PRIVACY POLICY
[ MORAI Inc.] (“Company”) has developed the following privacy policy to protect the personal information and interests of data subjects and effectively handle their complaints related to personal information according to the Personal Information Protection Act (“PIPA”) and the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. (“Network Act”).
Article 1 (Items and Methods of Personal Information Collection)
The Company collects the following types of information in the following manner:
① Items of information collected
-
Name (trade name), date of birth, email address, cookies, log records, service use records, IP address, information on website visit time
② Collection method
-
Collection through webpages operated by the Company
-
Automatic collection of automatically generated information in the process of data subjects’ use of services
Article 2 (Purpose of Personal Information Collection/Use)
The Company shall use collected personal information for any of the following purposes. In principle, such personal information shall not be used for any purpose other than those set forth below. In the event of any change in the purpose of use, the Company shall take necessary measures including obtaining prior consent from data subjects:
-
Provision of member services, prevention of inappropriate use of service
-
Direct marketing and provision of general information on new products and services.
-
Administration and improvement of the Company’s website.
-
Providing Demo software or customer support via email.
-
Record retention for dispute resolution, response to complaints including handling of dissatisfaction, delivery of notices
-
Information notices required in the course of using the services, handling of complaints, etc.
Article 3 (Period of Personal Information Retention and Use)
① Unless the Company must retain personal information of data subjects according to applicable law, it shall retain and use such information, in principle, until the retention period agreed by data subjects expires or until the purpose of such handling is accomplished. Such information shall be promptly destroyed upon attainment of its purpose. For your reference, personal information may be retained for the following retention periods in accordance with applicable laws.
1) Act on Protection of Consumers in Electronic Commerce, Etc.
- Records on the formation/withdrawal of contracts: 5 years
- Records on payment settlement and supply of goods, etc.: 5 years
- Records on processing of customer disputes and complaints: 3 years
2) Communications Secrecy Protection Act
- Login records: 3 months
② If data subjects using information and communication services offered by the Company fail to use the Company’s services for not less than a year, the Company shall destroy their personal information pursuant to the Network Act.
Article 4 (Data Subjects’ Rights and Obligations and Methods of Exercise)
① Data subjects may exercise their rights related to personal information against the Company, including a request for access to, modification or deletion of, or suspension of handling of, their personal information as provided by applicable law including the PIPA and the Network Act.
② Rights under the foregoing paragraph ① may also be exercised through data subjects’ legal representatives or other duly authorized persons.
③ With respect to data subjects’ exercise of rights, the Company shall promptly take necessary measures as provided
in applicable law including the PIPA and the Network Act.
Article 5 (Procedures and Methods of Personal Information Destruction)
① In principle, the Company shall forthwith destroy personal information when such information is no longer necessary for the purpose of processing such unnecessary information.
② If the Company must keep personal information under applicable law even though the period of its retention has expired or the information is ready for processing because it is no longer useful or necessary, the Company shall store and manage such information or information files separately from any other personal information as is required under such law.
③ When the Company destroys personal information, it shall take measures to prevent restoration or recovery of any such information. To be specific, the Company shall permanently delete personal information in electronic file format in a manner that prevents the recovery of any such information. The Company shall shred or incinerate other records, printed materials, documents, and recording media.
④ According to the Network Act, the Company shall store and manage personal information of users who failed to use the
Company’s services for not less than a year separately from other users‘ personal information.
Article 6 (Installation, Operation of Automatic Personal Information Collection Device and objections thereto)
① The Company utilizes cookies that store and search your information from time to time. Cookies are small text files that a server used for website operation sends to your browser. They are stored on the hard disk of your computer.
② The Company may collect your device IP address, unique device ID, hardware and software type, internet service provider, serving domain, geographical area, location data, browser type, and operating system, search history. The Company uses this information to create reports and improve Company’s website
③ You have the right of choice regarding installation of cookies. Accordingly, you may allow or block storage of all cookies or ensure that each cookie will be stored based on your confirmation by using the option menus in your web browser. However, if a data subject rejects installation of cookies, it may limit the ability to use certain online services offered by the Company.
④ Members may allow or block storage of all cookies or require that each cookie will be stored based on their confirmation by using the option menus in their web browser.
Article 7 (Measures to Ensure Safety of Personal Information)
The Company takes the following technical, managerial, and physical measures necessary to ensure safety of personal information according to applicable laws including the PIPA and the Network Act:
-
Managerial measures: formulation and execution of an internal management plan, regular employee training on personal information protection, etc.
-
Technical measures: management of the right of access to the personal information processing system, installation of an access control system, password encryption, installation of a security program, etc.
-
Physical measures: Control of access to the places where personal information is stored such as a computer room and data storage room
Article 8 (Revision of Privacy Policy)
① This Privacy Policy enters into force on [2022.11.09].
② The Company’s Privacy Policy is subject to change according to applicable law, guidelines, and the Company’s internal management policy. Any modification of the Privacy Policy shall be disclosed as provided in applicable law.
Article 9 (Opinion Collection and Complaints Handling)
Data subjects may file a complaint related to personal information or a request to view their personal information with the officer or employee listed below. The Company shall provide a prompt and sufficient response to the complaints raised by data subjects. Also, The Company shall use reasonable efforts to ensure that a request for access to personal information will be processed in a timely manner.
-
[Chief Privacy Officer]
Name: [EUNJI JEON]
TEL: [+82 10-4741-4840]
-
[Personal Information Protection Department]
Department: [Legal]
Officer in charge: [JAESEOK YU]
TEL: [+82 10-5760-6910]