Privacy Policy
AIMMO Co., Ltd. (hereinafter "Company") complies with the personal information protection regulations that must be complied in accordance with the laws and regulations related to the protection of personal information, establishes a personal information processing policy (hereinafter "Privacy Policy") in accordance with relevant laws and regulations, and strives to protect the rights and interests of users.
This Privacy Policy applies to the AIMMO SaaS Service operated by the Company (hereinafter "Service") and contains the following. The meaning of terms used in this Privacy Policy shall be in accordance with the relevant laws and regulations and the Company’s Terms of Use, and other matters shall be in accordance with general commercial practices.
Article 1 Categories of Personal Information Processed
The Company collects the minimum amount of personal information necessary for the provision of the Service, smooth customer consultation, etc. based on the information entered by customers.
1. Company name (company name of the customer)
2. Name of a person in charge (person in charge information)
3. Email (email information of the customer)
Article 2 Method of Collecting Personal Information
The Company collects personal information in the following ways:
1. Collection though a user’s application for use of the Service;
2. In case of a customer who logs in using a social simple ID (Google), collect information provided by a relevant company after the relevant company obtains consent from the customer;
3. Generated information such as device information and service usage records is automatically collected in the course of service use.
Article 3 Purpose of Personal Information Collection and Use
The Company collects the personal information of customers for the following purposes.
1. Provision of the Service
1.1. Person information is collected and used for the provision of the Service.
2. Membership management
2.1. Verification of identity for the use of membership services, the purpose of identification of membership, confirmation of intent to subscribe, limitation on subscription and the number of subscriptions, securing smooth communication channels, responses to customer inquiries, the introduction of new information and delivery of the notice, prevention of misuse of a bad member and unauthorized use, preservation of records for identification and dispute resolution, handling of civil complaints, etc.
3. Provision of the Service functions
3.1. In addition to the provision of existing services such as content, personal information is used to discover new service factors such as demographic analysis, analysis of service visits and usage records, provision of customized services based on personal information and interest, and improve the existing services.
4. Service improvement and new service development
4.1. Personal information is used to identify new service factors such as demographic analysis, analysis of service visits and usage records, provision of customized services based on interests, and formation of relationships between members based on personal information and interest, and improve the existing services.
5. Performance of the Agreement on Provision of Services and if necessary, settlement of fees for the provision of paid services
5.1. Personal information is used for delivery of notices such as amendments to the Terms and Conditions, purchase and payment of fees for the provision of paid services, delivery of products and services, etc.
6. Provision of marketing and advertising information
6.1. Personal information is used to for guide on the release of new functions, guide on how to use and the benefits of use, posting on opportunities to participate in various events and advertising information, execution of and compliance with laws and regulations such as the external provision of statistical data on the details of advertising responses, the performance of obligations prescribed in laws and regulations, and prevention of any erroneous use that may cause harm to users in violation of laws and regulations or the Terms of Use.
6.2. The Company does not transmit advertising information for profit against a user’s explicit intention to refuse to receive such information. In cases where a user consents to the transmission of an email, such as guide on product information and newsletters, the Company takes the following measures in the subject line and the body of the email so that the user can easily recognize them:
a. A label of (Advertising) is put in the part where the subject of the email begins;
b. The body of the email specifies the sender’s name, email address, and telephone number through which the user may express his/her intention to refuse to receive such email, and specifies how the user may easily express his/her intention to refuse to receive such email. If advertising information for profit is transmitted through media other than an email, necessary measures are taken, such as writing "advertising" phrases at the beginning of the transmitted content in accordance with relevant laws and regulations.
Article 4 Period of Retention and Use of Personal Information
1. The Company processes and retains personal information within the period of retention/use of personal information in accordance with laws and regulations or the period of retention/use of personal information for which consent is obtained from customers at the time of collecting personal information. In principle, the personal information of customers is immediately destroyed after the purpose of collection and use of personal information has been achieved. However, if the period of retention and use of personal information is specifically prescribed in laws and regulations, such period shall apply, and the following information shall be preserved for the period specified for the following reasons.
1.1. Records on contract or withdrawal of subscription, etc.
a. Basis for retention: The Act on the Consumer Protection in Electronic Commerce, Etc.
b. Retention period: 5 years
1.2. Records of payment and supply of goods, etc.
a. Basis for retention: The Act on the Consumer Protection in Electronic Commerce, Etc.
b. Retention period: 5 years
1.3. Records on handling consumer complaints or disputes
a. Basis for retention: The Act on the Consumer Protection in Electronic Commerce, Etc.
b. Retention period: 3 years
1.4. Communication confirmation data (log recording data on computer communications or the Internet, and access tracing data that can confirm the location of information communication devices)
a. Basis for retention: The Protection of Communications Secrets Act
b. Retention period: 3 months
2. Illegal Use and Records
2.1. Illegal subscription and use records are kept for six (6) months from the time of collection in order to prevent illegal subscription and use. Personal information within the illegal use records includes an email to be used for authentication when applying for a subscription, and authentication when requesting for payment. Illegal transaction records (email, name, IP address, web storage, device information) within the payment service that violate applicable laws and regulations and the Terms of Use, such as paymentunder false pretense, are retained for three (3) years from the time of collection in order to prevent illegal transactions, protect other good users, and ensure a safe transaction environment.
Article 5 Matters Concerning Measures for Ensuring the Safety of Personal Information
The Company takes the following measures to ensure the safety of personal information:
1. Managerial measures: establishment and implementation of internal management plans, regular employee training, etc.;
2. Technical measures: management of access rights to personal information processing systems, etc., installation of access control systems, encryption of personally identifiable information, etc., and installation of security programs (antivirus);
3. Physical measures: control of access to computer rooms, data storage rooms, etc.
Article 6 Rights and Obligations of Customers and Legal Representatives and Method of Exercise
Customers may access, disclose, not disclose or modify their personal information at any time, and may request suspension of processing, deletion, and destruction of such information.
1. Request for access to and modification of personal information
1.1. Customers and legal representatives may inquire about and modify personal information of registered principles or children under fourteen (14) years of age at any time. Customers or legal representatives may directly access or correct registered personal information such as accounts by clicking on the My Page menu of the Service to access or correct the relevant personal information.
2. Suspension of processing or deletion of personal information (member withdrawal)
2.1. If customers and the legal representatives of children under fourteen (14) years of age want to withdraw from membership, they may withdraw directly in the path of Settings - My Information - Withdrawal after logging in to the website. If it is difficult to withdraw directly, contact the Customer Center by writing, telephone, or email, and action will be taken without delay.
Article 7 Destruction of Personal Information
In principle, the personal information of customers is destroyed without delay when the purpose of collection and use of personal information is achieved. The procedures and methods for the destruction of personal information by the Company are as follows:
1. Procedures for destruction
1.1 Information entered by customers for subscription to the Service is transferred to a separate DB or storage location after the purpose has been achieved, and is stored for a certain period in accordance with internal policies and other relevant laws and regulations for information protection (see Article 4 Period of Retention and Use of Personal Information). After this period, the information is destroyed. However, if the customer requests withdrawal and the withdrawal is processed normally, the stored personal information is destroyed immediately. The separately stored personal information is not used for any purpose other than the specified purpose.
2. Destruction method
2.1. Personal information printed on paper is destroyed by shredding with a shredder or incineration. Personal information stored in electronic files is deleted using technical methods that make it impossible to reproduce.
Article 8 Matters Concerning Provision of Personal Information to Third Parties
1. The Company does not provide a customer’s personal information to third parties without prior consent.
2. In case of providing or sharing a customer’s personal information, the person who will be provided or shared with the customer, the items of personal information that will be provided or shared, the purpose for which personal information is provided or shared, and the period of retention and use are individually notified through a site, email, by writing, application form, etc., and a separate consent thereto is obtained. However, personal information may be provided without the consent of the customer in cases prescribed otherwise by relevant laws and regulations.
Article 9 Matters Concerning Outsourcing of Personal Information Processing
The Company outsources the processing of personal information as follows in order to ensure smooth personal information processing.
Outsource of personal information processing | Items of outsourced personal information | Details of outsourced work |
---|---|---|
Microsoft Korea (Ltd.) | ID (email), password, name | Storage and retention of personal information using cloud systems |
Naver Cloud | ID (email), name | Sending E-mail |
The Company complies with applicable laws and regulations at the time of signing on an outsourcing agreement and oversees whether an outsource processes personal information in a safe manner. If there is any change to the details of the outsourced work, or the outsourcing, the Company shall disclose such information without delay through this Privacy Policy.
Article 10 Matters Concerning Installation and Operation of Devices for Automatic Personal Information Collection, and
1. The Company uses a Web Storage that saves and retrieves usage information from time to time to provide customized services to customers. Web Storage supports the storage of data to clients, not to servers.
2. The Web Storage includes local storage, session storage, cache storage, and cookies. Local storage, session storage, cache storage, and cookies have their own unique characteristics and are selectively used as necessary.
2.1. Data is stored using session storage and local storage of a browser. Session storage temporarily stores data, but local storage is permanent. Users can erase local storage data by deleting the browser’s records.
2.2. Cache storage stores a file requested once in the browser and uses the file when the same request is made, and users can erase data by deleting their browsers’ records.
2.3. A cookie is a piece of data that a server (http) used to operate a website sends to a user’s computer browser and is also stored in the user’s PC’s hard drives. If customers want to refuse to save cookies, they can refuse to store cookies in Option Settings in Tools>Internet Options>Personal Information menu at the top of their web browsers.
Article 11 Personal Information Protection Officer
- Personal Information Protection Officer: Seo Cheon-Ju
- Title in Charge: CTO
- Contact: privacy@aimmo.co.kr
Article 12 Miscellaneous
We hereby notify that this AIMMO Privacy Policy does not apply to the collection of personal information by other services such as the linked websites within the Service.
[Addendum]
This Privacy Policy shall enter into force on (Jul. 26), 2024.