Privacy policy
AIPARK CO.,LTD (https://www.aivatar.ai/en) (hereinafter referred to as "AiVATAR") establishes and discloses the following privacy policy in accordance with Article 30 of the Personal Information Protection Act to protect the personal information of the information subject and to promptly and smoothly handle grievances related thereto.
○ This privacy policy will be effective from 31 August 2023.
Article 1 (Purpose of processing personal information)
AiVATAR processes personal information for the following purposes. The personal information processed will not be used for any other purpose than those listed, and if the purpose of use changes, we will take necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
Homepage membership and management: Personal information is processed for the purpose of confirming the intention to join, identifying and authenticating the person in accordance with the provision of membership services, maintaining and managing membership, preventing unauthorised use of services, providing various notices and notifications, and handling grievances.
Handling of civil affairs : we process personal information to verify the identity of the complainant, investigate the complaint, contact and notify the complainant of the findings, and inform them of the outcome of the process.
Providing goods or services : We process personal information for the purpose of providing services, sending contracts and invoices, providing content, providing personalised services, identification, and payment and settlement.
For marketing and advertising: We process personal information for the purpose of developing new services (products) and providing customised services, providing event and advertising information and participation opportunities, providing services and placing advertisements according to demographic characteristics, verifying the validity of services, identifying access frequency or statistics on members' use of services.
Article 2 (Processing and retention period of personal information)
AiVATAR processes and retains personal information in compliance with applicable laws and regulations, as well as the agreed-upon retention period specified when collecting the information from the data subject, or until the purpose of processing the personal information is achieved.
-
Examples of when AiVATAR retains Personal Data in accordance with applicable laws and regulations, and for how long, are as follows.
-
Retention period of service visit records: 3 months 「Protection of Communications Secrets Act」
-
Retention period of records on display and advertisement in e-commerce: 6 months 「Act on Consumer Protection in Electronic Commerce, etc.」
-
Retention period of records on handling of consumer complaints or disputes in e-commerce, etc.: 3 years 「Act on Consumer Protection in Electronic Commerce, etc.」
-
Retention period of records on contracts or withdrawal of subscriptions, payments and goods in e-commerce: 5 years 「Act on Consumer Protection in Electronic Commerce, etc.」
-
Retention period of books and invoices or receipts: 5 years 「National Tax Act」, 「Value Added Tax Act」
-
Article 3 (Items of Personal Data Processed)
① AiVATAR processes the following personal data.
-
signing up and management on the homepage
Name, date of birth, password, email, company name, department, job title, phone number
-
Handling of civil affairs
Other information required to process the complaint and provided by the data subject, including name, login ID, email, payment history, access IP information, cookies, access logs, service usage history, bank account information and credit card information.
-
Providing goods or services
Name, login ID, email, payment history, access IP information, cookies, access logs, service usage history, bank account information, credit card information
Article 4 (Outsourcing of Personal Information Processing)
① AiVATAR entrusts personal information processing services (overseas) as follows to ensure smooth personal information processing.
-
Managing address book and sending emails
Person entrusted (trustee): Stibee
What we outsource : Managing address book and sending emails
-
Creating a customer database of those who have signed up for or enquired about service.
Person entrusted (trustee) : HubSpot Inc.
Personal information transferred: name, email, company, department, job title, phone number
Country to which personal data is transferred : USA (25 First Street, 2nd Floor Cambridge, MA 02141 USA)
When and how we transfer your personal information : We transfer your personal information online as soon as we collect it and will notify you of any updates if your personal information changes in the future.
Contact the Data Protection Officer : privacy@hubspot.com
Period of retention and use by the person to whom the personal information is transferred: The minimum period necessary to achieve the above purposes
Methods and procedures for opting out of the transfer of personal information and the effects of opting out of the transfer of personal information : If you do not want us to transfer your personal information, you can opt out by contacting us at admin@aipark.ai. Please note that opting out may limit your ability to receive further information about our services in the future. Please note that opting out may limit your ability to receive further information about our services in the future. Please be aware that if you choose not to proceed with the transfer, you may not receive any further information about our services in the future.
② In compliance with Article 26 of the 「Personal Information Protection Act」, AiVATAR specifies in consignment contracts that personal information may only be processed for the purpose of performing consignment work. The contracts also include technical and administrative protection measures, restrictions on re-consignment, management and supervision of the consignee, and responsibilities such as compensation for damages. AiVATAR supervises the consignee's safe handling of personal information.
③ If the contents of the consignment work or the consignee change, we will disclose it through this privacy policy without delay.
Article 5 (Procedure and method of destruction of personal information)
① AiVATAR promptly deletes personal information when it is no longer needed, such as when the retention period expires or the processing purpose is achieved.
② The process and methods for destroying personal information are as follows.
-
Destruction Procedure: AiVATAR will select the personal information that requires destruction and will destroy it with the approval of the personal information protection officer of AiVATAR.
-
Destruction method: : Personal information printed on paper will be destroyed by shredding or incineration. Information in the form of electronic files will be destroyed using technical methods that prevent the records from being reproduced.
Article 6 (Rights and obligations of information subjects and legal representatives and how to exercise them)
① The information subject may exercise the right to view, correct, delete, or suspend the processing of personal information, withdraw consent to the collection, use, and provision of personal information, and request the transfer of personal information at any time to AiVATAR within the scope of the Personal Information Protection Act, and the right of the information subject to automated decisions.
② The exercise of the rights under Paragraph 1 may be made to AiVATAR in writing, e-mail, facsimile transmission (FAX), etc. in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and AiVATAR will take action without delay.
③ The rights under Paragraph 1 may be exercised through a representative, such as the legal representative of the information subject or a person authorised by him/her. In this case, you must submit a power of attorney in the form of Annex 11 of the "Notice on Personal Information Processing Methods".
④ Requests to suspend access to and processing of personal information may be subject to restrictions on the rights of the information subject pursuant to Article 35 (4) and Article 37 (2) of the 「Personal Information Protection Act」.
⑤ A request for the correction or deletion of personal information cannot be made if the personal information is specified as the subject of collection under another law.
⑥ AiVATAR will verify that the person making the request, such as a request for access in accordance with the rights of the information subject, a request for correction or deletion, or a request for suspension of processing, is the person or a legitimate representative.
Article 7 (Measures to ensure the safety of personal information)
AiVATAR takes the following measures to ensure the safety of personal information.
-
Establishment and implementation of an internal management plan: We have established and implemented an internal management plan to ensure the secure processing of personal data.
-
Minimisation and training of staff handling personal information: We have implemented measures to manage personal information by designating and limiting the number of employees who handle personal information to those in charge.
-
Regular self-audits: We conduct regular (quarterly) self-audits to ensure the reliability of our handling of personal information.
-
Restriction of access to personal information : We take necessary measures to control access to personal information by granting, changing, and cancelling access rights to the database system that processes personal information, and control unauthorised access from the outside using an intrusion prevention system.
-
Retention of access records and prevention of falsification: We keep and manage records of access to the personal information processing system for at least one year, but if we add personal information about 50,000 or more information subjects or process uniquely identifiable or sensitive information, we keep and manage it for at least two years. We also use security features to prevent access records from being falsified, stolen, or lost.
-
Encryption of personal information: User's personal information is stored and managed with encrypted passwords so that only you can know it, and for sensitive data, we use separate security features such as encrypting file and transmission data or using the file lock function.
-
Technical measures against hacking, etc: AiVATAR installs and periodically updates and inspects security programs to prevent leakage and damage of personal information due to hacking or computer viruses, and installs systems in areas with controlled access from the outside and monitors and blocks them technically and physically.
-
Controlling access to unauthorised persons: We have separate physical storage locations for personal information and have established and operated access control procedures for them.
-
Use locks to secure documents: Documents, secondary storage media, etc. containing personal information are stored in a secure location with a lock.
Article 8 (Installation and operation of devices that automatically collect personal information and rejection thereof)
① AiVATAR uses "cookies" to store and retrieve usage information from time to time in order to provide users with individually tailored services.
② A cookie is a small amount of information sent to a user's computer browser by the server (http) used to run a website and is stored on the hard disk of the user's PC computer.
a. Purpose of using Cookies : To provide optimised information to users by identifying the types of services and websites visited by users, popular search terms, secure access, etc.
b. Installation, operation and refusal of cookies: You can refuse to store cookies by setting the options in the Tools>Internet Options>Privacy menu at the top of your web browser.
c. If you refuse to store cookies, you may not be able to use our personalised services.
Article 9 (Collection, Use, Provision, and Refusal of Behavioural Information)
① AiVATAR collects and uses behavioral information in the process of using the service to provide customized services and benefits optimised for the information subject, online customized advertisements, etc.
② AiVATAR collects behavioural information as follows.
-
The items in the behavioral information : User's website visit history, search history
-
Method to collect behavioral information : Automatically collected when you visit a website, register or submit an enquiry
-
Purpose to collect behavioral information : Personalised product recommendations based on your interests and preferences
-
Method to process data during and after the retention period:
-
Personalised product recommendations based on user’s interests and preferences
③ AiVATAR allows the following online personalised advertising providers to collect and process behavioural information.
-
Advertising operators who want to collect and process behavioural information : Google
-
Method to collect behavioral information : Automatically collected and sent when user visit our website or launch our app
-
The items in the behavioral information collected and processed: User's web/app visit history, search history, purchase history
④ AiVATAR collects only the minimum behavioural information necessary for online personalised advertising, etc. and does not collect sensitive behavioural information that may clearly infringe on the rights, interests or privacy of individuals, such as ideas, beliefs, family and kinship relationships, education, medical history, and other social activities.
⑤ AiVATAR does not collect behavioural information for personalised advertising purposes from children we know are under the age of 14, or from online services whose primary users are children under the age of 14, and we do not serve personalised advertising to children we know are under the age of 14.
⑥ AiVATAR collects and uses advertising identifiers for online personalised advertising in its mobile apps. Data subjects can block or allow personalised advertising in the App by changing the settings on their mobile device.
‣ Block/allow ad identifiers on smartphones
(1) (Android) ① Settings → ② Privacy → ③ Ads → ③ Reset Ad ID or delete Ad ID
(2) (iPhone) ① Settings → ② Privacy → ③ Tracking → ④ Turn off Allow apps to request tracking
※ Depending on your mobile OS version, the menu and method may differ slightly.
⑦ The information subjects can block or allow online personalised advertising by changing their web browser's cookie settings at once. However, changing the cookie settings may affect the use of some services, such as automatic login to the website.
‣ Block/allow personalised ads through web browser
(1) Internet Explorer (Internet Explorer 11 for Windows 10)
-
In Internet Explorer, select the Tools button and then select Internet Options
-
Select the Privacy tab, select Advanced in Settings, and then select Block or allow cookies
(2) Microsoft Edge
-
In Edge, click the top-right "..." mark, then click Settings.
-
Click "Privacy, search, and services" on the left-hand side of the Settings page, then select "Do not track" in the 「Do not track」 section and choose whether and at what level.
-
Select 'Always use ""strict"" tracking protection when searching for InPrivate'.
-
In the 「Privacy」 section below, select whether you want to "send a Do Not Track request" or not.
(3) Chrome browser
-
In Chrome, click the top-right '⋮' sign (customise and control chrome), then click Show settings.
-
On the Settings page, in the 「Privacy and security」 section, click Third-party cookies.
-
Under Default behaviour, select the checkbox for 'Block third-party cookies'.
⑧ The information subjects can contact us to ask questions about the Behavioural Data, exercise their right to object, or file a complaint.
-
Privacy Officer
-
Department : Strategic Planning Team
-
Accountants : Seonho Lee
-
Contact : +82-2-6925-6028, admin@aipark.ai
-
Article 10 (Criteria for additional use and additional provision)
In accordance with Articles 15(3) and 17(4) of the Personal Information Protection Act, AiVATAR may additionally use and provide personal information without the consent of the information subject in consideration of Article 14(2) of the Enforcement Decree of the Personal Information Protection Act. Accordingly, in order for AiVATAR to make additional use and provision without the consent of the information subject, the following points have been considered.
▶ Whether the purposes for which the personal information is to be further used or provided are related to the purposes for which it was originally collected.
▶ Whether the additional use or provision is foreseeable in light of the circumstances under which the personal information was collected or the processing practices.
▶ Whether the additional use or provision of personal information unreasonably prejudices the interests of the data subject.
▶ Whether necessary measures have been taken to ensure safety, such as pseudonymisation or encryption.
Article 11 (Privacy Officer)
① AiVATAR has designated a person in charge of personal information protection as follows to take overall responsibility for the processing of personal information and to handle complaints and damage relief from information subjects related to the processing of personal information.
▶ Privacy Officer
-
Name :Chulmin Park
-
Title :CEO
-
Contact : +82-2-6925-6028 , admin@aipark.ai
※ You'll be directed to the Privacy Department.
② The information subject may contact the person in charge of personal information protection and the department in charge for all personal information protection-related inquiries, complaints, damage relief, etc. arising from the use of AiVATAR's services (or business). AiVATAR will respond to and handle inquiries from information subjects without delay.
Article 12 (Department to receive and process requests for access to personal information)
A information subject may make a request for access to personal information pursuant to Article 35 of the 「Personal Information Protection Act」 to the following departments. AiVATAR will endeavour to promptly process the information subject's request for access to personal information.
▶ Department to receive and process requests for access to personal information
-
Department : Strategic Planning Team
-
Accountants : Seonho Lee
-
Contact : +82-2-6925-6028, admin@aipark.ai
Article 13 (Remedies for infringement of rights and interests of information subjects
Information subjects may apply for dispute resolution or consultation with the Personal Information Dispute Mediation Committee or the Korea Internet & Security Agency's Personal Information Infringement Reporting Centre to obtain relief from personal information infringement. In addition, please contact the following organisations for reporting and consultation on other personal information infringements.
-
Personal Information Dispute Mediation Committee: (without area code) +82-1833-6972 (www.kopico.go.kr)
-
Personal Information Infringement Reporting Centre: (without area code) +82-118 (https://privacy.kisa.or.kr/)
-
Supreme Prosecutors' Office: (without area code) +82-1301 (www.spo.go.kr)
-
National Police Agency: (without area code) +82-182 (https://ecrm.police.go.kr/)
A person whose rights or interests have been infringed upon by a disposition or omission made by the head of a public institution in response to a request pursuant to the provisions of Articles 35 (Access to Personal Information), 36 (Correction and Deletion of Personal Information), and 37 (Suspension of Processing of Personal Information) of the 「Personal Information Protection Act」 may file an administrative appeal in accordance with the Administrative Appeals Act.
※ For more information about administrative appeals, please visit the Central Administrative Appeals Board's website at www.simpan.go.kr.
Article 14 (Changes to the Privacy Policy)
① This Privacy Policy is effective from 31 August 2023.