Privacy Policy
Korea Payment Services Co., Ltd. (hereinafter referred to as the “Company”) respects customers’
personal information and makes every effort to protect the personal information provided by
customers. The Company endeavors to comply with the Act on Promotion of Information and
Communications Network Utilization and Information Protection, etc. and the Personal Information
Protection Act, and through this Privacy Policy, informs users of how and for what purposes the
personal information provided by users is used, and what measures are being taken to protect
personal information.
This policy is effective as of February 1, 2015.
This Privacy Policy contains the following contents:
1. General Provisions
2. Items of Personal Information Collected and Collection Methods
3. Purpose of Collection and Use of Personal Information
4. Retention and Use Period of Personal Information
5. Procedures and Methods for Destruction of Personal Information
6. Provision of Personal Information to Third Parties
7. Rights of Users and Legal Representatives and How to Exercise Them
8. Installation, Operation, and Rejection of Automatic Personal Information Collection Devices
9. Other Policies Regarding the Handling of Personal Information
10. Personal Information Management Officer and Customer Service Contact
The Company places great importance on the protection of users’ personal information and complies with the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., the Personal Information Protection Act, and the “Personal Information Protection Guidelines” established by the Ministry of the Interior and Safety.
Through this Privacy Policy, the Company informs users of how their personal information is used and what measures are being taken to protect personal information. This Privacy Policy applies to all personal information obtained through the Company’s websites, applications and software developed or operated by the Company, the Company’s social media pages, and various marketing and communication activities, including online and offline services provided by the Company. The Company discloses this Privacy Policy on the Company website (https://www.koreapays.co.kr) so that users can easily access it at any time.
(1) Items of Personal Information Collected
The Company may collect the following personal information from customers who participate in marketing activities and from users when they use the services provided by the Company.
(2) Methods of Collecting Personal Information
The Company may collect personal information of customers and users in the following ways:
(1) Customer Management
(2) Provision of Services
(3) Use for Marketing and Advertising
The Company will always notify customers prior to collecting personal information and explain the purpose of collection. If the Company intends to use or share personal information for purposes other than those for which the information was provided, prior consent will be obtained from the customer. To identify customer preferences, the Company will request customer consent through appropriate options.
However, if preservation is required by applicable laws and regulations, the Company will retain member information for a specified period as stipulated by relevant laws. In such cases, the Company will transfer the personal information to a separate database (DB) or store it in a different location.
(1) Destruction Procedure
After the purpose has been achieved, users’ personal information is transferred to a separate DB (or a separate filing cabinet for paper documents) and stored for a certain period in accordance with internal policies and relevant laws, after which it is destroyed. Personal information transferred to a separate DB is not used for any purpose other than retention unless required by law.
If you request deletion of personal information, please contact admin@koreapays.co.kr, and it will be deleted within one week.
(2) Destruction Method
Personal information stored in electronic file format is deleted using technical methods that prevent recovery. Personal information printed on paper is destroyed by shredding or incineration.
If a user requests correction of errors in personal information, the Company will not use or provide the personal information to third parties until the correction is completed. If incorrect personal information has already been provided to a third party, the Company will notify the third party of the correction results without delay. Personal information deleted or suspended at the request of the user or legal representative is processed in accordance with “3. Retention and Use Period of Personal Information” and is not accessible or usable for other purposes.
Users are requested to enter accurate and up-to-date personal information. Users are responsible for any incidents arising from inaccurate information entered by them, and membership may be revoked if false information such as impersonation is provided. Users have the right to protect their personal information and the obligation to protect themselves and not infringe upon the information of others. Please take care to prevent leakage of personal information, including passwords, and avoid damaging others’ personal information, including posts. Failure to fulfill these responsibilities may result in penalties under the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
(1) Cookies
Cookies are generally classified as “session” cookies and “persistent” cookies.
Session cookies are deleted when the browser is closed.
Persistent cookies remain on the user’s computer until deleted or expired.
(2) Purpose of Using Cookies
Implementation of automatic login, analysis of access frequency and visit duration of customers and non-customers, identification of user preferences and interests, tracking of activity, analysis of participation in events and visit frequency, and provision of targeted marketing and personalized services.
(3) How to Refuse Cookie Settings
Users have the option to choose whether to allow cookies. Users may configure their web browser options to allow all cookies, prompt confirmation whenever cookies are saved, or refuse all cookies. However, refusal of cookie installation may cause difficulties in service provision.
The Company implements the following technical and administrative measures to ensure the security of personal information and prevent loss, theft, leakage, alteration, or damage:
(1) Policy on Linked Sites
The Company may provide links to other companies’ websites or materials. Since the Company has no control over third-party sites, materials, products, or services, it cannot be held responsible for their usefulness or reliability. Please review the privacy policies of any newly visited sites.
(2) Policy on User-Generated Content
The Company values users’ posts and strives to protect them from alteration, damage, or deletion. However, the following content may be removed:
(3) Policy on Unauthorized Email Collection
The Company prohibits the unauthorized collection of posted email addresses using automated programs or other technical devices. Violations may be subject to penalties under applicable laws.
(4) Transmission of Advertising Information
The Company does not transmit advertising information for commercial purposes against the user’s explicit refusal.
The Company has designated the following Personal Information Protection Officer to protect users’ personal information and handle related complaints:
(1) Personal Information Protection Officer
(2) Other Organizations
Users may report all personal information protection-related complaints to the Personal Information Protection Officer or the relevant department. The Company will respond promptly and thoroughly. For additional assistance regarding personal information infringement, please contact the following organizations:
This Privacy Policy contains the following contents:
1. General Provisions
2. Items of Personal Information Collected and Collection Methods
3. Purpose of Collection and Use of Personal Information
4. Retention and Use Period of Personal Information
5. Procedures and Methods for Destruction of Personal Information
6. Provision of Personal Information to Third Parties
7. Rights of Users and Legal Representatives and How to Exercise Them
8. Installation, Operation, and Rejection of Automatic Personal Information Collection Devices
9. Other Policies Regarding the Handling of Personal Information
10. Personal Information Management Officer and Customer Service Contact
1. General Provisions
“Personal information” means information about a living individual that can identify the individual by name, resident registration number, etc. contained in such information (including information that, even if it cannot identify a specific individual by itself, can easily be combined with other information to identify the individual).The Company places great importance on the protection of users’ personal information and complies with the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., the Personal Information Protection Act, and the “Personal Information Protection Guidelines” established by the Ministry of the Interior and Safety.
Through this Privacy Policy, the Company informs users of how their personal information is used and what measures are being taken to protect personal information. This Privacy Policy applies to all personal information obtained through the Company’s websites, applications and software developed or operated by the Company, the Company’s social media pages, and various marketing and communication activities, including online and offline services provided by the Company. The Company discloses this Privacy Policy on the Company website (https://www.koreapays.co.kr) so that users can easily access it at any time.
2. Items of Personal Information Collected and Methods of Collection
(1) Items of Personal Information Collected
The Company may collect the following personal information from customers who participate in marketing activities and from users when they use the services provided by the Company.
- The Company collects information necessary for identity verification and personal identification, such as name, position, company name, email address, mobile phone number, and address.
- Access to certain web pages, services, products, and activities may require login using a password. The Company may collect and store the login ID and password information necessary for this. Customers are responsible for keeping their login ID and password confidential.
- In addition, during the course of using the services or processing business, information such as service usage records, access logs, cookies, and IP addresses may be generated, collected, stored, and managed. In many cases, customers can visit the Company’s website without disclosing their identity. When customers visit the Company’s website, the Company records the customer’s IP address (the Internet address of the computer) in order to identify the sections of the website visited and the time of visit. The Company does not link the customer’s IP address to personal information unless the customer registers with the Company and logs in using a profile.
- The Company does not collect sensitive information that may significantly infringe on users’ privacy (such as information on ideology or beliefs, membership in or withdrawal from labor unions or political parties, political views, health, sexual life, etc.).
- In principle, the Company does not provide services or collect personal information from users under the age of 14. If it is unavoidable to collect personal information of users under the age of 14 for the purpose of providing services, the Company will obtain prior consent from the legal representative and will immediately destroy the information once the relevant work is completed, and will thoroughly manage and protect the personal information while the work is in progress.
(2) Methods of Collecting Personal Information
The Company may collect personal information of customers and users in the following ways:
- The Company may collect personal information through its website. For example, when customers request information or content, subscribe to email services or newsletters, download content, apply for events or participate in promotions, request consultations, or apply for the Company’s services through the website, the Company may collect personal information for identity verification and personal identification.
- When customers register for and participate in offline events and promotions provided by the Company, the Company may collect personal information through its employees, telephone, email, fax, etc.
- When users access the Company’s services through browsers, mobile devices, apps, social services, etc., the Company may collect personal information through tools that collect information generated via social media.
- The Company provides procedures that allow users to select “Agree” or “Disagree” regarding the contents of the Company’s consent statements on the collection and use of personal information.
3. Purpose of Collection and Use of Personal Information
The Company uses the collected personal information for various purposes, including the following:(1) Customer Management
- Identity verification, personal identification, prevention of fraudulent use by unauthorized members, and prevention of unauthorized use in relation to the Company’s business and services
- Confirmation of intention to register for the services provided by the Company
- Handling customer inquiries, delivery of notices, analysis of access frequency, or statistics on members’ service usage
(2) Provision of Services
- Provision of the Company’s services, information of interest to customers, newsletters, various contents, participation in events, and delivery of prizes in case of winning events
(3) Use for Marketing and Advertising
- Delivery of promotional information such as events, placement of advertisements based on demographic characteristics and customer interests, and delivery of advertising information (*only for members who have consented)
The Company will always notify customers prior to collecting personal information and explain the purpose of collection. If the Company intends to use or share personal information for purposes other than those for which the information was provided, prior consent will be obtained from the customer. To identify customer preferences, the Company will request customer consent through appropriate options.
4. Retention and Use Period of Personal Information
In principle, personal information is destroyed without delay once the purpose of collection and use has been achieved.However, if preservation is required by applicable laws and regulations, the Company will retain member information for a specified period as stipulated by relevant laws. In such cases, the Company will transfer the personal information to a separate database (DB) or store it in a different location.
- Records related to contracts or withdrawal of subscription (retention period: 5 years): Act on Consumer Protection in Electronic Commerce, etc.
- Records related to payment and supply of goods (retention period: 5 years): Act on Consumer Protection in Electronic Commerce, etc.
- Records related to consumer complaints or dispute resolution (retention period: 3 years): Act on Consumer Protection in Electronic Commerce, etc.
- Records related to the collection, processing, and use of credit information (retention period: 3 years): Act on the Use and Protection of Credit Information
- Records related to display and advertising (retention period: 6 months): Act on Consumer Protection in Electronic Commerce, etc.
- Internet log records, access tracking data, and other communication confirmation data (retention period: 6 months): Protection of Communications Secrets Act
5. Procedures and Methods for Destruction of Personal Information
In principle, the Company destroys personal information without delay once the purpose of collection and use has been achieved. The procedures and methods for destruction are as follows:(1) Destruction Procedure
After the purpose has been achieved, users’ personal information is transferred to a separate DB (or a separate filing cabinet for paper documents) and stored for a certain period in accordance with internal policies and relevant laws, after which it is destroyed. Personal information transferred to a separate DB is not used for any purpose other than retention unless required by law.
If you request deletion of personal information, please contact admin@koreapays.co.kr, and it will be deleted within one week.
(2) Destruction Method
Personal information stored in electronic file format is deleted using technical methods that prevent recovery. Personal information printed on paper is destroyed by shredding or incineration.
6. Provision of Personal Information to Third Parties
In principle, the Company does not provide users’ personal information to external parties. Exceptions are as follows:- When required by law or when requested by investigative agencies in accordance with procedures and methods prescribed by law for investigative purposes
- When necessary for settlement of fees for paid services
- When provided in a form that cannot identify specific individuals for statistical compilation, academic research, or market research
- When users have given prior consent
7. Rights of Users and Legal Representatives and Methods of Exercising Them
Users and their legal representatives may request access to, correction, deletion, suspension of processing, or withdrawal of consent regarding the personal information of the registered user or a child under the age of 14 at any time. The Company may refuse access to all or part of personal information in the following cases:- When access is prohibited or restricted by law
- When there is a risk of harming the life or body of another person or unjustly infringing upon the property or other interests of another person
If a user requests correction of errors in personal information, the Company will not use or provide the personal information to third parties until the correction is completed. If incorrect personal information has already been provided to a third party, the Company will notify the third party of the correction results without delay. Personal information deleted or suspended at the request of the user or legal representative is processed in accordance with “3. Retention and Use Period of Personal Information” and is not accessible or usable for other purposes.
Users are requested to enter accurate and up-to-date personal information. Users are responsible for any incidents arising from inaccurate information entered by them, and membership may be revoked if false information such as impersonation is provided. Users have the right to protect their personal information and the obligation to protect themselves and not infringe upon the information of others. Please take care to prevent leakage of personal information, including passwords, and avoid damaging others’ personal information, including posts. Failure to fulfill these responsibilities may result in penalties under the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
8. Matters Concerning the Installation, Operation, and Refusal of Automatic Personal Information Collection Devices
Like many websites, the Company uses cookies to provide customized services based on individual characteristics and to make website revisits more convenient, efficient, and valuable through memory functions. The Company stores and retrieves user information from time to time based on cookies. Cookies are small text files sent by the server operating the Company’s website to the user’s browser and stored on the user’s computer hard drive.(1) Cookies
Cookies are generally classified as “session” cookies and “persistent” cookies.
Session cookies are deleted when the browser is closed.
Persistent cookies remain on the user’s computer until deleted or expired.
(2) Purpose of Using Cookies
Implementation of automatic login, analysis of access frequency and visit duration of customers and non-customers, identification of user preferences and interests, tracking of activity, analysis of participation in events and visit frequency, and provision of targeted marketing and personalized services.
(3) How to Refuse Cookie Settings
Users have the option to choose whether to allow cookies. Users may configure their web browser options to allow all cookies, prompt confirmation whenever cookies are saved, or refuse all cookies. However, refusal of cookie installation may cause difficulties in service provision.
9. Other Policies Regarding the Handling of Personal Information
The Company implements the following technical and administrative measures to ensure the security of personal information and prevent loss, theft, leakage, alteration, or damage:
- Establishment and implementation of an internal management plan
- Operation of dedicated personal information protection organizations and regular inspections
- Installation and operation of access control systems and intrusion prevention systems
- Measures to prevent forgery or alteration of access records
- Encryption of personal information and secure storage and transmission
- Countermeasures against hacking, including antivirus programs and security systems
- Separation of personal information from general data through separate servers
- Minimization of personnel handling personal information and regular training
- Execution of security pledges upon employment and strict handover procedures
- Designation of data centers and storage rooms as restricted areas
(1) Policy on Linked Sites
The Company may provide links to other companies’ websites or materials. Since the Company has no control over third-party sites, materials, products, or services, it cannot be held responsible for their usefulness or reliability. Please review the privacy policies of any newly visited sites.
(2) Policy on User-Generated Content
The Company values users’ posts and strives to protect them from alteration, damage, or deletion. However, the following content may be removed:
- Spam content
- Posts that defame others by spreading false information
- Unauthorized disclosure of personal information
- Content infringing upon intellectual property rights of the Company or third parties
- Content unrelated to the purpose of the bulletin board
(3) Policy on Unauthorized Email Collection
The Company prohibits the unauthorized collection of posted email addresses using automated programs or other technical devices. Violations may be subject to penalties under applicable laws.
(4) Transmission of Advertising Information
The Company does not transmit advertising information for commercial purposes against the user’s explicit refusal.
- Email subject lines may omit the word “advertisement” but will indicate the main content
- Email bodies will clearly state the sender’s name, email address, phone number, and an easy method to opt out
- For advertisements sent via fax or SMS, required legal measures such as labeling “Advertisement” will be applied
10. Personal Information Protection Officer and Customer Service Contact
The Company has designated the following Personal Information Protection Officer to protect users’ personal information and handle related complaints:
(1) Personal Information Protection Officer
- Name: Gwangjin Cha
- Position: Team Leader / RM Team
- Contact: +82-10-9084-4600
(2) Other Organizations
Users may report all personal information protection-related complaints to the Personal Information Protection Officer or the relevant department. The Company will respond promptly and thoroughly. For additional assistance regarding personal information infringement, please contact the following organizations:
- Personal Information Infringement Report Center (www.118.or.kr / 118)
- Supreme Prosecutors’ Office Cyber Crime Investigation Center (www.spo.go.kr / +82-2-3480-2000)
- National Police Agency Cyber Terror Response Center (www.netan.go.kr / 1566-0112)
