Privacy Policy
Rich & Company
values users’ personal information and abides by relevant laws and
regulations that information and communication service providers must comply
with. The processing of this personal information applies to Time Mango (hereinafter
referred to as the service), including the following.
Article 1 (Data and collection methods of
personal information collected)
1. Data to collect personal information
The company
collects the following personal information to provide services.
a. After registering as a member, you can easily
log in with social media. [For example, login with Google account]
b. When using the service, we will collect GPS
intelligence to provide accurate weather information
c. When using the service, we will collect IP connection
information for user management and sanctions
d. When using the service, we will collect
terminal type, operating system, service deployment version, account
information, email address, etc. to correct some technical errors
2. How to collect personal information
The company
collects personal information in the following ways:
a. Mobile apps, emails, events
b. Collect information from partner companies
through partnerships and cooperation
c. Collect relevant information when creating an
account
Article 2 (Purpose
of Collection and Use of Personal Information)
The company only
collects the minimum personal information used to provide services for the
following purposes and uses the collected information for other purposes. We
will not arbitrarily disclose it without the user's consent and provide it to
third parties.
1. Perform contracts related to the provision of
services and performance of service functions
2. Member management: used to provide member
services related to identity verification, personal identity confirmation,
confirmation of intent to join, prevention of violations of the terms of use
and prevention of unauthorized use of bad members, handling of complaints,
delivery of notifications, etc.
3. Develop new services and use marketing
advertising: develop new services and customized services, provide services
based on statistical characteristics and advertising locations, service
verification, events, provide advertising information and participate in
providing opportunities, understand connection frequency, membership service
usage statistics
4. Collection and utilization of cause
investigation and handling in the event of an accident
Article 3
(Restrictions on Disclosure and Provision of Personal Information to Third
Parties)
In principle, the
company uses the user's personal information within the scope notified in
"Article 2 (Purpose of Collection and Use of Personal Information)” and
uses the user's personal information beyond the same scope without the user's
prior consent. We will not disclose the personal information of users to the
outside world. However, the following cases are excluded.
1. When the user agrees in advance
2. A request by the investigative agency to
investigate under laws and regulations or the procedures and methods prescribed
by laws and regulations.
3. Other procedures required by relevant laws and
regulations
However, in
principle, if relevant laws provide information or notify all parties of
exceptions at the request of the investigating agency. Even if we are forced to
issue a notice due to legal reasons, we will do our best to protect and do our
best to maintain the purpose of using.
Article 4
(Entrusted processing of personal information)
1. The company can outsource the processing of
personal information to others in order to achieve a smooth and complete
service. In this case, the company will notify users of all the following
matters in advance and obtain their consent. The same applies when changing any
of the following data.
a. The person who accepts the processing request
of personal information
b. Outsource business content to personal
information processing
2. The company fulfills the contract to provide
information and communication services, and when necessary, clarifies each data
in Lane 1 according to the personal information processing policy to improve
the convenience of users. In this way, you can outsource the processing of
personal information to another person without performing notification
procedures and consent procedures.
3. The company outsources the following
business-related to personal information processing and takes necessary
measures to ensure the safe management of personal information in outsourcing
contracts under relevant laws and regulations. The company will consider the
trustee's ability to protect personal information when signing a consignment
contract, and regularly confirm whether it will fulfill the trustee's
obligations, such as safety management and destruction of personal information.
In addition, the information to be outsourced is limited to the minimum
information required to provide a smooth service.
[When personal
information processing is outsourced to foreign manufacturers for use]
1.
Contractor:
Amazon, purpose: save member data, country/region: South Korea, method: save
the member information entered by the user when registering in AWS, save data:
nickname/email/login link, Google ID information retention period: Until the
membership is canceled, or the service is terminated.
Article 5 (Right
of consent in case of refusal and right of the adverse notice)
Members have the
right to refuse to agree to the collection and use of personal information.
However, if you refuse to agree to the collection and use of the minimum
personal information necessary for the conclusion and performance of the
contract, there are disadvantages such as inability to use the service or delay
in processing operations.
In addition, if you refuse to agree to the collection/use and/or
selective collection/use of personal information for marketing activities and
public relations, you may not be able to obtain information about activities,
provide gifts and promotional materials, and provide collaborative services,
such as The disadvantages of using discount
applications and not being able to earn points.
In addition to the terms of the agreement, if the member agrees
otherwise, we can collect and use personal information, and if the member
agrees, we can provide personal information to a third party.
Article 6
(Retention and Use Period of Personal Information)
1. In principle, the company retains and uses the
user's personal information within the time promised and announced, and if the
purpose of collecting and using personal information is achieved, or if the
user is required to destroy the personal information, it will immediately
destroy it without hesitation. However, due to the following reasons, the
following information will be retained for the specified time.
a. Keep the information under the company's
internal policies
• If an investigation/investigation is conducted
due to violation of relevant laws and regulations until the
investigation/investigation is completed.
• The credit relationship related to service use
continues until settlement
• For information based on unauthorized use, up
to one year from the membership withdrawal
b. Retention of information by relevant laws and
regulations
Regulations |
Purpose |
Data |
Retention Period |
Communication
Secret Protection Act |
Provided by
court order according to the request of the investigating agency |
Service access
records, IP, etc. |
3 months |
Consumer
protection laws in e-commerce, etc. |
Proof of
transaction, consumer protection |
Keep contract or
purchase withdrawal records |
5 years |
Consumer
protection laws in e-commerce, etc. |
Proof of
transaction, consumer protection |
Keep records
about payments and supplies, etc. |
5 years |
Consumer
protection laws in e-commerce, etc. |
Consumer
processing, contact certification, consumer protection |
Keep records of
consumer complaints or dispute resolution |
3 years |
Consumer
protection laws in e-commerce, etc. |
Protect
consumers |
Logo/Advertising
Record |
6 months |
Location
information protection and use |
Confirm
collection, use, and provision of location information |
Keep records of personal
location information |
6 months |
2. Starting from October 12, 2020, for users who
have not used the company’s services for about a year, we will notify users in
advance under Article 29 of the Law on Promoting the Use of Information and
Communication Networks and Information Protection. Destroy personal
information, store and manage it separately. If requested by the user, the
above deadline can be set separately. However, if it is necessary to store the
user’s personal information under the “Communication Secrets Protection Act”
and the “Consumer Protection Act” such as e-commerce and other relevant laws
and regulations, the user’s personal information will be stored for a fixed
period specified by the relevant laws and regulations.
3. When the company is destroyed or otherwise
disposed of within 30 days before the expiration date of the data (2) and the
personal information data, we will notify the user in advance by email or other
means. For this, the user must contact the company provides correct contact
information.
Article 7
(Procedures and Methods for Destroying Personal Information)
In principle, when
the purpose of processing personal information is achieved, the company will
immediately destroy personal information. The procedures and methods of
destruction are as follows.
1. Discard procedure
· After the purpose is achieved, the user's
personal information will be transferred to another database (if it is paper,
it will be stored in a separate file box) and will remain unchanged under
internal policies and other relevant laws and regulations (see retention and
use period). After being stored for a while, it will be destroyed. Unless
required by law, personal information will not be used for other purposes for
retention.
2. How to discard
· Information in electronic file format is
deleted using technical methods that cannot be copied and recorded.
· The personal information printed on the paper
will be shredded or incinerated and destroyed by the shredder.
Article 8 (The
rights and obligations of members and legal representatives and how to exercise
them)
You or your legal
representative can exercise any rights related to the protection of your
personal information or children under the age of 14 in the company at any
time. If the user or legal representative does not agree to the processing of
the company's personal information, he/she can request withdrawal of consent or
withdrawal of membership. However, it may be difficult to use some or all of
the services in this case.
1.
Click
on "Personal Information" (or "Change Member Information",
etc.) to withdraw from the membership, please go to the App and click withdraw
from the membership.
2.
If
you contact the person in charge of management via email, we will take immediate
action.
3.
If
the user requests to correct an error in the personal information, the personal
information will not be used or provided until the correction is completed. In
addition, if incorrect personal information has been provided to a third party,
the result of the correction will be immediately notified to the third party
and the correction will be made.
4.
The
company will process the canceled or deleted personal information at the
request of the user or legal representative under the instructions in "Article
6 Retention and Use Period of Personal Information" to prevent it from
being viewed or used for other purposes.
Article 9
(Regarding the installation/operation of the automatic personal information
collection device and its rejection)
[Online customized
advertising service]
1. Collect advertising identifiers when using
mobile apps
The company will
collect your ADID/IDFA. ADID / IDFA will identify users through applications,
provide users with customized services, measure them, and provide customized advertisements.
•How to refuse
Example) Android:
Settings -> Google (Google Settings) -> Advertising -> Deselect
advertising optimization (custom)
iOS: Settings→Personal Information Protection→Ads→Ad
Tracking Limit
2. Online customized advertising services
The company allows
the collection of the following online customized advertisers and advertising
identifiers and behavioral information.
a. Advertisers who collect and process behavioral
information:
AdColony, AdCrony, AdExchange, AdFit, AdMob, AdPie, AdView,
Appier, AppLovin, BatMobi, Cauly, Dawin, DU, Facebook, Facebook(Open
Bidding), Five, Fyber, IronSource,
MobFox, Mobon, Mobpower, Mobvista, Mopup, PubNative, Smaato, TAM, TNK, UnityAds, Vungle, YeahMobi, YouAppi, ZPLAY Ads, etc...
b. Behavioral information collection method: When
users execute our application, it will be automatically collected and
transmitted
Article 10
(Technical/Administrative Protection Measures for Personal Information)
In order to ensure
security, the company is taking the following technical/administrative
protection measures to ensure that personal information will not be lost,
stolen, leaked, altered, or damaged when processing users' personal
information.
1.
Encryption
of personal information
User passwords are
stored and managed through one-way encryption, and only those who know the
password can confirm and change personal information. Personal information (for
example, resident registration number, alien registration number, bank account
number, and credit card number) is encrypted and stored, and managed through a
secure encryption algorithm.
2.
Countermeasures
to prevent hacking, etc.
The company runs
an intrusion detection and intrusion prevention system 24 hours a day to
prevent the disclosure of users' personal information due to intrusion into
company information and communication networks (such as hackers). In order to
deal with emergencies, all intrusion detection systems and intrusion prevention
systems operate in redundant configurations, and sensitive personal information
can be safely transmitted over the network through encrypted communications.
3.
Minimize
and train personal information processing personnel
The company limits
the company's personal information processing personnel to a minimum and
recognizes the importance of protecting personal information through
administrative measures such as training personal information processing
personnel.
4.
Operation
of the department responsible for the protection of personal information
The company has a
department dedicated to protecting personal information to effectively protect
personal information and strives to quickly correct any problems by checking
the compliance of personal information processing policies and personal
information processing procedures.
Article 11 (Contact
information of the person in charge of personal information management and the
person in charge)
You can report all
personal information protection-related complaints caused by using the
company's services to the person in charge of personal information management
or the competent department. The company will provide timely and adequate
answers to members' reports.
[Personal Information Manager]
· Name: Taeyong Choi
· Affiliation: Rich & Company
· ·Position: Personal Information Manager
· ·Mail: all@timemango.com
If you need to
report or consult about other personal information infringements, please
contact the following organizations.
· ·Personal Information Dispute Mediation
Committee (http://www.kopico.go.kr/ without area code 118)
· ·Personal information infringement reporting
center (http://privacy.kisa.or.kr/ without area code 118)
· ·Cybercrime Investigation Team of the Supreme
Prosecutor’s Office (http://www.spo.go.kr/ 02-3480-2000)
· ·National Police Agency Cyber Terror
Response Center (http://cyberbureau.police.go.kr/ without area code 182)
Article 12
(Disputes and Litigation)
All disputes and
litigation related to this agreement shall be settled by the Seoul Central
District Court as the competent court under Korean law.
Article 13
(Others)
The company may
provide users with links to other websites. However, this "Personal
Information Processing Policy" does not apply to the collection of
personal information by linked websites
Article 14
(Notification Obligation)
If there are any
changes to the personal information processing policy, the company will notify
you via in-app notification, website notification or email at least 7 days
before the revised privacy policy takes effect.
Supplementary
Provisions
The current
personal information processing policy may be changed according to government
policies or company needs. If any addition, deletion, or modification of the
content is made, it will be notified in advance via the website or email 7 days
before the implementation, and if it is difficult to notify in advance, it will
be notified immediately. This policy will take effect from the date of
notification. However, if important matters such as the purpose of collecting
and using personal information and the purpose of providing it to a third party
are added, deleted, or modified, it will be notified 30 days in advance and
implemented after 30 days. In addition, if the customer is required to obtain
the customer’s personal consent under relevant laws (such as the "Act to Promote
the Use of Information and Communication Networks and Information
Protection" (such as the collection and use of personal information and
the provision of information to third parties), the company shall comply with
the relevant laws and regulations and obtain the customer’s personal consent.
Privacy policy
version number: v.1.0
Announcement date:
October 12, 2020
Effective date:
October 12, 2020