privacy policy
Wave Company Co., Ltd (hereinafter referred to as 'Company') establishes and discloses a personal information processing policy as follows in order to protect users' personal information in accordance with the Act on Promotion of Information and Communication Network Use and Information Protection, etc. and the Personal Information Protection Act.
This privacy policy will take effect on June 1st, 2024.
1. Personal information collection items and methods of collection
(1) Personal Information Collection Items
The company handles the following personal information items when using the service
Sortation
Mandatory items
Device information (specific identifier, model name, country code, carrier information, language setting information, OS version, app version, IP address, manufacturer, location information)
Service usage history (service version, settings, usage time and duration, usage frequency, usage pattern)
Application information (refer to the app manifest file that exists when you install the application)
The file includes the name of the application, the URL to start the application, the icon, the color of the background screen, and the way the application runs)
Selections
E-mail, name, phone number, place of purchase, date of purchase, contact details
※ The company does not collect sensitive information that may seriously infringe on the privacy of users.
(2) Personal Information Collection Item 3
The company collects personal information in the following ways.
i. Mandatory items: service execution, automatic collection when used
ii. Selections: Collects when users inquire through the 'mail forwarding' function
※ When a user installs the WaveWear EMS application, the company automatically collects terminal information, service usage records, and application information. If the above basic information is denied, service use may be restricted.
2. Purpose of collection and use of personal information
The company processes personal information for the following purposes.
Goal
Service delivery
Provides optimized services and content to users,
Forwarding configuration information according to the country and version of the device,
Customer-customized consultations, customer complaints received and processed, records kept for dispute settlement,
Delivery of Notice
Statistical analysis and service improvement and new service research and development
Service improvement, R&D, and service utilization performance analysis
Improve bugs with error analysis
Analyzing delivered errors and correcting and remediating problems in new versions
Used for marketing and advertising
Planning services and events that meet user interests,
Provide event and advertising information and opportunities to participate,
Customer survey for satisfaction survey,
New Product or Service Guide
3. Period of retention and use of personal information
In principle, the company destroys the personal information without delay after the purpose of collecting and using it has been achieved.
However, if it is necessary to preserve it according to the provisions of the relevant laws and regulations, the company keeps personal information for a certain period of time as set forth in the relevant laws and regulations as follows. In this case, the company transfers the information to a separate database (DB) or stores it in a different place.
Retained items
holding period
legal basis
Records on withdrawal of contracts or subscriptions, etc
Five years
Act on Consumer Protection in Electronic Commerce, etc
Records on payment and supply of goods, etc
Five years
Act on Consumer Protection in Electronic Commerce, etc
Records on consumer complaints or dispute handling
Three years
Act on Consumer Protection in Electronic Commerce, etc
Records on the collection/processing and use of credit information
Three years
Act on the Use and Protection of Credit Information
a record of display/advertisement
Six months
Act on Consumer Protection in Electronic Commerce, etc
User's log record / User's access tracking data and other communication fact confirmation data
3 months / 12 months
Communications Secret Protection Act
4. Provision of personal information to third parties
In principle, the company does not provide the user's personal information to the outside world. However, exceptions are made in the following cases.
(1) Where an investigative agency is requested in accordance with the procedures and methods prescribed in the Act for the purpose of investigation in accordance with the provisions of the Act
(2) Where it is necessary for the settlement of charges due to the provision of paid services
(3) Where a particular individual is processed and provided in an unidentifiable form for statistics preparation, academic research, and market research
(4) If the user has agreed in advance
5. Procedures for destroying personal information and methods of destroying it
The procedure for destroying personal information and the method of destroying it are as follows.
(1) Reversal Procedure: After the purpose is achieved, the user's personal information is transferred to a separate DB (a separate documentary box in the case of paper) and stored for a certain period of time in accordance with internal policies and other relevant laws and regulations (refer to "6. Period of retention and use of personal information") before being destroyed. Personal information transferred to a separate DB shall not be used for any purpose other than the purpose held except by law.
(2) Destruction Method: The company deletes the stored personal information in the form of an electronic file using a technical method that cannot play records. The personal information printed on the paper is destroyed through pulverization or incineration.
6. Rights of users and legal representatives and methods of exercising them
(1) The user and the legal representative may at any time request permission to view, correct, delete, suspend processing, or withdraw consent to the following matters in relation to the registered personal information of the user himself or a person under the age of 14.
i. Personal information held by the Company: See "1. Items and Methods of Collection of Personal Information".
ii. Current status of using or providing personal information to a third party: Refer to "2. Purpose of collecting and using personal information" and "4. Providing personal information to a third party."
iii. Status of users agreeing to the company's collection, use, and provision of personal information
To this end, you can use the representative telephone (070-4044-7331) or contact the person in charge of personal information protection by writing, e-mail, or fax.
(2) The company may refuse to view, correct, or delete all or part of its personal information in the following cases.
i. Where access is prohibited or restricted by law
ii. Where there is a risk of harming the life or body of another person or unreasonably infringing on the property and other interests of another person
(3) The company processes personal information deleted or suspended from processing at the request of the user or legal representative as specified in "3. Period of retention and use of personal information" and makes it impossible to view or use it for any other purpose.
(4) Users must accurately enter their personal information in the latest state. The user is responsible for the accident caused by the inaccurate information entered by the user, and entering false information such as theft of other person's information may limit the use of the service.
(5) Users have not only the right to protect their personal information, but also the obligation to protect themselves and not infringe on the information of others. Please be careful not to leak the user's personal information and be careful not to damage the personal information of others. If you fail to fulfill such responsibilities and damage the information and dignity of others, you may be punished under the Act on Promotion of Information and Communication Network Utilization, Information Protection, etc.
7. Technical and administrative measures to protect personal information
The company takes the following technical and administrative measures to ensure safety so that personal information is not lost, stolen, leaked, tampered with or damaged when processing users' personal information.
(1) Establishment and implementation of an internal management plan
i. Establish and implement an internal management plan to safely process personal information.
ii. Check the implementation of personal information protection measures and compliance with the person in charge of business through an organization dedicated to personal information protection, etc., and take action to correct any problem immediately.
(2) Installation and operation of access control devices
i. We use the intrusion prevention system to control unauthorized access from outside, and we try to have all possible technical devices to secure the security of the system.
(3) Measures to prevent falsification and falsification of access records
i. It stores and manages records accessed to the personal information processing system, and uses security functions to prevent forgery and tampering of access records.
(4) encryption of personal information
i. Your personal information is protected by a password, which encrypts or uses a file lock feature when keeping files. In addition, transmitted data is encrypted, and sensitive data is protected by a separate security feature.
(5) Minimize and train personal information handling staff
i. Restrict users' access to personal information to those who directly deal with users, those who perform personal information management, such as personal information protection officers and managers, and others who are forced to handle personal information for business.
ii. Conduct regular in-house training on new security technologies and privacy obligations for employees handling personal information.
iii. Prevent leakage of information by people by having all employees complete a security protocol upon joining the company. It also has internal procedures to audit the implementation of privacy measures and compliance of employees.
8. Privacy Commissioner and Customer Support Department
In order to protect users' personal information and deal with complaints related to personal information, the company designates the department in charge and the person in charge of personal information protection as follows.
(1) Customer Support Department
Customer Support Department: Wave Company Customer Center
Contact point: 070-4044-7331, 02-481-8178 (FAX)
문의처 : info@wavecompany.net
(2) Privacy officer and privacy department
Personal Information Protection Officer: Kim Dae-joon
Personal Information Protection Department: Wave Company Customer Center
Contact point: 070-4044-7331, 02-481-8178 (FAX)
문의처 : info@wavecompany.net
9. a remedy for infringement of rights and interests
In order to receive relief from personal information infringement, users may apply for dispute resolution or counseling to the Personal Information Dispute Mediation Committee, the Personal Information Infringement Reporting Center of the Korea Internet & Security Agency, etc. For other reports and counseling of personal information infringement, please contact the following agencies.
(1) Personal Information Dispute Mediation Committee: (without country code) 1833-6972 (www.kopico.go.kr )
(2) Personal Information Infringement Reporting Center: (without country code) 118 (privacy.kisa.or.kr )
(3) Supreme Prosecutors' Office: 1301 (www.spo.go.kr )
(4) National Police Agency: 182 (cyberbureau.police.go.kr )
Date of implementation of the personal information processing policy: September 1, 2021