WIDEMOBILE Dosirak Talk

Personal Information Policy

PRIVACY POLICY

General

We, WIDE MOBILE, value the privacy of our customers and are committed to effectively administering and safely protecting our customers’ personal information. We comply with “Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.” and other privacy-related laws and regulations. In addition, we have established and comply with our own Privacy Policy, which can easily be accessed through our website.

1. ‘Personal Information’ means information on an individual such as symbols, characters, voice, video or biometric traits which can identify a person (including data which cannot distinguish a specific person by itself but can easily identify a person by combining with other information).

2. We value the Personal Information of our customers and comply with “Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.” and other related laws and regulations.
3. We state for what purpose and how our customers’ personal information is used and what measures are taken to protect it through this Privacy Policy.

4. The Privacy Policy is subject to modification according to changes in related laws or our internal policies. Such revision of the Privacy Policy shall be notified without delay through our website (http://www.dosiraktalk.com) or app with the effective date granted.

5. The Privacy Policy is structured as follows:

Chapter 1. Personal Information Items to be Collected
Chapter 2. Purposes of the Collection/Use of Personal Information; Withdrawal of the Consent to the Collection/Use/Provision of Personal Information
Chapter 3. Provision of Personal Information to Third Party
Chapter 4. Outsourcing of Personal Information Management
Chapter 5. Personal Information Destruction Procedure and Method
Chapter 6. Users’ and their Legal Representatives’ Rights and their Exercise
Chapter 7. Technical/Administrative Measures for Personal Information Protection
Chapter 8. Chief Privacy Officer and Contact Information
Chapter 9. Other Related Policies
Chapter 10. Announcement

Chapter 1. Personal Information Items to be Collected

1) We collect personal information automatically during the execution or use of DosirakTalk or through the users’ voluntary provision when they sign up or use the Services.

2) We collect personal information as follows for ‘Join Membership’, ‘Counseling’, ‘Services’ and others.
① A user’s telephone number, device ID/IMEI, SIM information, GPS information
② During the use of the Services, the following information can be created and collected:
- User state information, ID, Services use records, etc.
③ Email address, mobile phone number, authenticated country information

Chapter 2. Purposes of the Collection/Use of Personal Information;
Withdrawal of the Consent to the Collection/Use/Provision of Personal Information


1) Provision of basic functions
① DosirakTalk collects and saves users’ mobile phone number, device ID/IMEI and mobile phone number when they sign up and combines the information with their phone number to use it as a basic account for personal identification.
※ The said information includes revised information as well as the information provided at sign-up.
2) Member management
① “Member management”, incoming/outgoing call number according to the use of “member services”, call time, use frequency, service user records, access log, cookie, payment records, suspension records, etc.
3) New service development, marketing and advertising
① DosirakTalk collects information for i) development of new services and provision of customized services, ii) provision of services according to statistical characteristics and posting of ads, iii) check on the effectiveness of services, iv) provision of information about promotional events and ads and offering an opportunity to participate, v) analysis of access frequency and vi) statistics on members’ use of services. Then, it uses the collected information for the following purposes:
A) User authentication and prevention of its illegal use
B) Preparation of statistical data on the use of DosirakTalk Services
C) Review on DosirakTalk Services and questionnaire survey & analysis on the improvement of the Services
D) Lot drawing through promotional campaigns and events and gift forwarding
E) User confirmation when there is an inquiry from users and proper response to such questions
F) Announcement of important matters
G) Delivery of promotional information such as special promotions
H) Payment for product purchase and use of the paid services and billing
4) Personal information retention and use period
① In principle, once the goal of the collection and use of personal information is achieved, the information shall be disposed of immediately. If deemed necessary to keep it according to the related laws, however, we shall keep the Personal Information for the period specified by the laws as follows:
A) Items to be retained: Email address, mobile phone number
B) Grounds for retention: Act on the Customer Protection in Electronic Commerce, Etc.
C) Retention period: 5 years
② Name, mobile phone number and service number needed to provide communication confirmation data in accordance with Article 15-2 of the Protection of Communications Secrets Act: 5 years
③ Date of subscriber’s telecommunication, telecommunication start/end time, the other subscriber’s number such as communication number, use frequency and location data of IT devices connected to the information and communications network in accordance with Paragraph 2 of Article 21-4 of the Enforcement Ordinance of the Protection of Communications Secrets Act: 5 years
④ Records concerning contract and withdrawal of subscription: 5 years (Act on the Customer Protection in Electronic Commerce, Etc.)
⑤ Records concerning payment and supply of goods: 5 years (Act on the Customer Protection in Electronic Commerce, Etc.)
⑥ Records regarding consumer complaint or dispute resolution: 5 years (Act on the Customer Protection in Electronic Commerce, Etc.)
⑦ Basically, you have the right to refuse the collection of personal information in accordance with the Personal Information Protection Act. In this case, however, you are banned to use the Services.
5) Regarding the collection, use and provision of personal information through sign-up or other channels, you are free to withdraw your consent anytime. For withdrawal of your consent, you need to click [Start App] > [My Information] > [Withdrawal]. Then, you can withdraw your consent to the collection, use and provision of personal information and your membership right away. In the event of such withdrawal and destruction of personal information, we will inform it to you without delay.
6) We take necessary actions to make the withdrawal of your consent (from your membership) to the collection of personal information easier than the collection itself.
7) You are prohibited from rejoining membership with an email address to prevent any members from take advantage of economic benefits such as discount coupons and special offers by intentionally withdrawing from their membership and resigning up repeatedly or engaging in unfair or illegal practices.

Chapter 3. Provision of Personal Information to Third Party

1) We use users’ personal information according to our notice for the purpose of its collection and use. Basically, we shall not use such information for other proposes and disclose to the outside without getting approval from our users in advance. If one of the following situations occurs, however, an exception can be made:
① Users already agreed to the disclosure of their personal information;
② Such act is permitted under the related law, or there is a request from the investigation authority according to the procedures and methods specified by the law;
③ Execution of the agreement on the provision of the Services; bill settlement and user authentication according to the provision of the Services;
④ User authentication according to “member management” and “membership services”, preventing the use of the Services by non-members, confirmation of users’ subscription will, handling of civil complaints, delivery of notices

Chapter 4. Outsourcing of Personal Information Management

When the handling of personal information is outsourced for the improvement of users’ convenience, we inform or disclose the name of the subcontractor and details of the contract and get an approval from our customers in advance. We outsource the management of our customers’ personal information as follows for the improvement of the Services. We stipulate the needed matters for the safe management of such information when signing the agreement and supervise things for their compliance.

The assignees we have entered an agreement with and the details of the agreement for the outsourcing of customers’ personal information are as follows:

Assignee Assigned Duties Personal Information Retention & Use Period
KICC Approval of credit card payment and purchase agency Until the withdrawal from membership or end of the outsourcing contract
PayGate CO., LTD. Operating agency for the Services
SoftBay
NHN KCP User authentication for the use of the Services Disposed as soon as the goal is achieved

Chapter 5. Personal Information Destruction Procedure and Method

1) We keep and use our customers’ personal information as long as we provide the Services. However, it can still be preserved even after the end of the Services if deemed necessary by related laws.
2) Members’ personal information shall be immediately destructed if its goal is achieved. Therefore, the personal information collected under temporary purposes is deleted as soon as its goal is attained.
3) If you withdraw your consent to the provision of your personal information, the collected information is destructed right away. It cannot be used for any purposes unless otherwise specified.
① Destruction procedure
A) After the objectives of collection and use of personal information are obtained, it is transferred to a separate database (a separate file in case of paper documents) and destroyed after being stored there for a certain period of time according to our internal policy or related laws and relations (Refer to the Retention and Use Period).
B) Once the personal information is moved to a separate database, it shall not be used for any reasons other than retention unless otherwise specified by law.
② Destruction method
A) Personal Information written or printed on paper (in writing): Destroyed by shredding or incineration
B) Personal Information saved in an electronic file format such as database: Deleted making sure that it cannot be recovered anymore
③ Deadline for destruction
Users’ personal information shall be destructed within five (5) days from the expiry date once its retention period expires. If such personal information becomes unnecessary because of failure to sign a contract within one (1) year from the provision of personal information, cancellation of the contract or refusal to get the Services, it shall be destructed within five (5) days from the date that the handling of personal information became unnecessary.
④ Destruction of inactive users’ personal information
In accordance with the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc., if you do not use the Services (or sign the contract) for more than 12 months or are refused to get the Services, your ID and personal information become inactive immediately (within five business days).
In the said case, we shall inform the fact that users’ personal information would be destructed, its expiry date and its details to them by email, in writing, by fax, by telephone or an equivalent communication means within 30 days from the end of the said 12-month period.

Chapter 6. Users’ and their Legal Representatives’ Rights and their Exercise

1) You (including legal representative if you are under 14) are entitled to search & have your personal information corrected, cancel your membership or withdraw your consent to the collection, use, outsourcing or provision of your personal information anytime.
① Reading & proof or modification of personal information
You (or your legal representative) may request the reading and proof of your personal information through an email.
② If you ask for the reading and proof of your personal information, you need to present your picture ID (copy) such as resident registration card, passport and driver’s license.
③ In case your legal representative requests the reading and proof of your personal information, he/she needs to present a power of attorney, certificate of your seal impression and his/her ID.
④ If you request for correction, your personal information shall not be available until such correction is completed. If incorrect personal information is already provided to a third party, the correction shall be informed to him/her immediately.
2) Withdrawal from the Consent to the Collection, Use and Provision of Personal Information
① you can agree to (or withdraw from your consent to) the collection, use, assignment or provision of your personal information by visiting us with the ID specified in Subparagraph ② of Paragraph 1) of Chapter 6 above.
② If you contact us via our customer service center (‘http://www.dosiraktalk.com’ > Customer Service Center > Email Inquiry), we shall handle it immediately.
③ A legal representative (or when requested by a parent) can withdraw the consent to the collection, use or provision of personal information given by a child under 14. The legal representative can also request for reading or correcting the personal information provided by the child under 14.
④ We handle the personal information canceled or deleted by your request according to the Personal Information Retention and Use Period. We keep it unavailable for purposes other than the original intent.

Chapter 7. Technical/Administrative Measures for Personal Information Protection

We take necessary technical and administrative measures as stated below to keep our users’ personal information secure and safe from loss, theft, leak, falsification or damage.

1) Encryption of personal information
Users’ personal information (e.g., credit card information, etc.) is stored/managed in an encrypted form. It can be transmitted in a secure and safe manner on a network, using the secure socket layer (SSL). Passwords are also stored/managed in a one-way encrypted and non-decodable fashion.
2) Countermeasures against hacking or other cybercrimes
We install a system in a zone in which access from the outside is controlled to prevent users’ personal information from being leaked or damaged by hacking or malware. In addition, we keep such information secure and undamaged, using the latest computer vaccine program. We also ensure that the personal information is transmitted safely on a network, via the SSL. We also keep unauthorized persons from entering, using an intrusion prevention system (IPS). In terms of other system features, we keep working hard to accommodate all possible technical devices for the purpose of securing confidentiality.
3) Minimization of personal information handling staff and provision of related education programs
We minimize personal information handling staff and disable the external Internet services in office PCs to reduce a risk of personal information leak. We establish well-designed standards on the creation, change and access authority to password regarding the personal information database system and personal information handling system and carry out audit regularly. We also provide regular education on personal information protection duties and security against all personal information handling management and staff.

Chapter 8. Chief Privacy Officer and Contact Information

We appoint and operate a chief privacy officer as follows to protect our customers’ personal information and handle personal information-related complaints and inquiries. We value our customers’ opinions. If you have any question, contact us through DosirakTalk or our website. Then, we will get back to you shortly with accurate answers.

1) Chief Privacy officer
① Name: Kim Shin-gyun
② Dept.: Computer Development Team
③ Job Title: Dept. manager
④ Contact: [email protected]

2) Privacy officer
① Name: Yoon Sung-soo
② Dept.: Plan&Stategy Team
③ Job Title: Dept. section cheif
④ Contact: [email protected]

2) If you need to report or consult on the infringement of personal information, contact each organization below:
① Personal Information Infringement Report Center: http://privacy.kisa.or.kr / (no area code) 118
② Personal Information Dispute Adjustment Committee (http://kopico.go.kr): 1833-6972
③ Dept. of Cyber Investigation, Supreme Prosecutor’s Office): http://www.spo.go.kr / (area code) 1301
④ National Policy Agency Cyber Bureau: http://cyberbureau.police.go.kr / (without area code) 182

Chapter 9. Policies Concerning the Handling of other Personal information

Personal ID and password control
In principle, users’ ID and password can be used by the user only. Unless we have any intention or negligence, we are not responsible for loss of peach or fruit. We shall not be responsible for any problems resulting from the use of theft or other means for users. We are not liable for the problems resulting from the theft, password or use of other matters. Under any circumstances, do not open your password to customers. If theft of others’ personal information is confirmed, the use of the Services can be limited unilaterally. There would be imprisonment or penalty according to the related laws.

Chapter 10. Announcement

This Privacy Policy was amended on June 25, 2018. If it can be added, deleted or revised according to the government’s policies, information protection-related laws or changes in security technology, the results would be informed via 7-day trip. If the contents are added, deleted or revised according to the Government’s Policies and Information Protection, it shall be informed via the website staring 7 days from the date of the revision. However, in case there are significant changes regarding the users’ rights such as collection & utilization of personal information and provision of a third party, Then, we announce the results via website or email at least 30 days before the revision:

Effective Date: June 25, 2018
(View previous privacy policy)
(View the latest privacy policy)