: retention period under the Act on Consumer Protection in e-commerce, etc.: 3 years
Records on electronic financial transactions: retention period under the Electronic Financial Transactions Act: 5 years
4. Matters concerning the provision of personal information to a third party
The company provides personal information to third parties only when the subject of the information agrees and there is a special provision of the law.
5. Consignment of personal information processing
The company entrusts the processing of personal information to the following for smooth processing of personal information.
- Consigned (trustee): Amazon Web Services, Inc.
- Contents of entrusted work (previous purpose): Data storage
6. Rights, obligations and methods of exercise of information subjects and legal representatives
① The information subject may exercise the right to view, correct, delete, or request suspension of processing of personal information to the company at any time.
② The exercise of rights under paragraph (1) can be done in writing, e-mail, or facsimile (FAX), and the company will take action without delay.
③ The exercise of rights under paragraph (1) may be performed through the legal representative of the information subject or through an entrusted person. In this case, you must submit a power of attorney to the company.
④ The exercise of rights under paragraph (1) may be restricted by the relevant provisions of the Personal Information Protection Act.
⑤ The company shall verify that the person who made the request is the right person or the right agent when exercising the right under paragraph (1).
7. Disposal of personal information
In principle, the company disposes the personal information without delay if the period of personal information retention has elapsed or the purpose of personal information processing has been achieved. Procedure, deadline, and method of disposal are as follows.
- Disposal Procedure
The information entered by the user is transferred to a separate database after achieving the purpose (in case of paper, a separate storage location) and disposed immediately after being stored for a certain period of time in accordance with other related statutes. At this time, personal information transferred to the database is not used for any other purpose except by law.
- Method of Disposal
Information in the form of electronic files uses a technical method that cannot reproduce a record. Personal information printed on paper is shredded or destroyed by incineration.
8. Matters concerning the installation, operation, and rejection of personal information collection devices
① The company uses 'cookies' to store and recall information to provide personalized service.
② Cookies are small amounts of information sent by the server (http) used to run the website on the user's computer browser and are sometimes stored on hard disks within the user's PC.
A. Purpose of Cookie: To provide optimized information to users by identifying their visits and usage patterns, popular search terms, security access, etc. for each service and website they visit.
B. Installing, Operating and Denying Cookies: Service users have the option of installing cookies. Users can refuse to save cookies by setting options under Tools>Internet Options>Personal Information Menu at the top of the web browser.
C. Refusing to save cookies may cause difficulties in using customized services.
9. Personal Information Protection Manager
① The company is in charge of handling personal information and appoints a person in charge of personal information protection as follows for handling complaints and damage relief of information subjects related to personal information processing.
▶ Personal Information Protection Manager
Name: Juntak Yoon
Contact: 02-3394-8827, email@example.com,
※ It is connected to the department in charge of personal information protection.
② Users can contact the personal information protection manager and department in charge of all personal information protection related inquiries, complaints handling, damage relief, etc. that occurred while using the company's services. The company will respond to and process inquiries from the information subject without delay.
10. Measures to ensure the safety of personal information
The company takes the necessary measures to secure safety as follows in accordance with the Personal Information Protection Act.
- Administrative Measures: Establishing and implementing internal management plans, regular training of employees, etc.
- Technical Measures: Management of access authority, installation of access control system, encryption of passwords, and installation of security programs.
This personal information processing policy is applied from the date of implementation, and if there is any addition, deletion, or correction of changes in accordance with statutes or policies, it will be notified through a notice seven days before the implementation of the changes. However, a significant change in user rights, such as changes in the items of personal information collected or the purpose of use, shall be notified at least 30 days in advance.