4Grit (collectively, "Company") values personal information of customers and does best to protect customers’ personal information.
Company observes regulations that information and communication service providers shall observe including ACT ON PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION AND INFORMATION PROTECTION, ETC., PERSONAL INFORMATION PROTECTION ACT, and ENFORCEMENT DECREE OF THE PERSONAL INFORMATION PROTECTION ACT.
Company shall inform customers of how personal information is used in which way and purpose via Privacy Policy. If Company revises Privacy Policy, Company shall upload notice (or sending notification to each customer) in Website.
Company collects minimum amount of personal information only necessary in implementing service use contracts in a legal and fair way. Company provides customers with contents of personal information collection ∙ use when creating account and thinks customers agree on Article 1 when they click the checkbox next to "I agree to Terms of Service and Privacy Policy."
1. Company collects the following personal information to provide services including signup, consultation, and service selection and implementation of contracts.
- Collected information: email, encrypted password, phone number, company name
2. Company may collect the following information required in payment on the payment period if customers attempt to use paid services.
- Collected information: Information (name) of customers with payment method, credit card Information, payment approval number
3. Company collects the following information to provide customers with consultation on service use inquiries.
- Collected information: name, company name (optional), email
4. The following information may be collected during using the service.
- cookies, service use record, visit history record, access log, access IP address, domain, name of website, event of page activity, etc.
- Survey creators: Company saves the survey creator's data(question/answer).
- Survey respondents: Company collects and saves the survey responses. The responses are managed only by the survey creator and the company regards said information as the creator's private information. If the survey creator is to collect the respondant's personal information, the creator can request the respondant to agree with the collection and usage of said information. If the respondant declines, they will be provided a way to exit the survey.
5. Company collects personal information in the following way.
- Use of the home page and filling out of a form, consultation
- Information is collected automatically when customers install or use scripts related to services provided by Company.
- Customer responds to a survey
6. Company does not require personal information which may infringe basic human rights (race and ethnicity, ideology and doctrine, hometown and legal domicile, political orientation and criminal record, health status and sex life, etc.) and informs customers that Company shall not collect and use such information for any other purposes.
Company uses the collected personal information for the following purposes.
① Provide services
Provide services, calculate fees for paid services, provide contents, verify customer’s identity, send contracts and bills, and collect fees.
② Manage membership
Identify sign-up intent, verify customer’s identity for receiving membership service, identify individual customers, prohibit bad customers from illegal and unpermitted service use, verify individual’s identity upon limited implementation of verification system, keep records to be used for dispute settlement, resolve inquiries including complaints, and deliver notifications.
③ Do marketing and commercials
Develop new services and provide customized services, provide event and promotional information as well as provide opportunity to engage in events, check efficiency of service, figure out access frequency, provide service and upload advertisement based on statistical features, and draw statistics on customers’ service use.
1. User’s personal information shall be deleted after being used for its purpose.
2. User’s personal information is retained and used for services until users withdraw the membership (terminate service use contract). However, Company may retain collected information for the following prescribed purposes and period and shall not use for other purposes.
① If there is any ongoing investigation · examination due to violation of related laws, Company retains the information until the ongoing investigation · examination is ended.
② If Company has a debtor/debtee relationship with customers, Company retains the information until such relationship is completely cleared up.
③ Records on trades including mark · commercials, contracts and implementation of contracts based on [ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC.]
- Records on mark · commercials: 6 months
- Records on resolving customer complaints or disputes: 3 years
- Records on contract or subscription withdrawal: 5 years
- Record on making payment and providing goods and others: 5 years
④ Records on electronic financial transactions based on [ELECTRONIC FINANCIAL TRANSACTIONS ACT]: 5 years
⑤ Records on visiting the website based on [PROTECTION OF COMMUNICATIONS SECRETS ACT]: 3 months
⑥ Records on verifying individual identities based on [ACT ON PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION AND INFORMATION PROTECTION, ETC.]: 6 months
1. Company implements and enacts personal information protection policies and complies with laws on the acquisition, use, and protection of personal information. The privacy policy is always displayed at the bottom of the website.
2. Company may not use the personal information provided by the customer for any purpose other than this service.
3. Without prior consent, Company is not allowed to share personal information provided by the customer to third parties. The following cases are exemptions.
① When requested by national instututions in accordance to laws relating to the Electronic Communication Fundamental Law
② When under investigation for criminal offenses or requested by Internet Safety Commissions
③ When using customer information (name, address, phone number) for the purpose of business communication
④ When sharing a portion of information in relation to banking and financial purposes
⑤ When non-identifiable personal information is used for statistics compilation, publicity materials, academic and market research, or UX big data consulting
⑥ When the user voluntarily agrees to provide their personal information to third-parties
. Customers may search or modify their registered personal information and may request cancellation of subscription whenever necessary.
2. For exercise of right according to Paragraph 1 of Article 6, customers may exercise to Company based on Form 8 of Addendum of Enforcement Rules to Personal Information Protection Act via in writing, email, or facsimile (FAX) and Company will take immediate measure for the exercised rights by customers.
3. If customers want to search or revise their personal information, they need to click the button of "change personal information." Click "membership withdrawal" to cancel subscription. Ccustomers may search, revise, or withdraw after user authentication.
4. Company shall not use or provide applicable personal information until Company completes correction after there are request for correction on error in personal information. However, exceptionally for the following cases, Company may open and correct personal information.
① In a case that it has concern for damaging life, body, asset, or rights and interests of customers themselves or the third party
② In a case that it has concern for having considerable impact on business of the related service providers
③ In a case that it violates laws
5. Customers may exercise their rights based on Paragraph 1 of Article 6 via their legal or entrusted representative. In the abovementioned case, customers shall submit a power of attorney according to Form 11 of Addendum of Enforcement Rules to Personal Information Protection Act.
6. The survey creator and the survey respondant each have the following rights.
① Survey creator: Company provides the customer the option to delete the customer's own survey data(questions/answer). Once deleted, the data is permanantly deleted and cannot be restored.
② Survey respondant: Survey responses are the survey creator's private information. Company only processes the responses in place of the creator. If the respondant needs to check and edit their responses, they must contact the survey creator.
1. Cookies are character-string information (text files) stored in a web browser by a web server and sent back to the server when there are additional requests. After requests made, cookies are stored in the computer hard disk of customers.
2. Company installs and runs cookies storing and searching information of customers via the internet service.
3. Information that Company collects via cookies is limited to unique number of customers and Company does not collect other information. The unqiue numbers collected via cookies may be used for the following purposes.
① Provide customized service based on areas of interest of each customer.
② Use for a targeted marketing by grasping tastes and areas of interest of users by analyzing access frequency or duration of both members and non-members.
③ Use for standards of service restructuring and others by tracking and analyzing which services that customers used.
4. Customers can choose whether to accept cookies or not. Customers may allow to place all cookies on their computers by setting options in a web browser or going through confirmation whenever cookies are stored or may reject all cookies. If customers reject cookies, some services by Company may become unavailable.
Company transfers personal information as follows to improve service. In case of onward transfer according to related laws, Company sets required items to safely manage personal information.Details on agency and content for transfer are as follows.
| Agency | Content | Period |
|---|---|---|
| KG INICIS CO.,LTD. | agency for credit card payment | until the transfer contract ends. |
| Agency | KG INICIS CO.,LTD. |
|---|---|
| Content | agency for credit card payment |
| Period | until the transfer contract ends. |
Company immediately deletes the collected information after using for its purpose based on its storage and use period. The information to delete, deletion procedures, and methods are as follows.
1. Deletion Procedure
- Company stores and retains the personal information collected to provide applicable services for a certain period (refer to Article 4 Retention of Personal Information and Use Period) based on internal policy and other related laws for information protection and deletes after being used for its sole purpose.
2. Deletion Method
- Company shred written forms or printed materials with personal information and technically delete electronic files which can never be replayed.
Company takes technical/administrative and physical measures required to secure stability according to Article 29 of PERSONAL INFORMATION PROTECTION ACT.
1. Encryption of Personal Information
- Company takes necessary measures to control access to personal information by provision, change, and deletion of access right to the database system processing personal information and controls unauthorized external access by using an infringement blocking system.
2. Stroage of Access Record and Prevention of Forgery
- Company retains and manages records of access to the personal information process system at least 6 months. Company uses security function to protect the access record from being forged, stolen, or lost.
3. Use of Locking System for Document Security
- Company keeps documents and auxiliary storage devices with personal information in a safe place with locking system.
The current privacy policy is effective as of the enforcement date. If any addition, deletion, and revision is made on the privacy policy, changes will be notified on the home page at least seven (7) days before the revision.
Customers may ask consultation to the following agencies on remedy for damage. As independent agencies to Company, if customers are not satisfied with Company's dealing with complaints or remedies, they may ask for much detailed help.
- Personal Information Dispute Mediation Committee (www.kopico.go.kr / 82-1833-6972)
- Personal Information Infringement Report Center of Korea Internet & Security Agency (KISA) (privacy.kisa.or.kr / 82-118)
- Cybercrime Investigation Division at Supreme Prosecutors' Office (SPO) (www.spo.go.kr / 82-2-3480-2000)
- Cyber Terror Investigation Section (www.netan.go.kr / 82-2-392-0330)
- Personal Information Protection Mark Accreditation Committee (www.eprivacy.or.kr / 82-2-580-0533~4)
Company appoints managers responsible for overall personal information protection as follows to process and resolve complaints and damages of subjects of information in relation to process of personal information.
- Manager Responsible for Personal Information
- Name: Taejoon Park
- Position: CEO
- Contact: +82-10-2048-4397
- Manager of Personal Information
- Name: Inho Jung
- Position: Part Leader
- Contact: +82-10-9954-3265
