ENG
Down
KOR
JPN
ENG
🔏

Privacy

Featured Co., Ltd. respects users' personal information and complies with laws and regulations related to personal information. Featured Co., Ltd. (hereinafter the 'Company') complies with related laws such as the Act on Promotion of Information and Communications Network Utilization and Information Protection (hereinafter the 'Act') and the 'Standards for Technical and Administrative Protection Measures of Personal Information' announced by the Korea Communications Commission, In accordance with Article 27-2 of the Act, the 'Personal Information Handling Policy' is disclosed as follows, and it complies with the 'Personal Information Protection Act' and the 'Standard Personal Information Protection Guidelines' of the Ministry of Public Administration and Security.

The company's personal information processing policy may be changed from time to time due to changes in government laws and guidelines or changes in the company's internal policies, and the necessary procedures are set for continuous improvement of the personal information processing policy. In the case of revisions to the personal information processing policy or changes to the personal information processing policy, it is disclosed to the service so that users can easily view it at any time.

1. Collection and use of personal information

The minimum necessary personal information is collected in the process of membership registration, service and customer center use, fax/phone inquiries, etc., and we notify you in advance and seek consent.

  • We collect essential information necessary to perform essential functions of the Cinnamon service.
  • Information that is additionally requested for optional purposes (to provide additional services or functions) is collected separately by optional items.
  • Service usage record, IP address, cookie, connected device model name, and OS information are automatically generated and collected, preventing illegal use of the service, checking usage history, access frequency and usage statistics, handling customer inquiries, and It is used for purposes such as service improvement.

1.1. Consent to collection of personal information

The company considers that the user agrees to the collection of personal information when the user signs ⌜agree⌟ or ⌜disagree⌟ in the personal information processing policy.

1.2. Purpose of collection and use of personal information

Personal information is information about a living individual in accordance with Article 2, Paragraph 1 of the Personal Information Protection Act, which means information that can identify a specific individual, and can be easily combined with other information even if a specific individual cannot be identified. that can be identified. The purpose of the company collecting and using users' personal information is as follows.

  • Member management
  • Personal identification according to membership service use
  • Prevention of illegal use by bad members and prevention of unauthorized use
  • Confirmation of intention to join, limit the number of subscriptions and subscriptions
  • Retention of records for customer consultation, receipt and handling of customer complaints, and dispute settlement
  • Disclaimer
  • New service and content development and customer analysis
  • Only users over the age of 14 can sign up. Implementation of the contract for service provision
  • Information delivery, marketing and advertising during event events such as event/gift winning results and product delivery
  • Statistics on service use records, access frequency and service use/provided customized service, use of service improvement

1.3. Items and methods of collecting personal information

A. The company collects only essential information to provide basic services, and collects it with separate consent when collecting information other than those not disclosed in the processing policy.

I. The company does not collect sensitive personal information that may infringe on users' basic human rights (race and ethnicity, ideology and creed, place of birth and domicile, political orientation and criminal record, health status, etc.). And, in any case, the entered information is not used for any other purpose other than the purpose of revealing it to users in advance, and it is not leaked to the outside.

It is. Personal information is retained and used from the date of collection until the member withdraws from membership or withdraws consent to use behavioral information. After the retention period, de-identification measures are taken and it is retained and used only for statistical business purposes. The company collects and uses personal information and behavioral information as follows.

1.4. Limit children's use of services

For the protection of personal information of children under the age of 14, the company only allows users over the age of 14 to sign up for membership.

1.5. How we collect personal information

The company collects personal information in the following ways.

  • Enter directly when registering via web page

1.6. Period of retention and use of personal information

User's personal information is retained and used during the period the company provides services to users. Personal information collected at the time of membership withdrawal is immediately destroyed so that it cannot be viewed or used.

In addition, users who have not logged in for a long time (a certain period (one year) without logging in) will convert their member accounts to dormant accounts. However, if the user separately consents to the provision of personal (credit) information, the retention and use period will be applied according to the consent.

However, if there is a need to preserve it in accordance with the provisions of the relevant laws, it will be preserved in accordance with the relevant laws and regulations.

  • Reason for retention of visit records: Protection of Communications Secrets Act Retention period: 3 months
  • Reason for retention of withdrawal member information: Data backup retention period by user request: 3 months

1.7. Provision of personal information to third parties

A. The company uses the user's personal information within the scope notified in "Article 3 (Collection and Use of User Information)", and in principle, regardless of the scope of the purpose of collection without the user's prior consent, or regardless of the company's business entrustment It is not provided to third parties. However, in the case of providing a user's personal information to an affiliate or a personal information entrusted company to provide quality service, the user is notified in advance of the name of the company, the items of personal information to be provided, the purpose of provision, the retention period, etc. and individual consent is obtained. provides. It will not be provided if there is no consent, and we will notify you even if the affiliates and personal information entrusted companies have changed.

However, exceptions are made in the following cases.

  • When providing in a form that cannot identify a specific individual as necessary for statistical preparation, academic research, or market research
  • If identification is required to prevent theft
  • If there is an unavoidable reason required by the provisions of the law or the law
  • When there is a request from an investigative agency according to the procedure and method stipulated in the law for the purpose of investigation

I. If the user consents, only the information entered at the time of registration is provided to the person designated below for the smooth implementation of service/customer analysis and statistics, content development and provision, and customer equivalent.

It is. The provided personal information is transmitted encrypted and used only to the minimum extent necessary for the purpose.

1.8. Collection of advertising identifiers (ADID/IDFA) when using web services

The company may collect ADID/IDFA of users. ADID/IDFA is an advertisement identification value of web service users, and may be collected for measurement to provide customized services (contents and products, etc.) to users or to provide advertisements in a better environment. Collection is carried out through automatic collection tools such as GA360 and does not contain personal information.

1.9. Consignment processing of personal information

A. The company may entrust the processing of personal information to provide improved services. In the case of consignment work, the following information is notified to the user and consent is obtained, and the same applies even if any one of the matters is changed.

I. The company may entrust the processing of personal information to an entrusted company without notice or consent to the user by disclosing the personal information processing policy only when necessary to fulfill the contract for the provision of information and communication services and to enhance the convenience of users.

2. Rights/duties of data subjects and how to exercise them

2.1. User rights and obligations

A. Please prevent unexpected accidents by entering the user's personal information accurately and up-to-date. Users are responsible for accidents caused by incorrect information entered, and if they enter false information, such as stealing other people's information, membership may be lost.

I. Users have a duty to protect themselves and not to infringe on the information of others along with the right to have their personal information protected. Be careful not to leak your personal information, including passwords, and be careful not to damage other people's personal information, including postings. If you fail to fulfill this responsibility and damage other people's information, you may be punished according to the ⌜Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.⌟.

2.2. Right to request access to personal information

A. The information subject may request access to his/her personal information processed by the company.

I. The company must allow the information subject to view the personal information within 10 days of receiving a request from the information subject. If there is a justifiable reason for not being able to view the information, the information subject may be notified of the reason and the reading may be postponed, and if the reason is extinguished, the information shall be opened without delay.

It is. In the case of the following reasons, the company may notify the information subject of the reason and restrict or reject the reading.

A. When access is prohibited or restricted by law

B. If there is a risk of harming the life or body of another person or unfairly infringing on the property and other interests of another person

2.3. Right to request correction/deletion of personal information

A. The information subject may request the company to correct or delete his/her personal information. However, if the personal information is specified as a collection target in the Act, you cannot request the deletion.

I. When a data subject requests correction or deletion of his/her personal information, the company shall take necessary measures such as correction or deletion without delay, except in cases where special procedures are stipulated in laws and regulations, and then notify the data subject of the result.

It is. If the information subject requests correction of errors in personal information, the personal information will not be used or provided until the correction is completed.

L. When the company deletes personal information, it must take measures to prevent it from being recovered or reproduced.

E. If necessary, the company may have the information subject confirm the requirements for correction and deletion and submit the necessary evidence.

2.4. Right to request suspension of processing of personal information

A. The information subject may request the company to stop processing his/her personal information.

I. The company must suspend all or part of the processing of personal information without delay when the information subject requests the cessation of processing of his or her personal information. However, in the following cases, the information subject may reject the request to suspend processing.

A. If there are special provisions in the law or it is unavoidable to comply with statutory obligations

B. If there is a risk of harming the life or body of another person or unfairly infringing on the property and other interests of another person

C. If it is difficult to fulfill the labor contract with the data subject if personal information is not processed, and the data subject does not clearly indicate his/her intention to terminate the contract

It is. The company shall take necessary measures, such as destruction of personal information, without delay for the personal information whose processing has been suspended according to the request of the information subject.

2.5. How to request access/correction/deletion/suspension of personal information

If the information subject requests to view/correct/delete/suspend processing, fill out the “Personal Information Request Form” and send it to the person in charge of personal information protection by e-mail, and we will process it immediately.

2.6. Withdrawal of consent to collection, use and provision of personal information

A. Users can withdraw their consent to the collection, use, and provision of personal information at any time through membership registration. If you withdraw your consent to the collection, use, and provision of essential information, the company may guide you to withdraw from membership.

I. When you cancel your membership, you are considered to have withdrawn your consent to the collection, use, and provision of personal information. In addition, if you contact the person in charge of personal information management and personal information management in writing, by phone, or by e-mail, the necessary measures will be taken to immediately withdraw from membership or withdraw consent. If we have taken measures such as withdrawing consent and destroying personal information, we will notify you without delay. (However, withdrawal of consent for collection and use of essential information necessary for service provision is an exception.)

It is. The company takes necessary measures to make withdrawal of consent to collection of personal information and withdrawal of membership easier than the method of collecting personal information.

3. How to manage, destroy, and notify changes to personal information

3.1. Procedures and methods for destroying personal information

After the purpose of use of the collected personal information is achieved, the company destroys the information without delay according to the period of storage and use. The destruction procedure, method and timing are as follows.

- Destruction procedure and timing

The personal information entered by the user for service subscription, etc., after the purpose of use, such as service termination, is achieved, for a period of retention according to the information protection reasons (refer to the period of retention and use of personal information above) according to internal policies and other relevant laws After this time has elapsed, it will be deleted or destroyed. In general, personal information collected by the company at the time of membership registration and managed in the form of an electronic file is deleted immediately upon withdrawal from membership.

- Destruction method

Stored personal information is deleted using a technical method that cannot reproduce the record.

3.2. Notice or method of notice of privacy policy

A. When the company intends to obtain additional consent from the user in order to use the user's personal information beyond the scope of the user's consent or to provide it to a third party, the company shall notify the user individually in advance in writing, by e-mail, or by phone. .

I. In the case of entrusting the collection/storage/processing/use/providing/management/destruction of the user's personal information to another person, the user is notified of the fact through the sign-up screen, service terms of use, and the personal information processing policy of the website, and consents get

It is. If the company transfers all or part of its business or transfers its rights/duties due to merger/inheritance, etc., it shall notify users individually through written/e-mail, etc. and at the same time indicate so that they can be identified on the first screen of the website for 30 days The above is announcing that fact. However, in the case of notification in writing/e-mail or other means, if the user's contact information is not known without negligence, natural disaster, or other justifiable reason not to notify, at least two central daily newspapers (most of the users living in a specific area) In this case, it can be used as a daily newspaper that uses the area as a supply area), instead of making an announcement at least once.

3.3. Technical and administrative measures to protect personal information

A. The company has prepared and applied technical and administrative measures to protect users' personal information.

I. Technical measures The company is taking the following technical measures to ensure safety in handling users' personal information so that personal information is not lost, stolen, leaked, altered or damaged.

- The user's personal information is protected by a password, and files and transmission data are encrypted and stored.

It is. Administrative Measures

- The company limits the access rights of users to personal information to the minimum number of people. Those who fall under the minimum number of people are as follows.

A. A person who performs marketing tasks directly with users

B. Persons who perform personal information management tasks, such as the person in charge of personal information management and person in charge

C. Others who need to handle personal information for business

- The company prepares procedures necessary for accessing and managing users' personal information so that its employees are familiar with and comply with it, and acquire new security technologies and personal information for employees who handle personal information We are conducting regular in-house training and outsourced training on protection obligations, etc.

- Handover of personal information-related handlers is carried out thoroughly with security maintained, and responsibility for personal information accidents after joining and leaving is clarified.

- When using a computer to process users' personal information, the company designates a person in charge of access to personal information, grants an identification code (ID) and password, and updates the password regularly.

- When hiring a new employee, the company signs an information protection pledge or personal information protection pledge to prevent information leakage by employees in advance and to monitor the implementation of the personal information processing policy and the employee's compliance with internal procedures has been established and is being continuously implemented.

- The company signs a confidentiality agreement upon resignation to prevent damage/infringement or leakage of personal information that the person who handled the user's personal information learned in the course of his/her job.

- We are not responsible for any actions that occur due to the user's personal mistakes or basic Internet dangers. In the case of users, each individual must properly manage his/her ID and password and take responsibility for it in order to protect his/her personal information.

- We recommend that you avoid using a password that is easy for others to guess, and that you change your password regularly.

- In the event that personal information is lost, leaked, altered, or damaged due to a mistake by an internal official or an accident in technical management, the company will immediately notify the user and take appropriate measures and compensation.

4. Post management plan

A. The company values ​​users' posts and does its best to protect them from falsification, damage, or deletion. However, this is not the case in the following cases.

- Spam postings (eg, letters of luck, advertisements for specific sites, advertisements and links to other sites, etc.)

- Posts that defame others by spreading false information for the purpose of slandering others

- Posts that infringe on rights such as disclosure of other people's personal information without consent, the company's copyrights, intellectual property rights of third parties, and other content different from other bulletin board topics

I. In order to activate a desirable online culture, the company may delete all or specific parts of the disclosure of other people's personal information without consent, or modify it with a symbol and post it.

It is. Fundamentally, all rights and responsibilities related to the posting rest with the individual author. In addition, information that is voluntarily disclosed through postings is difficult to protect, so you should use the service after careful consideration before information disclosure.

5. Personal information manager and person in charge

A. The company values ​​the protection of users' personal information and is doing its best not to damage, infringe, or leak users' personal information. However, despite taking technical supplementary measures, we are not responsible for information damage caused by unexpected accidents caused by basic network risks such as hacking, and for various disputes caused by posts made by visitors.

I. We ensure that the customer center responds promptly and faithfully to inquiries related to users' personal information protection. In addition, if the user wants to contact the company's personal information protection officer, please contact us at the contact information or e-mail below and we will respond promptly and faithfully to inquiries related to personal information.

- Person in charge of personal information management

Person in charge: Choi Hwa-seop

Title: Personal Information Protection Officer

Phone: 070-4794-3043

Email: poza@featuring.in

- Person in charge of personal information management

Person in charge: Han Su-yeon

Title: Featured Service Operation Manager

Phone: 070-4794-3043

Email: yoni@featuring.in

If you need to report or consult on other personal information infringement, please contact the following organizations.

- Privacy Infringement Report Center (privacy.kisa.or.kr / 118 without area code)

- Cyber ​​Investigation Division, Supreme Prosecutors' Office (www.spo.go.kr / 1301 without area code)

- Cybersecurity Bureau of the National Police Agency (cyberbureau.police.go.kr / 182 without area code)