The Company collects the following personal information of its Users. The Company does not use such information outside of the purposes set forth below without the User's consent. If the Company wishes to use such information outside of such purposes, it will obtain the separate consent of the User as required under PIPA.
(1) The purpose of use and collection, type of information, and retention period of User information is as follows.
|Collection Method||Purpose of Collection and Use||Types of Information||Retention/Use Period|
|Information Provided (Required)||Voluntarily provided through the User registration process and use of the Service (application, website)||User management, and provision and improvement of Service||Profile picture, nickname, phone number, and other contact information stored in smartphones or other devices||Upon fulfilling the purpose of collection and use (e.g., a User withdraws its membership), the information will be destroyed without delay (except for information retained as required by law or the Company's internal policies)|
|Know-your-customer (KYC) procedures and Over-the-counter (OTC) transactions||Confirm real name of party to the token transaction, confirm identity, and provision of OTC services||Email address, name, nationality, country of residence, date of birth, gender, picture, copy of ID (ID card, driver's license, passport, etc.) (excluding personally identifiable information such as national resident number, driver's license number, and passport number), and EGG token wallet address||Upon fulfilling the purpose of collection and use (e.g., a User withdraws its membership), the information will be destroyed without delay (except for information retained as required by law or the Company's internal policies)|
(2) User information collected and used by the Company is retained for the following purposes pursuant to applicable law
|Law||Purpose of Collection and Use||Types of Information||Retention/Use Period|
|Protection of Communications Secrets Act||Provide communication confirmation data||Login history, login location, etc.||3 months|
|Keep record of advertising and labeling||Advertising and labeling records||6 months|
|Act on the Consumer Protection in Electronic Commerce, Etc.||Keep record of payments and supply of goods||Payment and supply of goods records||5 years|
|Keep records regarding contracts or withdrawal of membership||Customer identification information regarding contracts and withdrawals of membership||5 years|
|Keep records regarding processing customer complaints or disputes||Customer identification information regarding processing customer complaints or disputes||3 years|
(3) Notwithstanding paragraphs (1) and (2) above, in order to prevent disputes regarding the Service, the Company transfers information related to User registration and maintenance to a separate database (in the case of data stored on physical documents to a separate document) according to its internal policies and stores such information only for the following purposes for the following periods of time:
① If a User is subject to investigation due to a violation of applicable law: until the investigation is complete
② If a creditor-debtor relationship exists between the Company and the User: until the debt is settled
(1) If the retention period of User personal information lapses or the purpose of processing such information is fulfilled, which results in the Company no longer needing the personal information, the Company generally destroys such personal information without delay.
(2) However, even if the retention period of User personal information lapses or the purpose of processing such information is fulfilled, the Company may transfer such personal information to a separate database or store such personal information in a distinguishable area according to applicable laws.
(3) The Company's procedure and method of destroying personal information is as follows:
① Destruction procedure
When personal information is to be destroyed, the Company obtains the approval of the Chief Privacy Officer prior to destroying such information.
② Destruction method
The Company uses technical or physical means to destroy personal information stored in electronic file format to prevent it from being restored and shreds or incinerates written information on physical documents.
(1) Users and their legal representatives may request to access or update their personal information or withdraw their membership at any time.
(2) Users and their legal representatives may make such requests to the Chief Privacy Officer or manager through writing, phone, email, fax, or otherwise, and the Company will process such request without delay.
- Email: [email protected]
(3) If a User requests to correct his/her personal information, the Company does not use or provide such information until the correction is made. If the wrong information was already provided to a third party, the Company will notify such third party of the update without delay and ensure that such information is corrected.
(4) The User is responsible for ensuring that his/her personal information is up to date and is responsible for any issues arising from his/her failure to input the correct information.
(5) If a User misappropriates the personal information of another person to register as a member, such User may lose his/her User rights or be subject to penalties under applicable law.
(6) The User is responsible for maintaining the security of his/her email, password, and other information, and may not transfer or lease such information to a third party.
(7) Data subjects may exercise their rights in paragraph 1 above through a legal representative. In such case, the legal representative must submit a power of attorney in the form of Annex 11 of the PIPA Enforcement Rules.
Cookies are used to determine visits and uses of the Services and the website, popular search words, whether access is secured, and other information to provide Users with optimized information.
(2) Refusal of Installation of Cookies
① Users have the option to accept or reject the installation of cookies. The User can access the settings in his/her browser regarding the installation of cookies to accept all cookies, to obtain User confirmation each time a cookie is saved, or reject all cookies. However, the Company's provision of Services requiring the User to login may be limited if the User opts to reject cookies.
② Please refer to the following in order to modify your cookie settings:
The Company takes strong technical and managerial measures to secure User personal information and prevent such information from being lost, stolen, leaked, falsified, or damaged, as follows.
(1) Password Encryption
User passwords are stored and maintained through a one-way encryption and only Users that know their password can confirm or modify their personal information.
(2) Hacking Protection
In order to prevent personal information from being leaked or lost by hacking, computer viruses, or otherwise, the Company has installed a security program, conducts regular security checks, installed its systems in a restricted area that is monitored and blocked off.
(3) Minimizing personal information collection; Training
The Company keeps employees that handle personal information to a minimum and emphasizes compliance with law and internal policies in its training of employees handling personal information.
(4) Operation of Personal Information Protection Department
(1) The Company has a designated Chief Privacy Officer and Personal Information Protection Department responsible for handling personal information processing and customer complaints regarding personal information processing.
(2) Users may refer any questions, complaints, or requests for relief regarding personal information to the Personal Information Protection Department. The Company will respond and process such correspondence without delay.
Users may contact the following institutions regarding to request consultations or relief regarding personal information infringement. As the following are government institutions, Users may contact these institutions if they have any complaints regarding the Company's personal information processing or are unsatisfied with the Company's provision of relief.
- Notification Date: 2019.05.31
- Effective Date: 2019.05.31