In response, the Company complies with the privacy regulations under the relevant statutes that the information and communication service provider must comply with, such as the “Act on Promotion of Information and Communications Network Utilization and Information Protection,” the “Personal Information Protection Act,” the “Communication Secrets Protection Act,” and the “Telecommunication Business Act”.
Article 1 Purpose of Processing Personal Information
The Company processes personal information for the following purposes. Personal information processed is not used for any purpose other than the following purposes, and if the purpose of use is changed, necessary measures will be implemented, such as obtaining separate consent under Article 18 of the Personal Information Protection Act.
a. Membership management
Use of the membership service and user identification in accordance with the restricted identification system, personal identification, prevention of unauthorized use of Users on blacklist, prevention of unauthorized use, confirmation of sign-up, restriction of subscription and the number of subscriptions, subsequent identification of the legal representative, preservation of records for dispute settlement, response to users’ needs including processing complaints, sending notices, and the like.
b. Fulfillment of the contract for service provision and settlement of the fees for the service
Provision of content and customized services, delivery of goods or bill mailing, user authentication, purchase and fee payment, and fee collection
c. Development and marketing of new services, and advertisement
Development of new services and provision of customized services, provision of the service as per statistical characteristics, advertisement publication, confirmation of the service validity, provision of information about events and promotions, and engagement with users for participation in events, visibility into the frequency of the access, statistics about User’s use of service, and check and utilization of personal information for sending gifts.
Article 2 Retention of Personal Information
The Company processes and retains personal information within the period of possession or use of personal information or the period of use of personal information agreed upon when collecting personal information from the information subject in accordance with the statutes.
When the purpose of collection and use of personal information is accomplished, the User’s personal information is destroyed without further delay in principle. However, the following information is retained for reasons as set forth below during a specified period.
a. Reasons for information retention in accordance with the policies of the Company
|Division||Retained information||Reasons for retention||Retention period|
|Contact Sales||name, title, email address, phone number, company name, industry, number of employee, country||Processing the User’s requests||6 months|
|Contact Us||name, email address||Processing the User’s requests||6 months|
|Luniverse Service||record of using service||Prevention of unauthorized use||1 year|
b. Reason for information retention in accordance with related laws
If related laws, such as the Act on the Consumer Protection in Electronic Commerce, require the retention of the information, the Company retains member’s information for the certain period specified by the related act. In this case, the Company uses the information only for retention, and the retention period is as follows:
|Retained information||Reasons for retention||Retention period|
|Records of contracts or withdrawals from subscription||Act on the Consumer Protection in Electronic Commerce, etc.||5 years|
|Records of payments and supply of goods, etc.||Act on the Consumer Protection in Electronic Commerce, etc.||5 years|
|Records of consumer’s complaints or mediation of disputes||Act on the Consumer Protection in Electronic Commerce, etc.||3 years|
|Records of labelling/advertisements||Act on the Consumer Protection in Electronic Commerce, etc.||6 months|
|Books and evidential papers about all transactions regulated by the tax law||Framework Act on National Taxes and Corporate Tax Act||5 years|
|Records of electronic financial transaction||Electronic Financial Transactions Act||5 years|
|History of logins||Protection of Communications Secrets Act||3 months|
c. Dormant accounts
The period of personal information retention and use is from the conclusion of the service use contract (subscription) to the termination of the service use contract (application for withdrawal). The Company defines a dormant user as a user who does not re-use (login in) the period defined by the statute (one year), except when a separate period is specified in other statutes or at the request of the User. For dormant uses, personal information is destroyed or separately stored and managed separately from other users’ personal information.
Inform the User of the fact that personal information is destroyed or stored separately or separately until 30 or 7 days before the expiration of the period, and the items of such personal information by e-mail, written, FAX, telephone, or similar method.
Article 3 Providing Personal Information to Third Parties
The Company uses Users’ personal information within the scope specified in “Article 1 (Purpose of Personal Information Processing)” and provides personal information to third parties only if it falls under Articles 17 and 18 of the Personal Information Protection Act. In the event that personal information is provided after prior consent from the User.
Article 4 Consignment of personal information processing
In order to provide better service, the Company entrusts external companies to perform some of the necessary tasks. And the entrusted company manages and supervises the so that it does not violate the relevant statutes.
a. Personal Information Trustee
|Trust company||Consignment purpose||Period using personal information|
|Danal||SMS service, payment processing(credit card)||Until the withdrawal of membership or termination of the consignment contract.|
Article 5 Rights, Obligations and Methods of Exercise of Users and Legal Representatives
A. The rights of information subjects
The User has the right to request the Company at any time to provide all information about themselves stored in the Luniverse. However, the exercise of rights, such as requests for Users to view, correct, delete, or suspend processing of personal information, may be restricted as provided by the relevant statutes, such as Article 35(4), Article 36(1), and Article 37(2) of the Personal Information Protection Act.
User has the right to request Luniverse to modify, block, complete and delete User’s personal information, restrict usage, and transfer data to another organization. The User has the right to request additional information about the Users handling of personal information.
In addition, the User has the right to challenge the data processing of the Luniverse in some circumstances and to withdraw the consent if User has requested data processing consent. Also, if you would like support for the above mentioned rights, please contact the Privacy Officer (firstname.lastname@example.org).
b. Rights of legal representative
The User and legal representative can submit requests for viewing or modifying their personal information they entered for subscription or withdrawing from the Service.
When a User requests a correction to their personal information, the personal information is not used or provided until the correction is completed. When incorrect personal information has already been provided to a third party, the Company notifies the third party of the result of the correction without any delay and ensures the correction is applied exactly.
The Company processes the personal information as per “4. Retention and use period of personal information” when it has been requested by the User or legal representative for its termination of use or deletion and blocks any other requests for reading or using the information for any other purposes.
Article 6 Items of Processing Information
a. Personal information to be collected
First, the Company collects the minimum personal information to facilitate providing services including membership registration and seamless user consultation, and the information to be collected is as follows:
|Division||Sign up||Register automatic payment method||Process to register the organization||Process to register the payment agent|
|Essential||email address, user name, password, company name||Billing key for regular payment||company name, country/region, address, city, detail region, zip code||billing agent name, email address, phone number|
|Optional||company webpage url||–||corporate registration number, type of business, number of employee||–|
Secondly, the information below can be automatically generated or additionally collected during the use of the Service or service provision process.
- IP address, cookies, access log, date of visits, history of service use, history of usage error, history of payment
Article 7 Destroying Personal Information
When the purpose of collection and use of personal information is attained, the User’s personal information is destroyed without further delay in principle. The Company uses the following procedure and method to destroy personal information.
a. Procedure for destroying
When the purpose of collection and use of personal information is accomplished, the information that a User entered for signing up or using other services is transferred to a separate DB (or an additional cabinet for written form) to be stored for a particular period to comply with internal policies and other related Acts for information protection (refer to the section of Retention and use period of personal information) and then destroyed.
The same personal information is not used for any purposes other than its retention unless it is required by laws.
b. Method of destroying
The papers on which the personal information is printed are shredded by a shredder or burned to be destroyed.
The personal information stored in an electric file format is deleted by a technique which permanently destroys the records.
Article 8 Measures to Secure Personal Information Safety
The Company takes the following technical and administrative measures to ensure the safety of personal information to prevent loss, theft, leakage, alteration or damage of personal information in the processing of the User’s personal information.
a. Password encryption
The User’s password is encrypted before being stored and managed, and only the user knows it. Also, only the user can check and change the personal information by using the password.
b. Measures against hacking, etc.
The Company is doing its best to prevent any leakage or damage from being caused by hacking or computer virus, etc., to our User’s personal information. The data is regularly backed up to proactively prevent damage to the personal information, and the latest vaccine program is used to protect the User’s personal information or data from leakage or damage while supporting a safe transfer of the personal information on the network through encrypted communications and the like. In addition, the Company controls unauthorized access from outside with an intruder blocking system as well as putting its utmost effort to equip all technical devices available to secure safety in other parts of the system.
c. Utilization of the minimum number of human resources for processing personal information and training
d. Operating a specialized organization for privacy protection
Article 9 Installation, Operation and Refusal of Collecting Personal Information Automatically
a. What are cookies?
- A cookie is a small text file sent to the client’s browser from the server that is used to run the website and stored in the hard disk of the User’s computer. Once cookies are stored in the disk, the website server reads the cookies stored in the User’s hard disk when the User visits the website to maintain the User’s preferences and provide the customized service.
- Cookies do not automatically/proactively collect the identifying information of individuals, and Users can refuse storage of cookies or delete them anytime.
b. Purpose of cookies
Cookies are used to identify each service of the Company that the User uses, visits to the websites and the pattern of usage, popular keywords for search, and the number of User to provide the User with optimized and customized information including advertisements.
c. Installation/operation and refusal of cookies
- Users have a right to opt in/out of the installation of cookies. – Therefore, Users can set the options on their web browser to enable all cookies, check whenever a cookie is stored or refuse to store cookies.
- However, when storing cookies is disabled, there might be a difficulty in the use of some services of the Company that need sign-in.
- The way to enable/disable the cookie installation is as follows:
▶︎ Internet Explorer: Tool > Internet Option > Privacy > Advanced Privacy > Set the cookie level
▶︎ Chrome: Setup Menu > Advanced Settings > Privacy and Security > Content Settings > Set Cookie Level
Article 10 Contact Details of the Personnel in Charge of Privacy Protection
Users can report any complaint related to privacy protection that occurs while using the Service of the Company to the person in charge of privacy protection or the corresponding department. The Company will respond quickly and diligently to its User’s complaints.
- The person in charge of privacy protection : Gwangse Park
- Personal Information Protection Officer: Sanghyeop Kim
- Email : email@example.com
- Department : Planning & Security
- Phone number : +82-568-2560
Please contact the following institutions to report or need further consultation in relation to other privacy infringement issues. Privacy Infringement Report Center (visit https://privacy.kisa.or.kr or call 118 without a telephone exchange number) The Cybercrime Investigation Division of the Supreme Prosecutor’s Office (visit http://www.spo.go.kr or call 1301 without a telephone exchange number) Cyber Bureau of National Police Agency (visit http://cyberbureau.police.go.kr or call 182 without a telephone exchange number)
Article 11 Changes in Personal Information Processing Policies
2019. 03. 18 ~ 2019. 05. 28(click)
2019. 05. 29 ~ 2020. 11. 19(click)