Privacy Policy
DOHE Korea (hereinafter referred to as the
“Company”) complies with applicable laws including Personal Information
Protection Act, and protects personal information, with its best efforts, by
establishing Privacy Policy under applicable laws.
The Privacy Policy is open to users at any time on the
initial page of the About Korea website for easier recognition by users and may
be modified depending on the changes of applicable laws, guidelines, announcements
and company service policies. Please read following content carefully and
proceed to sign up for a membership only if you consent to it.
1. Items of personal information to be processed
and purpose
The Company collects items of personal information for
the purpose of operation of business, provision and improvement of products and
services, provision of information to users and development of effective advertisements,
and for each of following purpose.
For the Company to provided services to all members,
following items of personal information are required and those items are
collected upon consent of membership applicants or on the basis of laws.
A member has a right to refuse to provided consent to the
item to be collected; provided, however, that signing up for membership and use
of the service may be restricted if you refuse to provide consent to collection
and use of required items.
|
When to
be collected |
Items of
collection |
Purpose
of collection |
|
When signing
up for membership |
[Required] Duplicate registration verification information
(DI), country of residence, device information (Unique device identifier, OS version,
etc.)
|
Conformation of intent to join, subscription/change/termination
of services, determination whether to provide services (verification of ages,
etc.) and verification of duplicate registration, delivery of announcements,
operation of a place in which members participate, member survey |
|
When
using the website |
[Required] IP address, cookie, service use
record (date and time of visit, faulty use record, etc.), device information (unique
device identifier, OS version, etc.) |
Analysis of statistics of the service use (identification
of details and frequency of the use), prevention of wrongful use by a faulty
member), service improvement and update |
|
When
consulting with a customer |
[Optional] Name, cell phone number, email, details
of consultation (there may be personal information additionally collected
depending on the type of inquiry and content) |
Consultation for a customer via
phone/handling of complaint∙mediation of dispute, operation of a place in
which members participate, member survey |
|
When participating
in a contest, event and promotion |
[Optional: in case of participation] Name, cell phone number, email, residence
|
Delivery of a prize in the event of winning
an event or contest |
|
When
using a service |
[Required] Status of service use (date of
subscription, period of use, items of services of use), content preference |
Provision of a customized service |
2. Process of personal information and period of retention
1. The Company retains and uses member’s personal
information from the date of service subscription to the date of withdrawal of
membership, and in case a member withdraws a membership, the Company immediately
destroys or separately retains such member’s personal information in accordance
with Article 39-6 of Personal Information Protection Act; provided, however,
that information retained in accordance with applicable laws shall be an
exception.
ㆍPeriod for retention and use of personal information in
accordance with applicable laws
|
Grounds for retention |
Items subject to retention |
Retention period |
|
Commercial
Act |
Personal information contained in trade
books and important documents concerning sale |
10 years |
|
Commercial
Act |
Personal information contained in a slip or
document similar thereto |
5 years |
|
Framework
Act on National Taxes |
Books and documentary evidence related to
all transactions including name, resident registration number, phone number,
billing address, fee payment details, etc. |
5 years |
|
Protection
of communications Secrets Act |
Name, resident registration number, phone
number and date of telecommunication by subscribers, time that the telecommunications
commence and end, communications number of outgoing and incoming call, etc.
and the subscriber's number of the other party, frequency of use and data on a
location of originating base station that are required for provision of communication
confirmation data |
12 months In case of data related to long-distance/local
call services: 6 months |
|
Protection
of communications Secrets Act |
Computer communications or Internet
log-records, data on tracing a location of connectors capable of confirming
the location of information communications apparatus |
3 months |
|
Act on
the Consumer Protection in Electronic Commerce |
Records regarding contracts or cancellation
of an order, etc. |
5 years |
|
Act on
the Consumer Protection in Electronic Commerce |
Records regarding payment and supply of
goods, etc. |
5 years |
|
Act on
the Consumer Protection in Electronic Commerce |
Records regarding handling of consumer’s
complaint and dispute |
3 years |
|
Act on
the Consumer Protection in Electronic Commerce |
Records regarding
indications/advertisements |
6 months |
|
Credit
Information Use and Protection Act |
Records regarding collection/processing,
use, etc. of credit information |
3 years |
2. In case that a member withdraws the membership voluntarily,
the Company retains such member’s name, email address and cell phone identifier
information for 1 month after membership withdrawal for the purpose of prevention
of an act that such member illegally•wrongfully receives economic benefits such
as a discount coupon, event benefit, etc. provided by this service by
repeatedly rejoining as a member, withdrawing voluntarily, etc. and of an act
of illegal use of other’s name in the course thereof.
3. If it is necessary to retain personal information in
preparation for other necessary cases including a lawsuit or dispute, or to
assist a member, personal information is retained separately from other members’
personal information, for the period concerned, in accordance with Article 39-6
of Personal Information Protection Act.
4. The Company may continue to retain and use posts and content
submitted by a member, if the Company obtains separate consent, even after the
member withdraws membership, in a form that a specific individual is unable to
be recognized.
3. Provision
of personal information to a third party
1. In principle, the Company does not provide member’s
personal information to a third party without member’s prior consent. If it is
necessary to share member’s personal information with a third party including
other members, the Company provides it after obtaining consent by notifying the
member of recipients, the purpose of provision, items to be provided, the period
of use and retention; provided, however, that a case that follows applicable
laws may be an exception.
(1) Cases that personal information
is provided to a third party
A. Where a member gives prior consent to
provision to a third party for execution of transaction and smooth provision of
services
B. Where an
applicable law requires or an investigative agency requires in accordance with procedures
and methods set forth in the laws for the purpose of investigation
C. Where there
is a reason such as spin-off, merger, transfer and acquisition of business
4. Outsourcing of personal information
1. The Company may outsource processing of personal
information for improvement of services. When outsourcing of personal
information processing, the Company manages·supervises it for safe handling of
member’s personal information and restricts handling thereof for other
purposes.
(1) In case personal information processing is outsourced, the Company will
notify members thereof in advance.
(2) In case personal information processing is outsourced, the
Company will clearly prescribe the service provider’s obligations of strict
compliance with instructions relevant to protection of personal information, confidentiality
of personal information, prohibition of provision to a third party and
liability when an accident occurs in an outsourcing agreement, etc. and will
keep content of the agreement concerned in writing or electronically.
(3) Status of outsourcing of
personal information processing
|
Outsourcee |
Classification |
Outsourced
tasks |
|
Google |
1) History of service use (Google
Analytics, Firebase) 2) Sending push notification |
1) Collecting and storing history of
service use 2) Sending push notification |
|
Apple |
1) When
sending an alert |
1) Sending a notice |
|
Amazon Web Service |
Storage
of data |
Retention of personal information, etc. |
|
Sprint |
Operation
of infrastructure/service |
Operation of infrastructure/service |
※ The lists of outsources may be differentiated at any time depending
on changes of a service and the period of contracts.
(4) The Company outsources part of personal
information processing tasks to an outsourcee located in a foreign country. Management
of user’s personal information in a foreign country is carried out at the same
level as in Korea. Therefore, please be noted that personal information may be
transferred to, stored or backed up in a server located in a foreign
country.
|
Outsourcee |
Transfer
to |
When
to transfer |
Items
of personal information transferred |
|
Google LLC |
USA |
Upon
necessity, send from time to time through information communications networks
|
All items of personal information
collected and used in the course of using a service (including signing up and
questioning and answering) |
|
Amazon |
USA |
※ The lists of outsources may be differentiated at any time depending
on changes of a service and the period of contracts.
5. Procedures and methods of
destruction of personal information
In case personal information is no longer necessary due expiration of personal
information retention period or accomplishment of the purpose of collection and
use of personal information, etc., the Company destroys such personal
information immediately.
ㆍ Procedures and methods of destruction of personal information by the
Company are as follows:
(1) Procedures of destruction
A. The Company destroys personal information
for which a reason for destruction has occurred after obtaining an approval
from a privacy officer.
B. Information entered by a
member for signing up for a membership or application for a service will be
moved to a separate DB (to a document cabinet with a separate locking device in
case of paper) after accomplishment of the purpose, and destroyed after being
stored for a certain period of time depending on a reason of protection of
information in accordance of an internal policy and other applicable laws
(refer to period of retention and use).
C. Above-mentioned personal
information shall not be used for the purpose other than the purpose of
retention unless required by applicable laws.
(2) Methods of destruction
A. Personal information
stored in electronic forms will be destroyed by technical means to prevent any
record from being recovered.
B. Personal information printed on paper will
be shredded with a shedder for destruction.
6. Measures
for ensuring security of personal information
The Company takes following measures to ensure security when handling members’
personal information.
(1) Encryption of personal information
Members’ personal information is protected by password and important data is protected
by using other security functions such as encryption of files and transmission
data and file lock function.
(2) Technical measures in preparation for hacking, etc.
The Company installs and periodically renews·checks a security program in order
to prevent members’ personal information from being leaked or damaged due to
hacking or computer virus, etc.
(3) Restriction on access to the system that processes personal
information
The Company limits the number of employees who handle personal information to
the minimum and separate passwords for such handling are granted and frequently
changed.
(4) Training of employees who handle personal information
The Company trains employees who handle personal information about learning new
security technologies and obligations of personal information protection on a
regular basis.
7. Matters regarding installation, operation and refusal of personal
information auto collection devices
The Company uses “cookies” as means of storing and retrieving user information
from time to time in order to provide a personalized and customized service for
each user. Cookie is a very small text file sent by a server which is used for
operation of company’s website, etc., and that is placed on the hard drive of user’s
computer.
(1) Purpose of use of cookies
Targeted
marketing and providing a customized individual service through analysis of
member and non-member site visitation frequency or time, etc., recognizing user
preference and interests and tracing users and recognizing various event participation
level and visiting numbers
(2) Methods to refuse cookies
Users have the option to install cookies.
Therefore, users can adjust the level of information collected by cookies by
setting options on the web browser.
Users may decide the level of information
collected by cookies by clicking [Tools] menu of the web browser and [Internet
option]->[Security]->[Customer Level].
By using the menu described as above, users
may check whenever cookies are stored or refuse to store all cookies. However,
when a user refuses to install cookies, some services may not be able to be
provided.
8. Privacy
officer
Members may inquire any complaint with regard to
personal information protection arising in the course of using the service of
the Company to the privacy officer or responsible department. The Company will
promptly respond to the inquiries from members with sufficient answers.
- Privacy Officer: Seongnam Kim
- Cell Phone Number: 010-8421-5533
- Email : aboutkorea@dohegroup.com
9. Reports
and consultations about personal information infringement
If a report or
consultation with regard to infringement of personal information, please
inquire following institutions.
|
Institution |
Website |
Phone |
|
Privacy
Infringement Report Center |
http://privacy.kisa.or.kr/kor/main.jsp |
(without
area code) 118 |
|
Personal
Information Dispute Mediation Committee |
https://www.kopico.go.kr/ |
1833-6972 |
|
Supreme
Prosecutors' Office Cyber Crime Investigation Division |
http://www.spo.go.kr/spo/index.jsp |
(without
area code) 1301 |
|
National
Police Agency Cyber Terror Response Center |
http://cyberbureau.police.go.kr/index.do |
(without
area code) 182 |
10. Duty of notification
(1) privacy policy may be modified when the modification is necessary including
changes in laws, government policies or company internal policies, and will be
notified on the About Korea website at least 7 days prior to the modification
if there is any addition, deletion and modification.
(2) This Privacy Policy will take
effect on July 1, 2022
- Date of
notification: July 1, 2022
- Date of
enforcement: July 1, 2022
