Services Privacy Policy
Lambda256 Privacy Policy
Lambda256 Corporation (hereinafter “the Company”) regards the protection of personal information of customers (hereinafter “Customer”) who use the website and Service provided by the Company as extremely important, and the Company is making every effort to safeguard the personal information provided by the Customer in order to use the Company’s Service.
The Company complies with the relevant legal provisions for personal information protection that information and communications Service providers must adhere to, based on the Personal Information Protection Act, in accordance with their privacy policy.
The Company displays the Privacy Policy on the first page of the website, enabling Customers to easily access and review it at any time. This Privacy Policy may be subject to change in accordance with relevant laws and the Company’s internal policies. When revisions are made, the changes can be easily identified through version management. This Privacy Policy applies to the Company’s Service.
1. Purpose of Processing Personal Information
The Company processes personal information for the following purposes. Personal information processed is not used for any purpose other than the following purposes, and if the purpose of use is changed, necessary measures will be implemented, such as obtaining separate consent under Article 18 of the Personal Information Protection Act.
① Company uses personal information for Customer management, including confirming the intention to join, verifying age and obtaining parental consent, verifying the identity of Customers and their legal representatives, identifying customers, and confirming the intention to withdraw membership.
② Company uses personal information for protecting Customers and operating our Service, including restricting the use of Service by Customers who violate laws and terms of use, preventing and sanctioning actions that disrupt the smooth operation of Service, preventing account theft and fraudulent transactions, notifying customers of changes in terms of use, preserving records for dispute resolution, and handling Customer complaints.
③ Company uses personal information for providing paid Service, including personal authentication, purchasing and payment of fees, and using products and Service.
④ Company uses personal information for marketing and promotional purposes, including providing information on events and opportunities to participate, and providing promotional and advertising materials.
⑤ Company uses personal information for analyzing Service usage records and access frequencies, statistical analysis of Service usage, providing customized Service and advertisements based on service analysis and statistics.
⑥ Company uses personal information for establishing a secure, private, and safe Service environment that Customers can use with confidence. When the purpose of collection and use of personal information is accomplished, personal information is Disposaled without further delay in principle. However, the following information is retained for reasons as set forth below during a specified period.
1-1 The collection of personal information
The Company collects the following minimum personal information as required items for member registration, smooth Customer consultation, and the provision of various Service:
Service | Collection and Usage Purpose | Field | Retention period |
Luniverse Console (luniverse.console.io) | Service usage and verification of identity, Personal identification, Prevention of unauthorized and fraudulent use by Customer, Confirmation of intent to join, Restriction on number of sign-ups, Verification of legal guardianship, Record retention for dispute resolution, Handling of complaints and Customer inquiries, Delivery of notifications and announcements, Prevention of abusive Service usage, Management of Service sign-ups, Changes, and Terminations, and Maintenance of member qualifications and Management | [Console Registration and Management] (Required) Name, Email, Phone Number, ID, Passward (Optional) Consent for Marketing Activities | During the Service Period: • For disputes related to fee settlement/overpayment, retention for up to 6 months after termination |
| Luniverse Automatic payment method | Registering a payment agent, Providing customized Service, Providing Service, Sending contracts and Invoices, Identity verification, Purchasing and Payment settlement of fees, Debt collection (Fees related consultation/Discounts/Billing (Individual/Integrated/Consolidated)/Notification/Payment and Collection agency commission settlement) | (Required for all) Billing key for regular payments, name, email, mobile phone number, address, Service usage history, Service purchase and payment history • When registering a payment agent: Representative’s name, Representative’s email, Representative’s phone number | During the Service Period: • For disputes related to fee settlement/overpayment, retention for up to 6 months after termination |
| Luni Wallet | Service usage and Verification of identity, Personal identification, Prevention of unauthorized and fraudulent use by Customer | (Required) Email | Service Period, Destruction upon Withdrawal, or Destruction upon Customer Request |
| Contact Us (support@lambda256.io) | Customer consultation | (Required) Name, Email, Phone Number | 6 months |
| Marketing, Advertisement | Development of new Service and provision of customized Service, Provision of Service and Advertising based on statistical characteristics, Verification of Service effectiveness, Provision of event and Promotional information and Opportunities to participate, Identification of access frequency, Statistical analysis | (Required) Name, Email, Phone Number | Service Period and Destruction upon Customer Request |
| Newsletter (※ Inflow through events or promotions, representative website) | Provision of event and Promotional information and Opportunities to participate, Provision of contents, Delivery of notifications and announcement | (Required) Name, Email, Phone Number | Service Period and Destruction upon Customer Request |
1-2 Automatic generation or additional collection
The information below can be automatically generated or additionally collected during the use of the Service or Service provision process. The information collected in this way may or may not be considered personal information depending on whether it is linked to personal information.
(Required) IP address, Cookies, Access log, Date of visits, History of Service use, History of usage error, History of payment
1-3 Collection of personal information pursuant to relevant laws and regulations
If related laws, such as the Act on the Consumer Protection in Electronic Commerce, require the retention of the information, the Company retains member’s information for the certain period specified by the related act. In this case, the Company uses the information only for retention, and the retention period is as follows:
| Retained information | Reasons for retention | Retention period |
|---|---|---|
| Records of contracts or withdrawals from subscription | Act on the Consumer Protection in Electronic Commerce, etc. | 5 years |
| Records of payments and supply of goods, etc. | Act on the Consumer Protection in Electronic Commerce, etc. | 5 years |
| Records of consumer’s complaints or mediation of disputes | Act on the Consumer Protection in Electronic Commerce, etc. | 3 years |
| Records of labelling/advertisements | Act on the Consumer Protection in Electronic Commerce, etc. | 6 months |
| Books and evidential papers about all transactions regulated by the tax law | Framework Act on National Taxes and Corporate Tax Act | 5 years |
| Records of electronic financial transaction | Framework Act on National Taxes and Corporate Tax ActElectronic Financial Transactions Act | 5 years |
| Protection of Communications Secrets Act | Protection of Communications Secrets Act | 3 years |
1-4 Dormant accounts
The retention and usage period of personal information extends from the time the Service usage agreement is concluded (upon membership registration) until the termination of the Service usage agreement (upon withdrawal request). The Company defines dormant members as those who do not re-use (log in) for the period specified by law (1 year), except in cases where separate periods are stipulated by other laws or when a Customer makes a request. For dormant members, personal information is either Disposaled or separated from other Customers’ personal information and stored and managed separately.
The Company will notify Customers of the fact that their personal information will be Disposaled or separated and stored/managed, as well as the expiration date and the relevant personal information items, at least 7 days before the expiration date, using one of the following methods: email, written notice, fax, phone call, or a similar method.
2. Method of collecting personal information
The Company collects personal information through the following methods:
① It is collected through the generation of personal information during the process of using the Service, or through the provision of information by third parties such as affiliates.
② It is collected through a method where Customer directly input their personal information by agreeing to the collection of membership registration and Service use process.
③ It is collected through participation in events, promotions, and other activities conducted online and offline.
④ It is collected through the website and support email (support@lambda256.io).
⑤ Generated information, such as device information, is automatically generated and collected during the process of using PC web, mobile web/app.
3. Disposal of Personal Information
As a principle, the Company disposes of personal information once the purpose of processing has been achieved. However, if we have obtained separate consent from the Customer or if there is a legal obligation to retain the information for a certain period under other laws, we will store the information separately from other personal information for the specified period. The procedures, deadlines, and methods for the disposal of personal information are as follows:
3-1 Procedure for Disposal
When the purpose of collection and use of personal information is accomplished, the information that a Customer entered for signing up or using other Service is transferred to a separate DB (or an additional cabinet for written form) to be stored for a particular period to comply with internal policies and other related Acts for information protection (refer to the section of Retention and use period of personal information) and then Disposaled. The same personal information is not used for any purposes other than its retention unless it is required by laws.
3-2 Method of disposal
The papers on which the personal information is printed are shredded by a shredder or burned to be Disposaled. The personal information stored in an electric file format is deleted by a technique which permanently destroys the records.
3-3 Disposal of Date
In cases where a Customer’s personal information has reached its retention period, the purpose of processing personal information has been achieved, the relevant Service has been terminated, or the business has been terminated and the personal information has become unnecessary, the personal information will be Disposaled within 5 business days from the applicable date.
4. Providing Personal Information to Third Parties
① The Company uses Customer’s personal information within the scope specified in “Article 1 (Purpose of Personal Information Processing)” and provides personal information to third parties only if it falls under Articles 17 and 18 of the Personal Information Protection Act. In the event that personal information is provided after prior consent from the Customer.
② To provide Service, the Company obtains the consent of the data subject and provides only the necessary minimum range in the following cases.
5. Rights, Obligations and Methods of Exercise of Users and Legal Representatives
5-1 Customers under 14 years of age
In the event that the applicant is a minor under civil law, the use of our Service is not permitted even with the consent of a legal representative (guardian), and the Company reserves the right to refuse the Service application for minors. By using our Service, the Customer confirms to the Company that they are not a minor. Users who are under 14 years of age are not eligible to register for the Service.
5-2 The rights of information subjects
The Customer has the right to request the Company at any time to provide all information about themselves stored in the Service. However, the exercise of rights, such as requests for Customer to view, correct, delete, or suspend processing of personal information, may be restricted as provided by the relevant statutes, such as Article 35(4), Article 36(1), and Article 37(2) of the Personal Information Protection Act.
Customer has the right to request Service to modify, block, complete and delete Customer’s personal information, restrict usage, and transfer data to another organization. The Customer has the right to request additional information about the Users handling of personal information.
In addition, the Customer has the right to challenge the data processing of the Service in some circumstances and to withdraw the consent if User has requested data processing consent. Also, if you would like support for the above mentioned rights, please contact the Privacy Officer (support@lambda256.io).
5-3 Rights of legal representative
The Customer and legal representative can submit requests for viewing or modifying their personal information they entered for subscription or withdrawing from the Service. Contact the person in charge of the privacy policy through written form, phone call, or email, and the Company will promptly respond to the requests.
When a Customer requests a correction to their personal information, the personal information is not used or provided until the correction is completed. When incorrect personal information has already been provided to a third party, the Company notifies the third party of the result of the correction without any delay and ensures the correction is applied exactly.
The Company processes the personal information as per “4. Retention and use period of personal information” when it has been requested by the User or legal representative for its termination of use or deletion and blocks any other requests for reading or using the information for any other purposes.
6. Consignment of personal information processing
① The Company entrusts personal information processing tasks as follows for smooth handling of personal information-related tasks
② The Company oversees whether the entrusted party securely handles personal information under Article 26 of the Personal Information Protection Act when entering into an entrustment contract.
③ In the event of changes in the content of the entrusted business or the consignee, we will promptly disclose it through this privacy policy.
| consignee | Content of entrusted tasks | Period of Retention and Use of Personal Information |
|---|---|---|
| Payletter | SMS delivery Service, payment (credit card) | Until the member withdrawal or termination of the consignment contract |
| AWS (Korea) | Operation of infrastructure where personal information is stored | Until the member withdraws or the expiration of the personal information validity period |
| ActiveCampaign | Providing newsletters, event and promotional information, opportunities to participate, content provision, notifications and notices delivery | Until the member withdrawal or termination of the consignment contract |
7. Measures to Secure Personal Information Safety
The Company takes the following technical and administrative measures to ensure the safety of personal information to prevent loss, theft, leakage, alteration or damage of personal information in the processing of the Customer’s personal information.
7-1 Administrative Measures
① Establishment and implementation of an internal personal information protection management plan
We have established an internal personal information management plan, which includes the designation of a personal information protection manager and other matters related to personal information protection management. We also conduct annual audits to ensure that the internal management plan is being properly implemented.
② Utilization of the minimum number of human resources for processing personal information and training
The Company limits the operation of processing personal information to the contact who is in charge and assigns a separate password for the operation to the contact and regularly updates it. Also, the Company frequently provides training to the contact to highlight compliance with the privacy policy.
③ Operating a specialized organization for privacy protection
The Company is making efforts to check how the privacy policy is enforced and the contact complies with the privacy policy by operating an in-house specialized organization for privacy protection and promptly makes corrections if a problem is found. However, the Company shall not be liable for any damages that are not attributable to the Company but caused by negligence on the part of the User or incidents which happen in the areas not managed by the Company even though the Company carried out its obligation to protect privacy.
7-2 Technical measures
① Password encryption
The Customer’s password is encrypted before being stored and managed, and only the user knows it. Also, only the Customer can check and change the personal information by using the password.
② Measures against hacking
The Company is doing its best to prevent any leakage or damage from being caused by hacking or computer virus, etc., to our Customer’s personal information. The data is regularly backed up to proactively prevent damage to the personal information, and the latest vaccine program is used to protect the Customer’s personal information or data from leakage or damage while supporting a safe transfer of the personal information on the network through encrypted communications and the like. In addition, the Company controls unauthorized access from outside with an intruder blocking system as well as putting its utmost effort to equip all technical devices available to secure safety in other parts of the system.
8. Installation, Operation and Refusal of Collecting Personal Information Automatically
8-1 cookies
The Company uses cookies, which enable the Company to store and frequently retrieve Customer information to provide more personalized and customized Services. A cookie is a small text file sent to the Customer’s browser from the server that is used to run the website and stored in the hard disk of the Customer’s computer. Once cookies are stored in the disk, the website server reads the cookies stored in the Customer’s hard disk when the Customer visits the website to maintain the Customer’s preferences and provide the customized Service. Cookies do not automatically/proactively collect the identifying information of individuals, and Customer can refuse storage of cookies or delete them anytime.
8-2 Purpose of cookies
Cookies are used to identify each Service of the Company that the Customer uses, visits to the websites and the pattern of usage, popular keywords for search, and the number of Customer to provide the Customer with optimized and customized information including advertisements.
8-3 Installation/operation and refusal of cookies
① Users have a right to opt in/out of the installation of cookies. – Therefore, Users can set the options on their web browser to enable all cookies, check whenever a cookie is stored or refuse to store cookies.
② However, when storing cookies is disabled, there might be a difficulty in the use of some Service of the Company that need sign-in.
③ The way to enable/disable the cookie installation is as follows:
▶︎ Internet Explorer: Tool > Internet Option > Privacy > Advanced Privacy > Set the cookie level
▶︎ Chrome: Setup Menu > Advanced Settings > Privacy and Security > Content Settings > Set Cookie Level
▶︎ Edge : Setup Menu > Cookies and Site Permissions > Click on Manage and delete cookies> Set the cookie level
▶︎ Firefox : Setup Menu > Privacy and Security> Click on Data Management > Set cookie level > Click on Save changes > In the Clear Open Cookies and Site Data confirmation dialog box, click Clear
9. Details on the Personal Information Protection Officer
Customer can report any complaint related to Privacy Protection that occurs while using the Service of the Company to the person in charge of Privacy Protection or the corresponding department. The Company will respond quickly and diligently to its Customer’s complaints.
9-1 Personal Information Protection Officer
| Protection Manager | Lee Jaewon |
|---|---|
| Protection Officer | SE Team (security engineering) |
| Phone number | 02-568-2560 |
9-2 Personal Information Protection Department
| Protection Manager | Lee Heonjin |
| Protection Officer | SE Team (security engineering) |
| Phone number | 02-568-2560 |
| support@lambda256.io |
Please contact the following institutions to report or need further consultation in relation to other privacy infringement issues.
- Personal Information Dispute Mediation Committee ( www.kopico.go.kr )
- Privacy Infringement Report Center ( https://privacy.kisa.or.kr)
- Cybercrime Investigation Division of the Supreme Prosecutor’s Office ( http://www.spo.go.kr )
- Cyber Bureau of National Police Agency ( https://ecrm.police.go.kr/minwon/main )
10. Changes in Personal Information Processing Policies
If there are any additions, deletions, or modifications to this Privacy Policy, we will provide prior notice at least 7 days in advance. However, in case of significant changes that may affect user rights such as changes to the items of personal information collected or the purpose of use, we will provide prior notice at least 30 days in advance and may obtain user consent again if necessary.
- Announcement date : 2023. 04. 12
- Enforcement date : 2023. 05. 12
You can check the previous privacy policy below.
2019. 03. 18 ~ 2019. 05. 28 (click)
2019. 05. 29 ~ 2020. 11. 19 (click)
2020. 11. 20 ~ 2023. 04. 12 (click)