Infocreative
Co.,Ltd. ("the Company") collects personal information in compliance
with Article 30 of the Personal Information Protection Act. This Privacy Policy
is established to safeguard the personal information of users ("Subject of
Information") of the Company's Tray Storage App service and to ensure that
any related complaints are addressed promptly and efficiently.
Article
1 (Purposes of Personal Information Collection and Use)
①
The
Company collects only the necessary personal information required to provide
its services. Personal information is collected for specific purposes with the Subject
of Information's consent. The collected personal information will be used
exclusively for the purposes listed below. Should there be a need to use the
information for other purposes, the Company will take appropriate measures,
including obtaining additional consent from the Subject of Information, as
mandated by Article 18 of the Personal Information Protection Act.
Purpose |
Details |
User
Sign-up, Registration, and Management |
To verify and authenticate
service provision, prevent duplicate and fraudulent registrations, maintain
and limit user qualifications, and for various notifications and
announcements |
Provision
of Services and Usage |
For document registration and
management |
Complaint
Handling |
To address complaints, verify
identity, notify of processing results, and make contact if necessary |
Marketing
and Promotion |
To provide information about
events, promotions, and offer participation opportunities |
②
Notwithstanding
paragraph (1), the Company may collect and use personal information without the
consent of the Subject of Information within the scope of the stated purposes
when:
1.
There
is a specific provision in the law;
2.
The
personal information is unavoidably generated during the use of the service by
the Subject of Information.
Article
2 (Personal Information Collection and Usage)
Below
are the types of personal information the Company collects and the purposes for
which they are collected:
Purpose of
Collection |
Method
of
Collection |
Specific
Information Collected |
User Registration and
Management |
Via the App |
User ID, password, mobile
phone number (for users under the age of 14, a legal guardian's mobile phone
number is required) |
Via Facebook |
User ID, phone number,
password |
|
Via Google |
Name, email address |
|
Via Apple |
User ID, password |
|
Service Provision |
(Optional) Name, date of
birth, gender, email address |
|
Handling Complaints and
Dissatisfaction |
Name, email address, contact information,
1:1 inquiry details, complaint and dissatisfaction details |
※ The information collected for
marketing and promotional purposes may vary. The Subject of Information will be
asked for separate consent at the time of collection.
Article
3 (Retention and Use Period of Personal Information)
①
The
Company processes and retains personal information for the period agreed upon
at the time of collection or as mandated by law.
②
The
specific retention and usage periods for personal information processed by the
Company are detailed below:
Category |
Information |
Retention Period |
Exception |
Sign
up and Management |
Information
collected at the time of sign-up |
Until
the user's withdrawal or account deletion |
Information
is retained for 2 years after withdrawal or deletion to verify
re-registration or prevent fraudulent registration. |
Complaint
Handling |
Information
collected during the handling of user complaints |
Until
the resolution of complaints and disputes |
Records
of the processing and results are retained for a minimum of 3 years in
accordance with the E-Commerce Law. |
Information
and Communication Records |
App
visit and usage records, search records |
Until
the user's withdrawal or account deletion |
Records are kept for a minimum of 3 months as per the
Enforcement Decree of the Protection of Communications Secrets Act, and the
final access records are retained for 1 year according to the Personal
Information Protection Act. |
Article
4 (Disclosure of Personal Information to Third Parties)
①
The
Company generally does not disclose the personal information of the Subject of
Information to third parties. In instances where personal information is
provided to third parties, the Company will notify the Subject of Information
of the recipient's identity, the purpose for which the recipient will use the
personal information, the specific items of personal information being shared,
the period for which the personal information will be retained and used by the
recipient, the Subject of Information's right to deny consent, and the
potential disadvantages of refusing consent.
②
Despite
the above stipulation, the Company may disclose personal information to third
parties without the consent of the Subject of Information under the following
circumstances:
1.
When
a specific legal provision exists;
2.
When
requests are made by government and public institutions, investigative
agencies, courts, etc., on a legal basis;
3.
When
providing pseudonymized information for statistical analysis, scientific
research, or preservation of public records;
4.
In
cases of emergencies, such as natural disasters, infectious diseases, imminent
threats to life or physical safety, or urgent risks of property loss.
Article 5
(Rights of the Subject of Information and How to Exercise Them)[my1]
①
The
Subject of Information is entitled to the following rights concerning their
personal information processed by the Company:
1.
Inspection of
Personal Information: The Subject of Information may request to view their
personal information held by the Company as per Article 35 of the Personal
Information Protection Act. The Company is committed to efficiently handling
these access requests. However, access may be limited or denied under certain
circumstances such as legal restrictions, potential harm to an individual's
life or physical safety, or the possibility of infringing on the rights and
interests of others.
2. Rectification or
Erasure of Personal Information: In accordance with Article 36 of the Personal
Information Protection Act, the Subject of Information has the right to ask for
corrections or deletion of their personal information that the Company holds.
This request may not be granted if the law mandates the collection of the
specific personal information.
3. Suspension of
Processing of Personal Information - Under Article 37 of the Personal
Information Protection Act, the Subject of Information may request the Company
to halt processing their personal information or to withdraw their consent to
process their personal information. However, the Company may deny this request
in cases where there are specific legal mandates, compliance with legal
obligations is necessary, there is a potential risk to an individual's life or
physical safety, there's a risk of infringing on the rights and interests of
others, or if the Subject of Information has not explicitly indicated their
desire to terminate their service agreement.
②
The
Subject of Information can exercise the rights outlined in Paragraph (1) by
reaching out to the Personal Information Protection Officer at +82 2-333-7334
or by emailing support@traystorage.net. The Company commits to responding
promptly to such requests.
③
In
the event the Subject of Information requests the correction or deletion of
inaccuracies in their personal information, the Company will refrain from using
or disclosing the concerned information until the correction or deletion
process is completed. Should incorrect personal information have been disclosed
to a third party, the Company will immediately inform them to ensure the
necessary corrections or deletions are made.
④
A
legal representative of the Subject of Information or an individual duly
authorized by the Subject of Information may act on their behalf to exercise
the rights mentioned in Paragraph (1). This can be done by submitting a
document that verifies their authority to the Company.
Article
6 (Destruction of Personal Information)
①
The
Company will promptly destroy personal information when it is no longer
necessary, such as upon fulfilling the purpose, expiration of the retention and
use period, or conclusion of the business operations.
②
Notwithstanding
the immediate destruction policy outlined in paragraph 1, if legal obligations
necessitate the continued retention of personal information, the Company will
segregate and manage the information apart from other personal data.
③
For
cases where the Company is mandated by legislation, such as the E-Commerce Law
and the Protection of Communications Secrets Act, to retain personal
information for a predetermined period, it commits to securely storing this
information throughout that period.
④
Upon
the expiration of the retention period, the Company will initiate the process
for the destruction of personal
information.
1. Destruction Procedure: The Company identifies personal
information that is no longer necessary and, under the supervision of the
Personal Information Protection Officer, proceeds with its destruction.
2. Destruction Method: Personal information recorded or stored
in electronic file format is permanently deleted in an irrecoverable manner,
and personal information recorded on paper documents or other recording media
is shredded, incinerated, or masked/punched to ensure destruction.
Article
7 (Ensuring the Security of Personal Information)
The
Company adopts the following measures to prevent the loss, theft, leakage,
alteration, damage, or compromise of the Subject of Information's personal
data:
1.
Developing
and executing an internal management plan dedicated to the protection of
personal information, including regular training for employees.
2.
Implementing
access controls and restricting permissions to the personal information
processing systems, encrypting sensitive identifiers, and installing security
software.
3.
Securing
physical storage facilities or deploying locking mechanisms and access controls
to safeguard stored personal information.
Article
8 (Installation, Operation, and Refusal of Automatic Data Collection Devices)
①
The Company employs
'cookies' to gather and intermittently recall usage data, offering tailored
services to the Subject of Information. Cookies are small data files
transmitted from the website's server to the Subject of Information's web
browser and may be saved on the Subject's PC hard drive.
②
The purposes and
installation details
1.
Purpose:
Cookies help understand the Subject of Information's browsing history and usage
patterns, enabling the provision of personalized content.
2.
Management
Options: The Subject of Information has the option to configure their browser
settings to either accept or reject cookies. For instance:
Internet
Explorer: Go to the top of the web page, click on "Tools," select
"Internet Options," go to the "Privacy" tab, and adjust
cookie settings.
Google
Chrome: Go to "Settings," select "Advanced settings," and
manage privacy settings.
3.
Declining
cookies might limit the availability or functionality of personalized services.
Article
9 (Designation of Privacy Officers)
The
Company is committed to the responsible management of personal information
processing. To this end, it has appointed Privacy Officers to oversee the
processing of personal information, address complaints and provide remedies
related to personal information, and support the Subject of Information in
exercising their rights. The designated officers are as follows:
Name: Do Cheon Jeong
Position: CEO & Director
Contact Number: +82 2-333-7334
Email: support@traystorage.net
Article
10 (Remedies for Violation of Subject of Information's Rights)
①
Subjects
of Information seeking remedies for personal information violations can consult
the following external organizations. These bodies operate independently of the
Company and offer additional support for those unsatisfied with the Company's
handling of personal information concerns.
Agency |
Contact |
Website |
|
Personal Information
Infringement Report Center
|
9,
Jinheung-gil, Naju-si, Jeollanam-do, Republic of Korea |
118 (no
country code required) |
privacy.kisa.or.kr |
Personal Information
Dispute Mediation Committee |
Government
Complex Seoul 12th floor, 209, Sejong-daero, Jongno-gu, Seoul,
Republic of Korea |
1833-6972
(no
country code required) |
www.kopico.go.kr |
Cyber Investigation
Division of Supreme Prosecutors' Office |
|
1301
(no
country code required) |
www.spo.go.kr |
Korean National Police
Agency Electronic Cybercrime Report&Management system |
|
182
(no
country code required) |
ecrm.cyber.go.kr |
②
The
Company is dedicated to providing assistance with consultations and remedies
related to personal information rights violations. For consultation, please
reach out to:
Contact Person: Do Cheon Jeong
Contact Number: +82 2-333-7334
Email: support@traystorage.net
Article 11 (Amendment and Implementation of Privacy Policy)
①
The
Company will notify the Subjects of Information of any changes to this privacy
policy by comparing the content before and after the amendments at least seven
days in advance of the changes taking effect.
②
This
privacy policy will come into effect on February 1, 2024.