- Coding Robot Lab, Inc. (hereinafter, the “Company”) values personal information of Users, and is exerting utmost efforts to protect such information in the course of providing its service to Users.
Article 1. (Purpose of Personal Information Processing)
- The Company processes personal information for the following purposes. Personal information to be processed shall not be used for purposes other than those stipulated in the following, and if purpose of use is changed, the Company will implement measures such as obtaining consent of Users required pusuant to Article 18 of Personal Information Protection Act.
Provision of Service
Provision of contents and customized information for each member, identity verification, etc.
Management of Members
Use of membership service and identity verification, prevention of service use for wrongful purposes by Member whose membership was suspended due to an act in violation of the Guideline on Service Use, archiving of records for settlement of any dispute, complaint handling, announcement of notices, etc.
Development of New Service and Utilization for Marketing Purposes
Development of new service, provision of customized service based on statistics and user type, etc. of User, posting of advertisements, provision of an opportunity to take part in an event, identifying access frequeny of User, compilation of statistics on User’s use of service, etc.
Article 2. (Items to be Processed and Period of Retention and Use)
Personal information items to be processed by the Company and the period of retaining and using personal information shall be as follows:
- Items to be retained and purpose of retention
- Period of retention
- If period of retention is not specified, it shall be subject to the following:
- All: one (1) year from the withdrawal of membership (for prevention of transaction and use for wrongful purposes)
- For information that shall be kept pursuant to relevant laws and regulations: until the termination of such laws and regulations
- Where any outstanding financial issues remain regarding the use of service, information shall be retained until financial issues are settled, or if applicable, for the period stipulated in relevant laws and regulations;
- If there is any period that obtained consent of User at the time of collection of his/her personal information, it shall subject to such period
- Until the purpose of collection and use is fulfilled; or
- If any other reasonable causes exist except for the preceding paragraphs, information may be kept for a certain period.
- During a procedure of use of service and a normal course of business, the following informaion may be automatically created and collected.
- Information on any kind of terminal equipment (mobile phones, tablets, etc.), such as the device model, hardware ID and OS version, access IP information, cookies, payment records, access log, service use records, records of malfunction during use of service.
- The Company may contact User using the User information for the purpose of notifying of the service that guarantees the rights of User.
- Information collected pursuant to Articles 1 and 2 may be used for statistical and analysis purposes.
- The period of retention and use of each item of personal information shall be as follows pursuant to relevant laws and regulations, and the Company’s internal policy.
Name, email address, mobile phone/telephone number, and address
Reasons for Retention: provision of cooperation disputes and investigations of infringement on a right such as defamation, etc., prevention of occurrence of use for wrongful purposes and re-registration of such user, control of transaction in violation of relevant laws and regulations, or the Guideline on Service Use and any other transactions contravening public order and good morals, etc.
Period of Retention: One (1) year from the withdrawal of membership
Act 1: Act on the Consumer Protection in Electronic Commerce, Etc.
Records of withdrawal of an agreement or subscription: five (5) years
Records of payment, supply of goods, etc.: five (5) years
Records of consumer complaints or resolution of disputes: three (3) years
Records of marks and advertisements: six (6) months
Act 2: Protection of Communications Secrets Act
Records of visiting the website/app, or service use: three (3) months
Act 3: Valud-Added Tax Act
Materials of report on tax base and amount of value-added tax: five (5) years
1-A. Personal Information Items to be Retained and Purpose of Retention
|Category||Items to be Collected and Used||Purpose of Collection and Use|
|Membership Registration Information
|Membership registration, ID availability check, password reset, provision of service and consultation, a User satisfaction survey|
Year of Birth
|For the purpose of research and provision of service materials required for the provision of customized service, prevention of use for wrongful purposes, availability checkgistration, ID l be kept pursuant to relevant laws and regulations: until the date specified in the the rights of the|
|Supporting materials proving career and proficiency of Leader||Verification of identity and qualification required to grant a pro-leader authentication|
|Account Linking Information
|Account linking information to enable more convenient log-in|
Email Address of the Head of the Group
Role of the Head of the Group
Group Profile Image
|Basic information for facilitation of convenient use of group service|
|Group Member Personal Information
|School ID Number
Authority of Member
|An optional information for convenient use of group service|
|Use and Inquiry Information
|Personal information (CI/DI) and mobile phone number required in the procedure of identity verification
||Prevention of use for wrongful intention, and identity verification for the provision of service|
|Membership Withdrawal Information
|Reason of withdrawal||For the purpose of improving service|
|Others||All information stated above, period of membership retention, registration route, major fields, interested fields, career, education, occupation, payment and purchase information, information entered in a survey, review, contents of lesson that User is taking, contents of learning management, and others||For research and statistical purposes (statistical analysis, development of service) for provision of customized service, improvement of service, and establishment of marketing strategies|
1-B. Period of Retention
Article 3. (Method of Collection of Personal Information)
Personal information shall be collected on a mobile application, or a website, or via fax, telephone, email, event participation, etc.
Article 4. (Utilization of Cookies)
Access IP address, cookies, reports of service use, etc. may be created and collected while using the Internet service. The Company may create such information of User as access IP address, date of visiting the website, reports of service use, browser information, etc., and store (collect) such data using an automated method.
The Company collects cookies to let User know whether he/she accessed to or did not access to each service, and to provide confirmation and information in response to a User inquiry, analysis of use type, and customized service for each User.
Article 5. (Provision of Personal Information to Third Parties)
In case when the Company provides personal information of User to an affiliate, etc., the Company shall notify to User of the name of such company, items to be provided, a purpose of provision, retention period, etc., and obtain consent of User. The Company shall notify of a single change in one of the matters stated, and obtain consent of User.
The Company shall provide to a third party the following personal information of User within an extent required to facilitate the provision of service, consultation, etc.
The Company shall not provide personal information of User to a third party without consent of User. Provided that, in case of such refusal, User may use service only within a limited extent.
Notwithstanding Paragrpahs 1 through 4, the Company may provide personal information of User to a third party for any of the following cases:
- Where the Company separately obtains consent of a subject of information;
- Where identity verification is required for the prevention of theft;
- Where there is any special provision in relevant Acts, or it is inevitable to be in compliance with obligations under relevant laws and regulations;
- Where there is a request of an investigation agency for the purpose of investigation in accordance with the procedures and methods stipulated in laws and regulations;
- Where it is necessary for settlement of fees incurred as a result of provision of service;
- Where information is provided in the form whose identity cannot be identified, for the purpose of compilation of statistics, academic research, or market research; or
- Where it is subject to Article 17 or Article 18 of Personal Information Protection Act.
|Person Receiving Personal Information||Information to be Provided||Purpose of Provision||Period of Retention and Use|
|Leader (member who provides education)||Name, nickname, mobile phone number, email address, school ID number, major/department, etc. of Member (who receives education)
||Where it is required for starting a lesson; or prevention of wrongful use through identity verification||For the period agreed by User|
Article 6. (Entrustment of Personal Information Processing)
The Company may entrust the processing of personal information of User to a third party for the provision of improved service. The matters required to ensure the safe management of User’s personal information are set forth in an entrustment agreement with a third party pursuant to relevant laws and regulations. Further, the Company shall disclose the consignment work and a person to be entrusted with processing of personal information (hereinafter, “Entrusted Companies”) to let User easily check the matters any time, and this shall apply to the case when consignment work or consignment company is changed.
Companies to be entrusted with personal information processing and their consignment works are as follows:
|수탁업체||위탁 업무||위탁 정보||보유기간|
|카카오, 솔라피||SMS, LMS, 알림톡 발송||이름, 휴대전화 번호, 이메일||이용 목적 달성 및 위탁 계약 종료시까지|
|㈜다날||본인인증||휴대전화 번호, 이름|
|AWS||클라우드 서버 운영 및 인프라 관리||이름, 이메일 주소, 휴대전화 번호, 비밀번호, 서비스 이용 기록|
|㈜다날||결제 및 환불||이름, 주소, 휴대전화 번호, 현금영수증 발행 정보|
|카카오, 구글||SNS 가입/로그인||이메일 주소, 이름, 휴대전화 번호, 프로필 사진|
Article 7. (Destruction of Personal Information)
The Company shall destruct personal information of User without delay once such personal information becomes unnecessary, such as when the period of retention agreed on by User is elapsed, the purpose of personal information processing is fulfilled, etc.
Pursuant to Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., the Company shall destruct personal information of Member who has no record of service use for one (1) year, immediately after notifying thereof in advance, according to the “Effective Period of Personal Information” stipulated in Article 29 of Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
Notwithstanding the Paragraphs ① and ②, if the Company has reasons to continue to keep personal information in accordance with its internal policies, or relevant laws and regulations (Commercial Act, Electronic Financial Transaction Act, Use and Protection of Credit Information Act, Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.), the Company shall preserve it for a period specified in Article 2 (5), and destruct such information immediately after such retention period is elapsed.
The Company shall destruct personal information of Users in the following methods. Personal information printed on paper is to be destroyed through shredding or incineration. Personal information stored in electronic file formats is to be deleted using technical means which make the information unrecoverable.
Article 8. (Rights and Obligations of User)
- Rights of User
- User may inquire or modify his/her personal information registered, and request for withdrawal of membership at any time.
- User may inquire and modify his/her personal information on the website by clicking ‘Modify Personal Information.’ If User desires to withdraw membership (withdrawal of agreement), he/she may inspect, modify, or withdraw membership after identity verification check, and clicking the ‘Membership Withdrawal’ button.
- User may request for inspection, correction, deletion and destruction of his/her personal information to the Company in writing, or via telephone or email, and the Company shall take actions required to address such request without delay.
- The right under Paragraph (c) can be exerted by an agent, such as a legal representative, or an authorized person of the subject of information, etc., in which case a power of attorney shall be submitted in the Form No. 11 appended in Appendix of the Enforcement Decree of Personal Information Act.
- Upon request of User for correction of any falsity in his/her personal information, the Company shall not use or provide personal information of User before correction is completed. In case the Company already provided such false information to a third party, the Company shall notify thereof to the third party without delay to correct such information.
- User shall prevent any accident from occurring by entering his/her most recent and accurate perosnal information. Liabilities of any accident arising from entering inaccurate information shall be borne by User himself/herself, and in case User steals and uses information of other person, or enters false information, the use of his/her account may be restricted or his/her membership may be lost.
- User shall not violate relevant laws and regulations including Personal Information Protection Act so that personal information and privacy of the subject of information (User himself/herself) or others shall not be infringed. User shall make sure that his/her personal information including password is not leaked, and not to damage personal information and posts of other users.
- User shall comply with laws on personal information, including Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., Personal Information Protection Act, Citizen Registration Act, etc. If in violation of any of relevant laws and regulations, User may be punished or liable to compensate for any damage as a result of such violation.
Article 9. (Measures to Safeguard Personal Information)
- The Company is implementing technical/administrative measures to prevent loss, theft, leakage, forgery, or impairment of personal information of User when processing it. Provided that, the Company shall not be liable for leakage of personal information, such as ID, password, etc., arising as a result of carelessness of the User him/herself, or Internet or communications troubles.
- As password is encrypted when stored and managed, confirmation and modification of personal information is only available by the User himself/herself.
- The Company is exerting utmost efforts to prevent personal information of Users from being leaked or damaged by hacking or computer viruses. Further, the Company performs the backup of materials on a regular basis as a preventive measure against personal information impairment, is endeavoring to prevent leakage or damage of personal information or materials of User through the most recent security update installation and technical measures, and makes sure that personal information of User is safely transmitted over a network via encrypted communications.
- The Company uses an access blocking system to restrict an unauthorized access, and is endeavoring to implement all possible technical measures in order to secure security of the system.
Article 10. (Designation of Personal Information Protection Manager)
- The Company designates the following person as a personal information protection manager to take in general charge of tasks on the processing of personal information, and handle complaints by a subject of information and damage remedy regarding personal information processing. Provided that, this shall not apply to impairment and destruction of information arising as a result of an unexpected accident such as force majeure, and all kinds of disputes with respect to information provided by User to the Company, both of which arise even though the Company takes appropriate safeguard measures.
- [Personal Information Protection Manager and Division]
Name: Doohyun Park
Division: Development Team
Title: Chief Technology Officer (CTO)
Email: email@example.com, firstname.lastname@example.org
<If you have any complaint about the Company’s way of processing personal information, are not satisfied with the damage remedy, or need more help, please contact the following agencies.>
Personal Information Infringement Report Center (privacy.kisa.or.kr / Press 118 without dialing an area code)
Cyber Investigation Division, Supreme Prosecutors’ Office (spo.go.kr / Press 1301 without dialing an area code)
Cyber Safety Bureau, National Policy Agency (cyberbureau.police.go.kr / Press 182 without dialing an area code)
Article 11. (Obligation of Notification)
Article 12. (Enforcement Date)
January 1, 2021.