Privacy Policy

CatchItPlay Privacy Policy

 

This Privacy Policy (the “Policy”) sets forth CatchItPlay Inc.’s (the “Company”) use (and the method of such use) of personal information provided by users, as well as the measures the Company takes in protecting such personal information, as follows.

1.     Personal Information Collected and Collection Method

2.     Purpose of Collection and Use of Personal Information

3.     Retention and Use Period of Personal Information

4.     Method and Procedures for Destruction of Personal Information

5.     Providing and Sharing Personal Information

6.     Consignment of Collected Personal Information

7.     Rights of Users and Legal Representatives and How They are Exercised

8.     Installation, Operation, and Rejection of the Automatic Collection of Personal Information

9.     Technological and Administrative Protection Measures for Personal Information

10.  Civil Service Related to Personal Information

11.  Linked Sites

12.  Miscellaneous

<General>

1)    The Company is using its best efforts to provide smooth and convenient services. The Company takes measures for the protection of user’s personal information in compliance with the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. (the “Information Network Act”) and the Personal Information Protection Act, among other applicable laws and regulations related to the protection of personal information.

2)    The Policy is displayed on the first page of the Company’s website (www.catchitplay.com) (the “Website”) for the user’s ease of reference.

3)    The Policy is subject to change pursuant to changes in the applicable laws or regulations or changes in the Company’s internal policy. When such change is made, the Company will immediately notify the change and the reason for such change through the Website.

l  The term “personal information” means information pertaining to a living individual, which identifies a specific person with a name, a national identification number, or similar information in the form of a code, letters, voice, sound, motion picture, or any other form (including information that makes it impracticable to identify a specific person by itself, but that enables one to identify such person easily if combined with other information).

l  The Company will use personal information within the scope notified in “1. Personal Information Collected and Collection Method” and “2. Purpose of Collection and Use of Personal Information.” The Company will seek users’ consent in the event of any use outside of such scope or any change in such scope. The same applies for changes in the retention and use period of personal information or the provision or consignment of handling personal information to a third party; users will be informed about major changes and their consent will be obtained through internet websites, telephone, e-mail, etc. However, the Company may provide notice to users without their consent when certain legal exceptions apply, such as “if it is necessary to provide the service by contract with the user and it is difficult to obtain consent,” “when necessary for settlement of charges” or “when special provisions in other laws apply”.

 

1.     Personal Information Collected and Collection Method

1)    When a user uses the service, the following personal information of the user may be collected.

l  Method of collection: mobile, e-mail, written document, telephone

l  Information collected: ID, password, nickname, gender, age, profile photo, e-mail address, name, mobile phone number, carrier information, device information (ID, model name, OS type and version), app use and access record, authentication record, transaction record, date and time of access record, service abuse record, address, voice information, service use record (correct and wrong answer rate, etc.)

 

2.     Purpose of Collection and Use of Personal Information

The purpose of collection and use of personal information collected by the Company is as follows.

1)    Member management

l  Personal identification for use of service: ID, e-mail address, password

l  Complaint management: ID, e-mail address, mobile phone number, name

2)    Performance of contracts for the provision of services and settlement of fees

l  Provision of content: ID, password, nickname, gender, age, profile photo, e-mail address, name, mobile phone number, carrier information, device information (ID, model name, OS type and version), app use and access record, authentication record, transaction record, date and time of access record, service abuse record

l  Use of paid information and payment: transaction record

3)    Use in events and marketing

l  Events: name, e-mail address, mobile phone number, address

l  Marketing: carrier information, device information, app use and access record, service abuse record

4)    Provision to third parties

l  Use in third party marketing or product development: age, gender, location, voice information, app use and access record, authentication record, transaction record, service usage record

 

3.     Retention and Use Period of Personal Information

1)    In principle, after the purpose of collecting and using personal information is achieved, the Company will immediately destroy such information. However, the following information will be retained for the “retention period” for the reasons specified under “retention grounds”.

l  Retained information: ID, password, nickname, gender, age, profile photo, e-mail address, name, mobile phone number, app use and access record, transaction record, service abuse record

l  Retention grounds: to resolve consumer dissatisfaction or disputes when a user withdraw membership

l  Retention period: 30 days

2)    If necessary pursuant to the Commercial Code or other applicable laws and regulations related to consumer protection in e-commerce, the Company may retain personal information for a period exceeding the periods set forth in such laws or regulations. In such case, the Company will retain such personal information only according to the purpose for which they are retained for the “retention period” and for the reasons specified in “retention grounds”.

l  Record of withdrawal from agreement or subscription

                            i.          Retention grounds: applicable laws and regulations related to consumer protection in e-commerce

                          ii.          Retention period: 5 years

l  Record of payment and supply of goods, etc.

                            i.          Retention grounds: applicable laws and regulations related to consumer protection in e-commerce

                          ii.          Retention period: 5 years

l  Records of consumer complaints or disputes

                            i.          Retention grounds: applicable laws and regulations related to consumer protection in e-commerce

                          ii.          Retention period: 3 years

 

4.     Method and Procedures for Destruction of Personal Information

In principle, after the purpose of collecting and using personal information is achieved, the Company will immediately destroy such information. The method and procedures of destruction is as follows:

l  Destruction procedure

After retaining personal information during the retention period according to the retention grounds, the Company destroys it in a manner where it cannot be restored.

l  Destruction method

                            i.          Personal information stored in electronic file format is deleted using a technical method where such records cannot be restored.

                          ii.          Personal information printed on paper is destroyed by a shredder.

 

5.     Providing and Sharing Personal Information

1)    In principle, the Company does not provide users’ personal information to third parties with the following exceptions:

l  When the user provides prior consent;

l  When it is necessary to settle payment for the providing of services;

l  When required by applicable laws related to information and communications, or when there is a request from an investigating agency for the purpose of investigation in accordance with the procedures and methods set forth in applicable law; or

l  If it is necessary for statistical purposes, academic research or market research, and is processed in a form in which a specific individual cannot be identified.

2)    The Company may, with the prior consent of the user, provide the user’s personal information to the following third party recipients, for payment or free of charge.

l  Third party recipients: [Kakao], [Samsung Electronics], [Naver], [Line], [SK Telecom], [KT], [LG], [Google], [Amazon], [Apple]

                            i.          Entities currently under a contractual relationship with the Company are included.

                          ii.          Any change in the third party recipients will be notified pursuant to the Policy from time to time.

l  Purpose of use of personal information received by third parties: [Promoting products and services, market research, service research and development, etc.]

l  Personal information provided: [e-mail address, age, gender, address, ID, voice information, service usage record]

l  Retention and use period of personal information of third party recipients: until the withdrawal of membership or the cancellation of the agreement with the third party recipient.

 

6.     Consignment of Collected Personal Information

The Company may consign the handling of personal information to external professional service providers to provide users with professional services.

l  Consignee: None

l  Consignment Services: complaint handling, customer support

 

7.     Rights of Users and Legal Representatives and How They are Exercised

1)    Users and users’ legal representatives may withdraw their consent to the collection of personal information via written notice, telephone, e-mail, etc. In such case, after the Company verifies the user’s identity, the Company will, except as otherwise provided by law, destroy such personal information or take any other necessary measures. If personal information is destroyed due to membership withdrawal, related information generated and accumulated by the user when using the company’s services may also be destroyed.

2)    In the event that a legal representative of a user visits the Company and requests access or a modification of personal information, the Company will verify whether the legal representative is duly authorized and may require the applicant to show proof of legal representation.

3)    In the event that the Company has justifiable reasons to refuse a request to access or modify the user’s personal information in whole or in part, the Company will notify the user without delay and explain the reasons for the rejection.

 

8.     Installation, Operation, and Rejection of the Automatic Collection of Personal Information

1)    In order to provide customized services tailored to the user, the Company utilizes ‘cookies’ (access information files), which store and retrieve information of members from time to time. The Company identifies members’ computers and mobile phones in connection with the operation of cookies but does not personally identify members.

2)    Users have the option to allow or disallow the use of cookies. You can choose to allow or disallow all cookies through the settings option on your mobile device. However, if you refuse to store all cookies, you may not be able to use the services provided by the Company through cookies.

 

9.     Technological and Administrative Protection Measures for Personal Information

1)    In handling personal information of users, the Company takes technical and administrative measures to ensure the security of personal information and prevent such information from being lost, stolen, leaked, altered or damaged.

l  Technological measures

                            i.          The personal information of users is encrypted and cannot be known except by the user, and the user’s personal information can be confirmed and changed only by the user’s request.

                          ii.          The Company securely transmits personal information over the network through encrypted communication.

                         iii.          The Company does its best to prevent personal information from being leaked or damaged by hacking or computer viruses.

                         iv.          The Company periodically backs up personal information in case of emergency and takes measures to prevent damage from computer viruses by using a vaccine program.

                          v.          The Company continuously strives to enhance security through measures such as access control, authority management, and vulnerability checks on the system.

l  Administrative measures

                            i.          The Company restricts access to users’ personal information to a minimal number of persons, as follows.

A.     Those who perform marketing, events, customer support, service operation, and delivery work directly to the user (including consignees and employees of partner companies).

B.     Persons in charge of personal information management and other personnel that handle personal information-related tasks.

C.     Those who are unavoidably required to handle personal information for business purposes.

                          ii.          The Company conducts regular training regarding personal information protection obligations for personnel that handle personal information.

                         iii.          The Company makes efforts to ensure that the department in charge of personal information protection is in compliance with the Policy and internal regulations, and if an issue is discovered, to rectify the issue immediately.

                         iv.          The Company is not responsible or liable for any damages caused by leakage of personal information such as name, password, etc. attributable to a user’s negligence or issues arising from the internet.

 

10.  Civil Service Related to Personal Information

1)    In order to protect users’ personal information and to handle complaints related to personal information, the following individual is designated as the personal information manager.

l  Personal information manager

                            i.          Company: CatchItPlay Inc.

                          ii.          Name: Sung Chul Park

                         iii.          E-mail: support@catchitplay.com

2)    Users may notify the personal information manager of any personal information related complaints that occur when using the Company’s services. The Company will respond promptly and sufficiently to the user’s report.

Please contact the following organizations if you need to report or receive consultation regarding other personal information related infringement.

l  E-Commerce Mediation Committee (www.ecmc.or.kr / 1661-5714)

l  Korea Online Privacy Association (www.eprivacy.or.kr / 02-580-0533)

l  KISA (privacy.kisa.or.kr / 02-405-5118)

l  Korean National Police Agency Cyber Bureau (http://cyberbureau.police.go.kr/ / 02-392-0330)

l  Korea Communications Standards Commission (www.singo.or.kr / 1377 (no area code))

 

11.  Linked Sites

The Company may provide users with links to other companies’ websites or materials. The Company has no control over external sites and materials and cannot be held responsible for any damages in connection with the use of the services or materials provided by such external sites. If a user taps a link included by the Company and moves to a page of another site, please check the privacy policy of such site as such policy will have no relation whatsoever to the Company.

 

12.  Miscellaneous

If a part of the Policy is deleted or modified pursuant to changes in applicable law or security technology, such changes and the reasons for such changes will be notified in advance on the Website (www.catchitplay.com).

 

Effective Date: February 18,2019