Meissa, Co., Ltd. (hereinafter the “Company”, “we”) thoroughly complies with domestic personal information protection laws such as the Act on Promotion of Information and Communications Network Utilization and Information Protection (hereinafter the 'Information and Communications Network Act') and the Personal Information Protection Act. We are establishing and disclosing the personal information processing guidelines as the following to do our best to protect the rights and interests of our users.
All users can use the service provided by the Company and get more various services by signing up. When we collect the users’ personal information, we will notify of the fact to the user beforehand and obtain consent. The method of collection includes the homepage (signing up), using the service, Customer Service center inquiries, email inquiries, phone, and paper forms. The personal information collected from the users is as follows:
① Service Member Sign-up and Management
● Required Information
○ Login ID (Email), encoded password
○ The member’s work information including company/department/position, name, and contact information such as cell phone number/email
○ Information generated during using the service, such as usage behavior and frequency of use
○ Operating system and hardware environment information, such as OS version and device information
● Optional Information
○ Profile information that the member entered
② When using the service, the information below may be automatically created and collected.
● IP Address, Cookie, device information, date of visit, service usage record, abnormal usage record, location information, etc.
③ If it is necessary for payment during using the paid service, the following information may be collected:
● When making payment with credit card: Card company name, card number, etc.
● When bank transferring: Bank name, account number, etc.
④ For the free trial of test users, the following information may be collected:
● Name, company name, contact information such as cell phone number, email, etc.
⑤ The personal information of the users may be collected during the consultation with the Customer Service center through webpage, email, fax, and phone.
The Company collects personal information with the following methods:
① Collected by the user voluntarily providing the information during service registration or usage
② The created information, such as device information and service usage record, is collected automatically while using the service
The Company is collecting personal information of the users for the following purposes. The collected personal information isn’t used in any way other than for the following purpose, and a prior consent will be obtained if the purpose of usage changes.
① Member Registration and Management
● User identification, confirmation of will register, registration, and limitation on number of registrations
● Securing a way to smoothly communicate, responding to the customer inquiry, etc.
● Informing of the new feature, relaying notice, etc.
● Preventing malicious members from inappropriate usage, preventing unauthorized use, maintaining record for self-identification and dispute mediation, handling complaints, etc.
② Providing the ServiceProviding the service that can be used through the member’s account, including project uploadᆞmanagementᆞsharing and using features of the project
③ Carrying out the Contract on Service Provision and Fee Calculation per Paid Service Provision
● Fee calculation upon providing the service promised with the user, and purchasing and using the service
④ Service Improvement and New Service Development
● Discovering new service elements based on the service access and usage record and using them to improve the existing service
⑤ Customized Service and Prevention of Misuse
● Analyzing service usage record and access frequency, statistics of service usage, providing customized service, using for service improvement, etc.
⑥ Handling Complaints
● Confirming the identity of the complainant, confirming the compliant, contacting and notifying for fact-finding, and notifying processing result
The personal information of the users is limited in using for the purpose of collection and use and the usage period, and in the event of requesting the withdrawal of membership or the consent, we destroy the information immediately.However, the information that needs to be stored per the relevant laws is stored for the period set by the laws.
① Website membership registration and management: Until withdrawing from the business/group website
However, in the case of the following reasons, until the end of such reasons:
● In the case of an investigation in progress due to violating related laws and regulations, until the end of the investigation
● In the case of remaining claim/debt relationship due to using the website, until the relevant claim/debt relationship is cleared
② Retention of illegal use records: 1 year (to prevent illegal use)
If it is necessary to retain information for a certain period of time per the regulations of related laws, such as the Consumer Protection Act in Electronic Commerce, Protection of Communications Secrets Act, etc., the Company retains the information for a set period of time, and the time is as follows:
① Transaction record, such as display, advertisement, contract, and fulfillment thereof, according to the 「 Consumer Protection Act in Electronic Commerce」
● Record of contract or withdrawal, payment, supply of goods, etc.: 5 years
● Records of consumer complaints or dispute resolution: 3 yearsRecords of display and advertisements: 6 months
② Storage of communication confirmation data per 「Communication Secret Protection Act」
● Computer communication, Internet log record data, access location tracking data: 3 months
The Company uses the members’ personal information within the scope specified in the ‘Purpose of Collection and Usage of Personal Information’ and does not provide personal information to external parties without the members’ consent. As such, the following information may be disclosed while using the service:
While using the web service, the name card information and the other information that the member optionally agreed to enter may be disclosed between the connected members. Als, when the member shares the project to other person, partial information of the name and company name may be disclosed to the recipient for the identification of the sharer.
Amazon Web Service
● Consignee name and contact: Amazon Web Service, Inc (https://aws.amazon.com/compliance/contact/)
● Consigned task and purpose: Data storage and system operation
● Personal information transferring company: Republic of Korea (AWS Seoul Region)
● Personal information items transferred: All personal information collected during the service provision
● Date and time the personal information is transferred: The first time of membership registration or service usage
● Personal information transferred method: Storing personal information in AWS cloud computing environment
● Personal information retention and usage period: Operate and manage the cloud server that stores personal information during the personal information retention period
In principle, the Company does not disclose the personal information other than specified above to external parties. However, the exception would be made in case of the request from an investigation agency per the procedures and methods stipulated in laws and regulations for investigation purposes or in the case of users’ consent. Also, it may be provided in the form of statistical data that cannot identify specific individual when needed for statistics, academic research, or market research.
Members can view, disclose, hide, or modify their personal information at any time and may request to delete or discard the information.
① Members can access and modify their personal information registered in the system at any time. Members can directly view or modify the registered personal information in the service for the access and modification of the personal information.
② In case the user is 14 years old or younger, the legal representative (parents, etc.) has the right to access or modify the personal information and the right to withdraw the consent to collect and agree to use the service.
If a member wants to withdraw the membership, they can do so directly from the web service. If it is difficult to withdraw, please contact the personal information manager by phone or email, and we will take immediate action.
In the event the Company discovers a person who signed up or used the service by stealing other person’s ID or other personal information, such as cell phone number, email address, affiliation, etc., we will take a necessary action immediately by suspending the service use of the ID or canceling the membership.
In principle, the personal information of members will be destroyed immediately once the purpose of collection and use is achieved. The Company’s procedure and method of personal information destruction are as follows:
The information the member entered for service registration, etc., is moved to a separate DB or storage after the purpose is achieved, and it will be stored for a set period of time and destroyed according to the information protection reason per internal regulation and other related laws (refer to the Retention and Usage Period of Personal Information). The above personal information stored separately will not be used for any other purpose other than specified above.
The personal information of the user will be discarded within 5 days after the end date of the retention period in case the retention period has passed. In case the personal information is no longer needed due to achieving the purpose of personal information processing, discarding the service, end of the business, etc., the personal information will be destroyed within 5 days from the day that’s recognized that the information is unnecessary.
The personal information printed on paper will be shredded with a shredder or destroyed by incineration. Personal information stored in electronic files will be deleted using a technical method that cannot reproduce the record.
The Company uses ‘cookies’ to store and frequently retrieve usage information to provide individually customized service. Cookie refers to a special text file stored in the user’s storage device when accessing the website, and it is sent in the format that only the website’s server can read and saved under the directory of the individual’s browser. In case of not being able to use the cookie technology such as an mobile application, we may use the technology that performs a similar function as the cookie (ad identifier, etc.).
It is used to provide optimized information to users by identifying the types of visits and usage of each service and website the user visited, popular search terms, and whether accessing through secure access.
Users have a choice in terms of setting cookies. By setting the web browser’s option, they can determine to allow all cookies, agree to allow cookies, or block the cookies themselves. However, if they refuse to store cookies, they might not be able to use certain services that requires logging in.
Members have the right to be protected of their personal information as well as the responsibilities to protect themselves and not interfere with other person’s information. Please be careful not to disclose personal information including the password and not to damage other people’s personal information such as posts.
Users themselves are responsible for the accidents that occur due to incorrect information entered by the members. The members have the responsibility to accurately enter the up-to-date information to prevent unfortunate accidents.
If a member fails to fulfill the above responsibilities and damages information and dignity of others, they may be subject to punishment according to relevant laws such as the 『Act on Promotion of Information and Communications Network Utilization and Information Protection』.
According to Article 29 of the Personal Information Protection Act, the Company is making following efforts to protect the precious personal information of the users:
The Company is doing our best to prevent the leaking or damaging of members’ personal information by hacking or computer virus. We are preventing members’ personal information and data from being leaked or damaged, and we are safely transferring personal information on the network through encrypted communication.
The personal information and the passwords of the users are encrypted before storing and management, so only the users themselves know the password. Important data is subject to a separate security feature, such as encrypting the file and transfer data or using the file locking feature.
We are storing and managing the record of access to the personal information processing system at least 6 months, and we are using the security feature so that the access record won’t be forged, stolen, or lost.
You can report all complaints related to personal information protection that occur during using the Company’s web service to the Personal Information Manager or the department in charge. The Company will promptly respond to the member’s report.
Personal Information Manager
● Name : Young-hun Kim
● Affiliation : Meissa Inc.
● Position : Chief Operating Officer
● Tel : 02-883-2140
● Email : email@example.com
Also, if you need to report or consult about personal information infringement, you can contact the following organizations for help:
● Personal Information Infringement Report Center (without area code) 118 http://privacy.kisa.or.kr
● Cybercrime Investigation Team, Supreme Prosecutors’ Office 02-3480-3571 firstname.lastname@example.org
● National Police Agency Cyber Terror Response Center (without area code) 182 http://www.ctrc.go.kr
If there is an addition, deletion, or modification to the content above, the Company will be notifying on the website or individual user notice at least 7 days prior to the operation date. However, in case there is an important change in the precious rights or responsibilities of the users, it will be notified at least 30 days before the change and may get user consent again if needed.