The user can use Flexcil in various ways including creating, editing, and sharing information with other users. However, in order to provide convenient and optimized Flexcil service environment, it is inevitable to collect the least amount of user information. This document explains how Flexcil Inc. uses, treats, and protects the collected user information.
This personal information treatment policy applies to Flexcil service(hereafter, “service”)
Personal information collecting purpose
- Personal information refers to information related to an individual including name, email and other information that can identify the individual (includes identifying the specific individual by combining with other information, even if the information itself cannot identify a specific individual.
Collected Private information
- Our company collects the following private information for the smooth provision of customer services and other services, upon registering.
① ID, password: data for identification for complaint processes according to usage of service
② Email address: delivering notifications, securing means for communication such as handling complaints, notify new service, new products, events and other news.
- Additionally, during the usage of service, the below information can be collected after being automatically generated.
① IP Address, cookie, time of visit (number of login), analysis contents, service usage trails, defect usage records and other personally customized services and member service, and data for upgrade.
② in the case of individual: name, email address
Purpose of private information usage
- Contract implementation and service provision in relation to service provision
① For the purpose of providing contents and customized services and identifying who you are.
- Membership management
① Member identification according to member service usage and limited self-identification system, personal identification, prevention of bad members’ usage, prevention of non-authorization, confirmation on sign-ups, limiting sign-ups and number of sign-ups, preserving records for the control of conflicts, complaint handling, delivering notification.
- New service development and utilization for marketing and advertisements
① For the purpose of new service development or the provision of personalized service, service provision based on statistical characteristics and advertisements, confirmation on the availability of service, provision of event or advertisement information and the participation opportunities, identification of the frequency of assessing our services/products, and user statistics on the service use.
Private Information Possession and Holding Period
- Reason for preserving the information according to in-house policy
① unauthorized use records
– Reason for preservation: prevention of unauthorized use
– Preservation period: 1 year
- Reason for information preservation according to the related acts
According to the Commercial Act, Consumer Protection Act and other related acts, if necessary for preservation, the company will preserve member information for a specific period of time set by the related acts. In this case, the company will only use the preserved information with necessary preservation purposes and the preservation period is as follows.
- Records on visiting
– Ground act: Protection of Communications Secrets Act
– Preservation Period: 6 months
- Records on personal identification
– Ground act: Information Infrastructure Promotion Act and Information Protection Act
– Preservation Period: 6 months
- Records on the handling of user complaints or conflicts
– Ground act: Consumer Protection Act
– Preservation Period: 3 years
- Records on the cancellation of contract or offer
– Ground act : Consumer Protection Act
– Preservation Period: 5 years
- Record on the payments and supply of materials
– Ground act : Consumer Protection Act
– Preservation Period: 5 years
The Procedure and Method of Destroying Private Information
- Destruction Procedure
The information that users provided us in the course of sign-up will be transferred to an individual DB after achieving its purpose(in the case of paper documents, it will be transferred to an individual cabinet). Then, according to our in-house policy and other related acts in terms of the protection of private information (refer to preservation and usage period), information will only be stored for a specific amount of time and then be destroyed. The above personal information will not be used for any other purposes other than private information preservation.
- Destruction Method
The private information printed on papers will be destroyed through a paper shredder or incinerated in a paper incinerator bin. Electronic Personal information will be destroyed with technical skills so that the record can’t be re-generated.
Membership rights and Responsibilities
- For a review or revision of personal information of users, select ‘Edit Membership Information’. For withdrawal (agreement cancellation), reviewing and editing personal information and disabling account permanently are available after completing the self-identification while temporarily disabling the account.
- When users request for the correction of errors in his/her private information, we do not use or offer them to users until the correction is fully made. Additionally, when the wrong information has been provided to any third party, correction will be made immediately via prompt notification.
- All the personal information that are cancelled or deleted by user requests or their legal representatives should be processed under the preservation and usage period of private information not to be used or viewed for any other purposes.
The Use of Private Information and the Provision of it to a Third Person
Except for the case when our services/products are provided via online, private information will not be used for our services/products and will not be provided to any third party without permission of our users. However, exceptional cases are as follows.
- When requested by the official institution of an investigation or governments.
- When necessary for the protection of information against the violation of membership terms or legal acts.
- When requested by other legal acts.
Also, we may consign users to deal with a certain private information for greater services/products . However, in this case, user permissions are essentially needed.
Installation/Operation of Automatic Private Information Collection System and Rejections
In order to provide users with personalized and customized services, we use ‘cookies’ that keep all the information regarding our users. A cookie is a small amount of data generated by a website and saved by your browser.
- The Purpose of Cookies Usage
Its purpose is to perceive information about websites and services in which users visited, security accessibility, news articles revision, and the scale of users and to provide users with optimized information.
- Installation/Operation of Cookies and Rejections
Users have an option in installation of cookies. Consequently, users may allow cookies by setting an option in users’ web browser and confirm them at every moment each of the cookies is stored or reject to get access to all the cookies. However, when rejecting cookies, there may be some difficulties in using services/products that require sign up information.
– The method of setting up the access to authenticated cookie installation
- Select [Internet Option] from the [Tool] menu.
- Select [Privacy Information] tab.
- Set [Privacy Practices Statements].
- Select [Menu] from top right menu.
- Select [Advanced Settings] in [Settings].
- Select [Contents Settings]in [Privacy Information Section].
- Change settings using [Cookies Section].
- Select [Safari] at the top of the menu bar.
- Select [Privacy Information Tab] in [Settings]
- Change settings using [Block Cookies Section]
- Select [Menu] at top of the right menu.
- Select [Privacy] tab
- Select [Custom Settings] in [Firefox Settings]
- Change settings using [Allow cookies from website]
Technical/Managerial Protection Measures for Personal Information
Company has the following technical/managerial measures for the guarantee of security so that users’ personal information will not be lost, stolen, leak, changed or damaged.
- Encrypting passwords
Password of service member ID (email address) will be encrypted, stored and managed, and only user him/herself will know. The confirmation and change of personal information can only be done by self.
- Measures on hacking
Company strives for the prevention of personal information leakage and damages by hacking or computer viruses.
① Company is frequently implementing data back-ups in case of the damage on personal information, and prevents data leakage or destruction of users’ personal information by using the newest vaccine program. Through encrypted communication and others, the personal information can be safely sent on the network.
② With infringement blockage system, unauthorized access from outside is prevented, and all technical equipment will be used to guarantee safety of other systems.
③ Company does not store data by mixing personal information with general data, but instead use a separate server to distinguish private information. Server is stored in Amazon and Google’s Cloud Infra, and we are provided of all security guaranteed by the service.
- Minimization of handling employees and training
③ The taking over of manager of private information works should be thoroughly done with maintained security, and after entering or leaving company, in the case of personal information accidents, responsibilities will be taken.
- Operation of Private information protection department
② However, when due to the negligence of user or a problem in the Internet that caused the leakage of personal information such as ID (email address), passwords and others, the company will not be held liable.
③ User may file a complaint regarding the service of the company to the manager of private information or to the managing department. Company will give a quick and satisfactory answer to the filed user complaints.
Manager of Private Information
name: Park Jihoon
E-mail : firstname.lastname@example.org
All the inquiries will be responded within 72 hours.
Also, in the case of reporting a malfunctioning issue or consulting due to the infringed personal information, you may receive help from the below institutions:
– Personal Information Violation Report Center (no exc no.)118 http://privacy.kisa.or.kr
– Supreme Prosecutor’s Office Cyber Crime Bureau 02-3480-3571 email@example.com
– National Police Agency Cyber Terror Response Center (no exc no.)182 http://www.ctrc.go.kr
Liability Associated with Linked Websites