Chu-day Privacy Policy
Malang Co., Ltd. (hereinafter referred to as "the Company") has the following processing policies to protect the privacy of personal information as well as the rights and interests of users in relation to personal information in accordance with the related laws such as Act on Promotion of Information and Communication Network Utilization and Information Protection, and the Personal Information Protection Act.
The Company will notify its users through the website announcement (or individual announcement) when revising the personal information processing policy.
1. Items of Personal Information and Method of Collection
A) Items of personal information to be collected
The Company collects following personal information to enable membership services, smooth customer responses and various services.
[Required Items]
Following is the minimum personal information required in order to provide the service. Users must agree to these items before using the service.
Collection Location | Purpose of Use & Collection | Items to be Collected |
Registration | User identification and identity verification | ID (email address), social media account (email address) |
Service use | Illegal use prevention | Service use record, accessed IP information, visit date and time |
[Optional Items]
Even if users decline to consent to following items, Chu-day will still be available to use.
Collection Location | Purpose of Use & Collection | Items to be Collected |
Service settings | Information sharing with Lovers | Lover’s account |
B) Method of personal information collection
The Company collects the minimum personal information required for membership through the app users’ direct input after their consent to collection and use of personal information according to the registration process. In addition, the Company collects personal information in the following manner.
- Written form, fax, telephone, website board, email, event application
- Collection of information through the information collection tool
2. Purpose of Collection and Use of Personal Information
The processed personal information will not be used for any purpose other than the following and will be subject to prior agreement if the purpose of use is changed.
A) Some personal information will be used for membership management
- ID verification according to the use of membership service and restricted identification system, identification of individuals, prevention of unauthorized use, confirmation of intention to register, restriction of registration, preservation of records for dispute settlement, complaint handling, etc.
B) New services will be developed and used for marketing and advertising using the information
- New service development, authentication service, customized service, service provision and advertisement according to statistics, provision of event and advertisement information as well as participation opportunity, identification of access frequency, statistics on service use of members, validation of service
3. Provide Third Party of Personal Information
The Company shall use the personal information of the users within the range notified by "3. Providing the third party of personal information" and not beyond the scope without prior consent of the user or, in principle, disclose the user's personal information to the third parties. However, except as follows:
- When users agree to the release in advance
- When there is a request by the investigating agency in accordance with the provisions of the Act or the procedure and method prescribed by the Act for the purpose of investigation
- When it is significantly difficult to obtain the usual consent on personal information required for the contract implementation on the service provision, due to economic and technical reasons.
- When there is a request in accordance with procedures set forth in other relevant laws and regulations
However, even in exceptional cases, if the information is provided by the related laws or the request of the investigating agency, it is the principle to notify the parties. Even if the Company cannot inform the users due to legal grounds, the Company will do its utmost to prevent information from being used indiscriminately against the original purpose of collection and use.
4. Consignment of Personal Information Processing
The Company can entrust some services to professional companies to provide improved services. The Company shall take necessary measures to ensure that personal information is managed safely in accordance with the related laws and regulations when submitting, and only the minimum personal information necessary for the relevant tasks of the referral processing agency shall be forwarded.
5. Transfer of Personal Information to Other Countries
The Company can use the services of overseas specialists to provide improved services, which may result in the transfer of some personal information to overseas specialized companies. The Company shall securely manage the personal information of the user by signing an appropriate international contract in accordance with the related laws when transferring the personal information abroad.
- Transferred personal information items: Account information
- Country to which personal information is transferred: United States
- Date / time and method of personal information transfer: At the time of registration / Transfer via encrypted Internet line
- Name of the company to which personal information is transferred: Google inc. (Information manager: YeongHo Kim, contact: 07050386398)
- Purpose of personal information use of the company to which personal information is transferred: To manage the member information
- Period of personal information retention and use of the company to which personal information is transferred: at the time of withdrawal of membership or at the end of consignment contract
6. Retention and Use Period of Personal Information
The Company will retain and use personal information of users only for the period during which the member provides the service from the date of registration. In the event that users withdraw their consent to the collection and use of personal information, the Company will destroy the personal information without delay if the purpose of collection and use is accomplished or the period of use and retention ends. In this case, users’ personal information will not be read or used for any purpose. However, the following information will be kept for the specified period for the following reasons.
A) Reason for information retention by internal policy
- Reason for preserving illegal use records: Prevention of illegal use
- Retention period: 3 days
B) If there is a need to preserve information in accordance with relevant laws such as Act on Commerce Law and Information Retention, and Act on Consumer Protection in the Electronic Commerce Transactions, Etc., the Company retains the member information for a certain period determined by related laws and regulations. In this case, the Company will only use the information for the purpose of retention, and the period of retention is as follows.
- Records of Contract, Withdrawal, etc.
Reason for Retention: Act on Consumer Protection in the Electronic Commerce Transactions, etc.
Retention Period: 5 years
- Record of Payment and Supply of Goods
Reason for Retention: Act on Consumer Protection in the Electronic Commerce Transactions, etc.
Retention Period: 5 years
- Records of Consumer Complaints or Disputes
Reason for Retention: Act on Consumer Protection in the Electronic Commerce Transactions, etc.
Retention Period: 3 years
- Record of Identity Verification
Reason for Retention: Act on Promotion of Information and Communication Network Utilization
Retention Period: 6 months
- Records of Visits
Reason for Retention: Protection of Communications Secrets Act
Retention Period: 3 months
7. Procedures and Methods of Personal Information Destruction
- Destruction procedure
The information entered by the member for registration will be transferred to a separate DB after the purpose is accomplished (in the case of paper, a document locker with a separate locking device), and according to the internal policy and other relevant laws and regulations (refer to the period of use), it will be destroyed after being stored for a certain period. It will not be used for any purpose other than retention, unless required by law.
- Destruction method
Personal information printed on paper will be destroyed by shredding or incineration.
Personal information stored in the form of electronic files will be deleted using a technical method that prohibits reproduction of the record.
8. Rights of Users and Their Legal Representatives and How to Exercise the Rights
- Users and legal representatives may exercise their privacy rights at any time for themselves or for children under the age of 14. If users and legal representatives disagree with the Company's handling of personal information, they may request withdrawal of consent or deregistration. However, in this case, some or all of the services may not be possible to use. .
- In order to view or modify personal information, users may change their personal information (or modify their membership information). In order to cancel the membership, users may terminate or withdraw from the contract through "deregister/unregister."
- If users contact the Customer Center or the person in charge of personal information in writing, by phone or e-mail, the Company will take action without delay.
- If users request correction of errors in personal information, the Company will not use or provide the personal information until the correction is completed. Also, if wrong personal information is provided to a third party, the Company will notify the third party without delay and correct the result of the correction.
- The Company treats personal information that has been terminated or deleted at the request of the user or legal representative as described in "6. Retention and Use Period of Personal Information" of the personal information processing policy, and does not allow it to be viewed or used for other purposes.
9. Technical and Administrative Protection Measures to Protect Personal Information
The Company has the following technical and administrative efforts to protect the privacy of users.
① Encryption of personal information
Important information such as user's password is encrypted and stored and managed, and personal information can be checked and changed only by the users.
② Measures against hacking
The company controls the unauthorized access from the outside by operating the intrusion prevention system 24 hours to prevent users' personal information from being leaked or damaged by hacking or malicious code, and installs a vaccine program to prevent the system from being infected with malicious code or virus. In addition, the Company backs up data from time to time in preparation for compromise of personal information, and ensures secure transmission of personal information on the network through encrypted communication. Above all, for more secure personal information processing, the Company strives to have the most technological means possible.
③ Minimization and education of staffs in charge of personal information processing
The Company limits the number of employees who process personal information to a minimum, and educates related personnel on a regular basis to recognize the importance of personal information processing policy.
④ Operation of a personal information protection organization
In order to protect personal information, the Company operates a department dedicated to protecting personal information. The Company checks the implementation of the personal information processing policy and the compliance of personal information handler to ensure that any problems are corrected immediately.
⑤ Establishment and implementation of internal management plan
The Company has established and implemented an internal management plan for the safe handling of personal information.
10. Contact Information of Personal Information Protection Supervisor
Users may contact the person in charge of personal information protection or the department concerned about any personal information inquiries or complaints that may arise while using the Company's services. The Company strives to respond promptly and faithfully to the users’ inquiries and to process them.
• Privacy Supervisor
• Name: YeongHo Kim
• Phone: 07050386398
• Mail: chuday@malang.kr
11. Personal Information Request
When users need to report or consult about other personal information infringement, they may contact the following organizations.
1) Personal Information Dispute Mediation Committee
- Responsibility: Application of personal information dispute settlement, collective dispute settlement
- Website: privacy.kisa.or.kr
- Phone number: (no area code) 118
- Address: Korea Internet & Security Agency Privacy Information Center, 135 Jungdae-ro, Songpa-gu, Seoul, Korea (05717)
2) Personal Information Infringement Report Center (Korea Internet & Security Agency)
- Responsibility: Personal information infringement report, consultation
- Webpage: www.privacy.kisa.or.kr
- Telephone: (without area code) 118
- Address: Korea Internet & Security Agency Privacy Information Center, 135 Jungdae-ro, Songpa-gu, Seoul, Korea (05717)
- Cybercrime Division of the Supreme Prosecutors' Office (www.spo.go.kr / 02-3480-3573)
- Cybercrime Division of National Police Agency (www.netan.go.kr / 1566-0112)
12. Responsibility for Linked Website
The Company may provide users with links to other websites. However, since linked websites do not apply to the Company's privacy policy, users may need to review those websites’ policies for that service when accessing the external websites through the link.
13. Duty of Notification on Personal Information Processing Policy
In the event that there is a change in the personal information processing policy, notice will be posted on the website or via e-mail at least 7 days prior to the effective date of the policy.
14. History of Revision
This privacy policy will be effective from the date below.
- Privacy Policy Effective Date: April 5, 2016
_