Privacy Policy (Revised 2023-10-01)
<Hansei Team> ("Timebubble" hereafter, accessible at 'https://hansei.team') has established and publicly announced the following Privacy Policy to protect the personal information of data subjects in accordance with Article 30 of the "Personal Information Protection Act" and to ensure prompt and smooth handling of any related grievances.
•
This Privacy Policy is effective from January 1, 2021.
Article 1 (Purpose of Processing Personal Information)
<Hansei Team> ("Timebubble") processes personal information for the following purposes. The personal information being processed will not be used for any purposes other than those specified below, and if the purpose of use is changed, necessary measures such as obtaining separate consent will be implemented in accordance with Article 18 of the "Personal Information Protection Act."
1.
App Membership Registration and Management
•
Personal information is processed for the purpose of confirming membership intent, providing membership services, verifying identity, and maintaining and managing membership status.
2.
Provision of Goods or Services
•
Personal information is processed for the purpose of providing services, delivering content, and verifying identity.
Article 2 (Period of Processing and Retention of Personal Information)
1.
<Hansei Team> processes and retains personal information within the period of retention and use of personal information as agreed upon when collecting personal information from the data subject, or within the period stipulated by law.
2.
The specific processing and retention periods for each type of personal information are as follows:
a.
Website Membership Registration and Management
•
Personal information related to <Website Membership Registration and Management> will be retained and used from the date of consent until it is no longer needed for the stated purpose.
•
Basis for Retention: Records related to the collection of website membership information.
•
Relevant Laws: Records related to the collection, processing, and use of credit information: 3 years.
•
Exception: None.
Article 3 (Provision of Personal Information to Third Parties)
1.
<Hansei Team> processes personal information within the scope specified in Article 1 (Purpose of Processing Personal Information) and provides personal information to third parties only when consent has been obtained from the data subject or when it is required by special provisions of law, such as Articles 17 and 18 of the "Personal Information Protection Act."
2.
<Hansei Team> provides personal information to the following third parties:
a.
Hansei Team
•
Recipient: Hansei Team
•
Purpose of Use: Email, phone number, date of birth, gender
•
Retention and Use Period: Indefinitely
Article 4 (Entrustment of Personal Information Processing)
1.
<Hansei Team> entrusts the processing of personal information to the following companies for smooth handling of personal information-related tasks.
2.
When entering into a service contract, <Hansei Team> includes provisions regarding the prohibition of processing personal information for purposes other than those entrusted, technical and administrative protection measures, restrictions on re-entrustment, supervision of the trustee, and liability for damages in accordance with Article 26 of the "Personal Information Protection Act," and supervises the trustee to ensure the safe processing of personal information.
3.
If the details of the entrusted work or the trustee change, this Privacy Policy will be promptly updated to reflect the changes.
Article 5 (Rights and Obligations of Data Subjects and Legal Representatives and How to Exercise Them)
1.
Data subjects may exercise the following rights related to personal information at any time:
•
Request access to personal information
•
Request correction or deletion
•
Request a suspension of processing
2.
These rights can be exercised in writing, via email, or by fax in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the "Personal Information Protection Act," and <Hansei Team> will promptly respond.
3.
The rights may also be exercised by a legal representative or an agent authorized by the data subject. In this case, a power of attorney must be submitted in accordance with Form 11 of the "Guidelines on Personal Information Processing" (No. 2020-7).
4.
Requests for access to personal information and requests for suspension of processing may be restricted under Articles 35, Paragraph 4, and 37, Paragraph 2 of the "Personal Information Protection Act."
5.
Requests for correction and deletion of personal information cannot be made if the personal information is specified as a subject of collection by other laws.
6.
<Hansei Team> verifies whether the person making the request for access, correction, deletion, or suspension of processing is the data subject or a legitimate agent.
Article 6 (Items of Personal Information Processed)
1.
<Hansei Team> processes the following personal information:
•
App Membership Registration and Management
◦
Required Items: Email, phone number, date of birth, gender
Article 7 (Destruction of Personal Information)
1.
<Hansei Team> promptly destroys personal information when it becomes unnecessary, such as when the retention period has expired or the processing purpose has been achieved.
2.
If personal information must be retained beyond the agreed retention period due to other legal requirements, the information is transferred to a separate database or stored in a different location.
3.
The procedures and methods for destroying personal information are as follows:
a.
Destruction Procedure: Personal information that needs to be destroyed is selected, and with the approval of the personal information protection officer at <Hansei Team>, the information is destroyed.
b.
Destruction Method: Information stored in electronic file format is destroyed using technical methods that prevent the recovery of the records.
Article 8 (Measures to Ensure the Safety of Personal Information)
<Hansei Team> takes the following measures to ensure the safety of personal information:
1.
Regular Self-Audits: Regular self-audits (twice a quarter) are conducted to ensure the safety of personal information handling.
2.
Technical Measures Against Hacking: Security programs are installed, regularly updated, and inspected to prevent personal information leakage or damage due to hacking or computer viruses. Systems are installed in secure areas with restricted access, and technical/physical monitoring and blocking are implemented.
3.
Encryption of Personal Information: User passwords are encrypted for storage and management, and important data is encrypted or protected using file-locking features.
4.
Access Control: Records of access to the personal information processing system are kept for at least six months, and security features are used to prevent tampering or theft of access records.
5.
Access Restriction: Measures are taken to control access to the personal information database system through granting, changing, and deleting access rights, and unauthorized access from outside is controlled using an intrusion prevention system.
6.
Document Security: Documents containing personal information are stored in a secure location with a locking mechanism.
7.
Control of Unauthorized Access: A separate physical storage location is established for storing personal information, and procedures for controlling access are implemented.
Article 9 (Matters Concerning the Installation, Operation, and Rejection of Automatic Personal Information Collection Devices)
1.
<Hansei Team> uses "cookies" to provide personalized services to users by storing and retrieving user information as needed.
2.
Cookies are small pieces of information sent by the server (HTTP) that operates the website to the user's computer browser and may be stored on the user's PC hard disk.
a.
Purpose of Using Cookies: Cookies are used to provide optimized information to users by identifying the services and websites they visit, popular search terms, security connection status, etc.
b.
Cookie Installation, Operation, and Rejection: You can refuse to store cookies by adjusting the options in your web browser's tools > Internet options > privacy settings.
c.
Difficulty in Using Customized Services: If you refuse to store cookies, there may be difficulties in using customized services.
Article 10 (Personal Information Protection Officer)
1.
<Hansei Team> has designated the following person as the Personal Information Protection Officer to oversee all matters related to personal information processing, including handling complaints and providing relief:
•
Personal Information Protection Officer
◦
Name: Kim Sehun
◦
Position: CTO
◦
Contact: 070-4466-2214, privacy@hansei.team
•
Department in Charge of Personal Information Protection
◦
Department: Hansei Team Engineering
◦
Person in Charge: Kim Sehun
◦
Contact: 070-4466-2214
2.
The data subject may contact the Personal Information Protection Officer or the department in charge regarding all matters related to personal information protection, such as inquiries, complaints, and damage relief. <Hansei Team> will respond and address inquiries without delay.
Article 11 (Request for Access to Personal Information)
Data subjects may request access to their personal information in accordance with Article 35 of the "Personal Information Protection Act" by contacting the department listed below. <Hansei Team> will make every effort to process requests promptly.
•
Department in Charge of Access to Personal Information
◦
Department: Hansei Team Engineering
◦
Person in Charge: Kim Sehun
◦
Contact: 070-4466-2214
Article 12 (Remedies for Infringement of Rights)
Data subjects may seek remedies for any infringement of their personal information rights by filing a dispute resolution or consultation request with the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency Personal Information Infringement Report Center, and other relevant organizations. For further details on reporting or