2022. 05. 30.
If an individual, at any time, has any questions or feedback relating to the Company’s Policy or the Company’s collection, use, processing and protection of their Personal Data, please do not hesitate to contact the Company’s Privacy Protection Officer at email@example.com.
1. Purpose of Use of Personal Information
Personal information will be used for the following purposes and will not be used for purposes other than the listed below. If there is to be a change in the purpose of use, the Company shall receive agreement prior to the change.
a. Website registration and management
To verify your intention to register, manage user qualification, identify personal identification, prevent misuse of services, notify various changes or notifications, handle issues, keep record of conflicts etc.
b. Provision of product or service
To provide service, contents, or customized services, as well as fee payment etc.
c. Marketing and advertising
To develop new services and provide customized services, provide information and opportunities to participate in events and promotions, provide services and publish advertisements according to demographic features, to verify the validity of services, to figure out access frequencies or obtain statistics on the service uses by members
2. Types of Personal Data Collected and Collection Methods
a. Types of Personal Data Collected
Firstly, the Company collects the following information when users initially register for proper registration, smooth customer service, and various other services.
· ID, password, full name, birthday, home address, business registration number, fax number
· Company name, title, CEO name, company address, company phone number, administrator’s mobile phone number
Secondly, in the process of using paid services, the following information may be collected.
· Credit card information, bank account information, payment history.
Thirdly, in the process of using services or business operation, the following information maybe automatically created and collected.
· Access IP information, records of service use, records of access and visit information
b. Personal Information Collection Methods
· Website, smartphone app, hardcopy document, fax, phone, customer support bulletin board, email
· Provision from third-party partner companies
3. Storage and Use Period of Personal Information
The Company retains and uses personal information for a specified period of time incompliance with relevant laws or as agreed upon by the information provider at the time of collection.
a. Personal information related to website registration and management, customer service, provision of products and services, provision of marketing and advertisements are stored and used from date of privacy information collection agreement till membership withdrawal
4. Provision of Private Information to Third Parties
Quota Lab only provides personal information to third parties provided that consent from the information provider has been obtained or as allowed by specific provisions under the law.
5. Consignment of Personal Information
Quota Lab entrusts personal information processes to third parties that provide professional services to offer its services, taking necessary measures for safe protection of personal data when consigning it to third parties in accordance with related laws.
Personal information may not be used for purpose other than the entrusted activities, technical and administrative measures are to be taken for safety, reconsignment is to be restricted, management oversight of the consignee is provided, any damage shall be compensated and etc., supervising whether the consignee handles personal information safely.
If the scope of consignment or the consignee is to change, the Company shall disclose the personal information processing policy without delay.
Entrusted Company (Consignee) & Entrusted operations
· Transmitting personal (credit) information through data subject’s authenticated information
· Requesting through data subject’s authenticated information for the improvement of API service and operation
· Storing request and response data (Full destruction upon the end of consignment contract)
· Processing data subject’s requests for perusal, correction, deletion, suspension of personal information
· Verification of identity for registration and voting for specific agendas
Korea Financial Telecommunications and Clearings Institute (KFTC)
· CMS withdrawal & transfer services
· Sending out emails of major transactions (Location: United States)
· Sending out emails (Location: United States)
· Customer service management (Location: South Korea)
6. Rights of Users & Legal Representatives and Exercising Those Rights
Users, as owners of personal information, are entitled to exercise their rights listed below.
a. Users can exercise their rights to personal information listed below at any time
i) Request to view personal information
ii) Request to edit errors
iii) Request to delete
iv) Request to stop process
b. Data subjects can exercise the rights provided in paragraph (1) by submitting a request to Quota Lab by post, email or fax and the Company shall take measures without any delay.
c. When a data subject requests the correction or deletion of any error, etc., to the data subject’s personal information, the relevant information will not be used or provided until it is corrected or deleted.
d. A data subject may exercise the rights provided in paragraph (1) through an agent, including a legal representative and a power of attorney. In such cases, the data subject must submit a letter of delegation.
7. Installation, Operation and Rejection of Automatic Personal Information Collection System
a. Purpose of use
To provide personalized service and target marketing based on statistical analysis of member/non-member visit frequency or time, user interest area or preference and its tracking, event participation frequency etc. Users have the right to allow all cookies, confirm at every cookie savings or to reject all savings of cookies from the web browser's setting options.
Method: ie. Internet Explorer => Select "Tool" menu at the top of the browser.> "Internet Options" > "Personal Data" Tab >Settings (Please be noted that if you choose to opt out of cookies, it might be difficult for the Company to provide you with a personalized service)
c. On installation, operation and rejection of other automatic personal information collection systems
To provide better service to users, Quota Lab uses Google’s Web log analytics tool, Google Analytics.
Google Analytics collects the Company website user’s behavioral data through cookies, and only collects personally unidentifiable information. Even in this case, the user can install additional add-on from https://tools.google.com/dlpage/gaoptout to opt out of Google Analytics or can set from web browsers to opt out from cookies to refuse the use of Google Analytics. Please be noted that if you choose to opt out of Google Analytics, it might be difficult for the Company to provide you with a personalized service. Personally identifiable information collected through Google Analytics can be used for online advertising purposes through Google Ads service.
8. Destruction of Personal Information
Quota Lab destroys user personal information immediately after the purpose of collection has been properly achieved. The procedures and methods for destroying personal information are as follows:
· Destruction procedure: Personal information provided by a user is destroyed in accordance with relevant laws and internal policies after the expiration of the retention period or the achievement of original purpose.
· Destruction method: The Company destroys personal information in the following ways
o Electronic data will be destroyed in an irreversible manner using technical methods.
o Paper data will be either destroyed by a shredder or will be incinerated
9. Security Practices Regarding Personal Information
Quota lab takes the following technical, managerial and physical security measures in accordance with Personal Data Protection Act
a. Minimization of personnel handling personal information and training.
The Company designates personnel in charge of personal information at a minimal level on order to protect personal information.
b. Personal information encryption
User’s personal information and password are encrypted for storage and can be only accessed by the user. Important information such as files and transferred data are also encrypted or locked using passwords and properly secured.
c. Incident measures (ie. hacking)
Quota Lab runs security/protection programs to prevent personal information from being leaked or damaged due to incidents such as hacking or computer viruses. The Company also conducts periodical updates to check and install systems to prevent and monitor restricted information and area from external access technically and physically.
d. Restricted access to personal information
The Company is taking necessary steps to prevent access to personal information through granting, updating and expiring permission to the database system to handle personal information and is restricting unpermitted external access through intrusion prevention system.
e. Systems to secure documents
Documents or other storage devices that store user’s personal information are stored and managed in a safe place with secure locking systems.
f. Access control of unauthorized persons
The Company holds a separate physical place to store personal information. We implemented and are operating its access control.
10. Privacy Protection Officer
a. To be responsible for personal information processes and to handle personal information subject’s complaints, inquiries and to protect users from damage, Quota Lab appoints the following personal information protection manager.
▶ Officer in charge
Name : Dong Hyun Choi
Position : CEO
Contact number : +82-02-6447-8004
Contact email : firstname.lastname@example.org
b. For any inquiries, complaints, damage relief or other matters concerning personal information protection, data subjects can contact and inquire directly to the Privacy Protection Officer.