Collection and use of personal information

Article 1 [Purpose
1. MeetSpecs Co., Ltd. (hereinafter referred to as the “Company”) values ​​members’ personal information in providing the MeetSpecs service (hereinafter referred to as “Service”) to members, and makes every effort to effectively manage and protect the member’s personal information. Are working.
2. The company complies with laws and regulations related to personal information protection, such as the Act on Promotion of Information and Communication Network Utilization and Information Protection, etc. The company informs you of the purpose and method of using the personal information provided by members through the personal information handling policy and what measures are being taken to protect personal information.
3. The company provides this policy through notices on the website and service so that members can always easily read this policy.

Article 2 Personal information items to be collected and methods of collection
1. The Company prepares a procedure for consenting to the use of the terms and conditions of service and the collection and use of personal information at the time of membership registration.
2. The Company may collect personal information as follows for service provision and contract fulfillment, and does not request personal information (race and ethnicity, ideology, place of origin, etc.) that may infringe on basic human rights.
-ID (email), nickname, password, service version, service usage record (access log, event progress, item purchase, payment record, etc.), terminal information (model name, OS version, device unique identification number, etc.), Facebook, etc. SNS identification information
3. The company collects personal information in the following ways.
(1) Membership registration, service inquiry, event application, delivery request, etc.
(2) Collection through generated information collection tool
4. The company does not use or collect cookies to provide services.
What is a cookie? -A small text file that the web server delivers to the web browser on a specific website

Article 3 Purpose of collection and use of personal information
The company uses the collected personal information for the following purposes.
1. Find user’s password
-Send a temporary password to the e-mail collected at the request of the user
2. Fulfillment of contracts for service provision
-Content provision, delivery of goods
3. Member management
-Prevention of illegal use of bad members according to membership service use, confirmation of subscription intention, record preservation for dispute settlement, complaint handling, etc., delivery of notices
4. Use for marketing and advertising
-Development of new services and provision of customized services, provision of services and advertisements according to statistical characteristics, service validation, identification of access frequency, statistics on members’ service use, provision of event and advertisement information and participation opportunities

Article 4 Sharing and provision of personal information
1. The company uses the user’s personal information in “2. The purpose of collection and use of personal information” is used within the range notified, and does not use the user’s personal information beyond the scope of consent without prior consent of the user or disclose the user’s personal information to a third party. However, the following cases are exceptions.
(1) When users agree to disclosure
(2) In accordance with the provisions of laws and regulations, or when there is a request from an investigative agency for investigation purposes in accordance with the procedures and methods specified in the laws
(3) When necessary for payment and settlement of fees requested by users
(4) If it is necessary for the delivery of prizes and management of the winners by winning the event

Article 5 retention and use period of collected personal information
1. When a member withdraws from membership or receives a member ID deletion due to false information on personal information, the collected personal information is completely deleted and processed so that it cannot be used for any purpose.
2. Members’ personal information will be destroyed without delay when the purpose of collecting and using personal information is achieved in accordance with Article 6, Paragraph 1 of this Personal Information Handling Policy. However, if it is necessary to preserve personal information according to the company’s internal policy or related laws and regulations, personal information may be stored for the period specified below.
1) Records on contract or subscription withdrawal-Reason for retention: Act on Consumer Protection in Electronic Commerce
-Retention period: 5 years
2) Records on payment and supply of goods-Reason for retention: Act on Consumer Protection in Electronic Commerce Transactions
-Retention period: 5 years
3) Records on consumer complaints or dispute handling-Reason for retention: Act on Consumer Protection in Electronic Commerce
-Retention period: 3 years
4) Service visit record
-Reason for retention: Protection of Communications Secrets Act
-Retention period: 3 months
5) Books and supporting documents for all transactions prescribed by the tax law-Reason for retention: Basic Act on National Tax
-Retention period: 5 years

Article 6 personal information destruction procedures and methods
1. In principle, after the purpose of collecting and using personal information is achieved, the company destroys the information without delay.
2. Members’ personal information will not be used for any purpose other than retention unless required by law.
3. Destruction method
(1) Printed personal information is destroyed by shredding or incineration.
(2) Personal information stored in the form of an electronic file is deleted using a technical method that cannot reproduce the record.

Article 7 rights of members and how to exercise them
1. The company does not collect the user’s age, but if it is confirmed that the child is under the age of 14 in the future, it will always obtain the consent of the legal representative.
2. Members can check and inquire their personal information at any time, and may request termination of subscription or suspension of processing of personal information. However, in such cases, some or all of the service may be restricted.
3. A member can directly inquire his/her personal information from [Member Information] in the service, and can terminate the contract of use at any time through [Withdrawal of Service]. In case of termination, all personal information of the member will be deleted. However, if it falls under Article 5 (2) of the Personal Information Handling Policy, it can be stored for a certain period in accordance with relevant laws.
4. When a member requests correction or deletion of his/her personal information, the company shall take necessary measures without delay after confirming the identity of the member.
5. If a member requests correction of errors in personal information, the existing personal information cannot be used until the correction is completed. In addition, if incorrect personal information is provided to a third party in accordance with Article 4, Paragraph 1, the corrected processing result will be provided to the third party.
6. The Company handles personal information that has been canceled or deleted at the request of a member as specified in Article 5 of the Privacy Policy, and is processed so that it cannot be viewed or used for any other purpose.

Article 8 Technical and administrative measures for personal information protection
The company takes the following technical and managerial measures to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged in handling personal information of members.
1. Technical measures
(1) The company is doing its best to prevent the leakage or damage of members’ personal information by hacking or computer viruses. In preparation for damage to personal information, data are frequently backed up, and users’ personal information or data are prevented from being leaked or damaged by using the latest anti-virus program, so that personal information can be safely transmitted over the network through encrypted communication. I’m doing it. In addition, we use an intrusion prevention system to control unauthorized access from outside, and strive to equip all possible technical devices to secure systemic security.
2. Administrative measures
(1) The company’s personal information handling staff is limited to the person in charge, and a separate password is given for this and updated regularly, and the compliance of the privacy policy is always emphasized through frequent training for the person in charge.
(2) The company has a personal information manager to check the implementation of the privacy policy at all times, and if any problems are found, we are making efforts to correct and correct them immediately. However, the company is not responsible for any problems caused by the leakage of personal information due to the user’s carelessness or Internet problems.
Article 9 Personal Information Manager
The company appoints a personal information manager who is responsible for collecting opinions and handling complaints about personal information.

* Company: MeetSpecs Co., Ltd.
* Affiliation (position): Representative

(1) Working hours of personal information manager
-Weekdays: 10:00~19:00
-Closed on Saturdays, Sundays and public holidays.
(2) Other organizations for reporting or consulting on personal information infringement
-Personal Information Infringement Report Center ( / 118)
-Advanced Crime Investigation Division, Supreme Prosecutors’ Office ( / 02-3480-2000)
-National Police Agency Cyber ​​Terror Response Center ( / 02-392-0330)

Article 10 Revision of the privacy policy and its notification
(1) If the Company changes this Privacy Policy, the reason for the change and the date of application shall be specified and notified through a notice in the service from 7 days before the date of application to the date of application together with the current Privacy Policy. However, if there is any important change in the user’s rights or obligations, it will be notified at least 30 days in advance.
(2) Although the Company notifies the contents of the change pursuant to Paragraph 1 and notifies that the intention to reject is not indicated by the date of application of the change, the user does not explicitly indicate the intention to reject the change. You agree to the changes.
(3) Notwithstanding Paragraph 2, if the Company collects additional personal information from the user or provides it to a third party, it goes through a separate consent procedure from the user himself.
(4) This policy is provided in Korean, English and some languages ​​for the convenience of users. If the translated “Terms and Policies” is different from the Korean Terms and Conditions, the “Terms and Policies” in Korean will be prioritized.

Supplementary provisions
This policy will take effect from October 1, 2020.