Privacy Policy
To protect the rights and interests of its members, Defi-Ant company Co., Ltd.(hereinafter referred to as the "Company") has established the "Information Communication Network Promotion and Information Protection Act," "Consumer Protection Law in Electronic Commerce," "Communications Secret Protection Act," "Telecommunications Business Act, Information Protection Law "and other governmental administrative guidelines, and operates the personal information processing policy in accordance with relevant laws and regulations.
1. Personal Information Items Collected and Collection Method;
A. Personal information items collected
1. The Company shall not collect any sensitive personal information which may lead to the infringement of human rights of users, including their race, ethnicity, ideas and creeds, place of birth and legal domicile, political orientations and criminal records, health status, and sual life.
2. The Company shall collect and use the following essential personal information:
1) Verification of a user’s identity and his/her willingness to obtain membership
- general members: name, ID, password, passport no. (for foreigners only), cell phone number, email address, country of origin, secure password, residency(address)
- corporate members: name of company, name of representative, business registration number, contact telephone number, place of workplace address, e-mail address, password, country of operation, cell phone number, secure password
2) Self-authentication for payments and funds withdrawals
- name, date of birth, account number, a copy of an identification card (any remaining information masked cept for date of birth), cell phone number, secure password.
3) Self-authentication for level up
- cell phone number, e-mail address, i-pin number, a copy of an identification card (any remaining information masked cept for date of birth), Bank account no. for withdrawals, address , Connected information(CI), Duplicate membership verifying information (DI)
4) Secure password initialization
- name, e-mail address, cell phone number, a copy of an identification card (any remaining information masked cept for date of birth), a facial photo.
5) Prevention of use by fraudulent members and prevention of unauthorized use
- users’ IP address and date and time of their visit to the Company’s website
6) Verification of users’ real name
- name, date of birth, gender
3. The following information may be created and collected in the process of using or processing services:
- Records on using services, payment records, records on the suspension and termination of services, access logs, cookies, users’ IP address, records on fraudulent or abnormal uses of services.
2. Purpose of Collecting and Using Personal Information;
The Company shall collect and use customers’ personal information for the following purposes:
A. Member management
1. Self-authentication for the use of membership-based services, verification of individuals’ identity
2. Prevention of use of services by fraudulent members and of unauthorized use
3. Verification of users’ willingness to obtain membership and limitation on membership and the number of obtaining membership
4. Identification of minors
5. Records retention for consulting with customers, acceptance and handling of customers’ complaints and disputes resolution
6. Delivery of notices
B. Performance of agreements on the provision of services and payment of charges
1. Provision of services and contents, as well as tailored-made services
2. Payment and settlement of fees
3. Notification of the result of winning prizes at events/giveaways and delivery of products
C. Use for marketing and advertisements
1. Providing optimized services for customers
2. Developing and specializing in new services (products)
3. Providing services and posting advertisements according to demographic traits
4. Identifying the frequency of access to the Company’s homepage
5. Statistics on the use of services
6. Mailing periodicals and offering guidance on new products or services
7. Planning web services and events that meet customers’ interests
8. Delivering information on advertisements, such as giveaways and events, and operation of member communities
9. Conducting customer questionnaire-based survey
3. Period of Retention and Use of Personal Information;
A. The Company retains or owns personal information within the time specified by laws or personal information within the retention/usage time agreed with by information object when collected.
B. Process and retention time of each personal information is as follows;
| Information | Retention Time | Basis |
|---|---|---|
| Personal information related to service use(log-in history) | 3 months | Protection of Communications Secrets Act |
| History of sign/advertising (log-in history) | 6 months | Act on Consumer Protection in the Electronic Commerce Transactions, Etc |
| Records relating to contract or withdrawal | 5 years | |
| Records relating to the payment and supply of good | 5 years | |
| Records relating to consumer complaints or disputes | 3 years | |
| Records relating to electronic financial transaction | 5 years | Electronic Financial Transaction Act |
4. Entrustment of Personal Information Processing;
A. The Company shall entrust affairs of personal information processing as follows in order to process personal information task smoothly:
| Entrusted Partner | Entrusted Task | Time of Use/Retention |
|---|---|---|
| NICE Information Service Co., Ltd. | Identification via mobile carriers, Account real name authentication service | Do not Save Separately (Information of the certified service provider) |
B. The Company states clearly on documents like contract as follows and supervises trustee handles personal information safely; prohibition of processing personal information cept the purpose of entrusted affairs by Personal Information Protection Act, technical, administrative protection action, a limit of re-entrust, management and supervisory for trustee, compensation, and etc.
C. In case trust business substance or trustee, itself is changed, the Company may notify it through this Privacy Policy without delay
5. Rights of Users and Legal Representatives and Methods for ercising Their Rights;
A. The user or his or her legal representative may ercise the following rights for registered personal information of the user.
1. Right to demand access to personal information
2. Right to demand correcting errors in personal information, if any
3. Right to demand the deletion of personal information
4. Right to demand the suspension of personal information processing
B. Users and legal representatives of children under fourteen years of age may log into the Company’s homepage and access or modify the personal information of themselves or such children in the Member’s Information Change menu or may do so by sending e-mails or written requests to a chief privacy officer at the Company.
C. The user or his or her legal representative may withdraw (cancel) ‘Consent to Personal Information Collection and Use’ through email, phone, or fax.
D. If users and legal representatives of children under fourteen years of age request the correction and deletion of errors in their personal information, the Company shall neither use nor provide such personal information until such errors are corrected or deleted. The Company shall handle the personal information that is terminated or deleted at the request of such users and legal representatives in accordance with ‘Period of Retention and Use of Personal Information’ and prohibit such information from being accessed or used for any purposes other than those stipulated in the ‘Period of Retention and Use of Personal Information.’
6. Procedure and Method for Destroying Personal Information;
A. Once the objectives of the collected personal information are fulfilled, "the Company" will destroy or store separately without hesitation said information according to the storage or usage terms.
B. The process, time frame, and methods are as follows.
1. Procedure and Timing for Destroying Personal Information
The Company shall immediately destroy the personal information provided by customers to obtain membership after the purpose of using such information has been fulfilled, including termination of services, and a retention period of such information as stipulated by its internal guidelines and other relevant statutes (please, refer to the above period of retention and use of personal information) has elapsed. In general, if there is no remaining creditor and debtor relationship, the Company shall, upon withdrawal of membership, immediately delete any personal information that has been collected by the Company at the time of obtaining membership and afterwards managed in the form of electronic files.
2. Destruction method
Any person information printed out on papers shall be destroyed by being shredded through shredders or burnt or dissolved through chemical solutions and any personal information stored in electronic files shall be deleted through technological methods that cannot reproduce such files.
3. Separate storage time frame and method
As per the 'Personal information piry system, a user account that has not used the service for 1 year will be switched to a dormant state. Dormant members' personal information is separately stored and managed with restricted access and security.
7. Measures for Ensuring the Security of Personal Information
The Company has implemented the following measures required for ensuring security under the Personal Information Protection Act:
A. Protective measures for administrative purposes
1. Establishment and implementation of an internal management plan
1) Matters on the appointment of the chief privacy officer
2) Matters on roles and responsibilities of a chief privacy officer and a personal information- handling employee
3) Matters on measures for ensuring the security of personal information
4) Matters on training on the personal information handling employee and companies entrusted with personal information processing
5) Other matters required for the protection of personal information
2. Conducting its own internal audits
1) Matters on divisions of duties between the chief privacy officer and an auditor
2) Matters on roles and responsibilities of an auditor on personal information-related matters
3) Conducting regular internal audits for ensuring the security of personal information handling
B. Technological protection measures
1. The Company operates a system designed to prevent the leakage of personal information in order to prevent the personal information-handling employee from leaking customers’ information. It also applies secure password algorithm to personal information that is transmitted via PCs and networks.
2. The Company grants each personal information handling employee one user account that has different functions and the least right to access a personal information handling system, which is required for performing his/her duties. If such personal information handling employee is replaced, the Company shall modify or delete his/her right to access the system and retain related records for at least 5 years. In addition, the Company has established and applies a rule of creating a password for the personal information handling employee.
3. If the Company sends or receives individuals’ peculiar identification information and passwords via information communication networks or delivers them through supplementary storage mediums, it shall store them using commercial encryption software and encrypt passwords with secure password algorithms and store them in encrypted forms.
4. The Company retains and manages records on the personal information handling employee’ s access to the personal information processing system for at least 6 months and securely stores such records to ensure that such records are not forged, modified, stolen or lost.
5. The Company installs and operates security programs, such as vaccine programs that can prevent or cure malicious programs in the personal information processing system or computers used for business purposes. It also conducts regular PC checkups by using the automatic update function of such security programs.
C. Physical protective measures
The Company has established and operates a procedure for controlling entry to and it from physical sites where personal information is stored, such as computer rooms and archives. It also stores and manages documents and supplementary storage mediums containing personal information at locations secured with locks.
8. Installation, Operation and Rejection of Personal Information Automatic Collection Devices
A. The Company uses ‘cookies’ which save and retrieve the information of use to provide a customized service.
B. “Cookies” are small pieces of information that are sent by the web server operating the website and are saved to your computer’s hard drive
1. Purpose of cookies use : to provide optimized information, reflecting visit, use pattern, favorite searching words and status of secure connection for each service and website that user visits
2. Installation/operation or refusal of cookies : Cookies saving is able to be refused through the option setting of Tools button in the top of the browser > the Internet Options > Privacy.
3. If cookies are refused, the difficulty of service use may be occurred
9. Chief Privacy Officer
A. The Company values the protection of customers’ personal information highly and does its best to ensure that their personal information is not damaged, compromised or leaked. However, the Company shall not be responsible for the information damaged by unpected accidents that arise from basic dangers inherent at networks and all kinds of disputes that arise from postings made by visitors to the Company’s website, even though the Company has taken technological security measures.
B. The Company’s customer center offers swift and sincere replies to customers’ inquiries about the protection of their personal information. In addition, customers who wish to contact the chief privacy officer at the Company may contact him/her at the below telephone number or by e-mail. We will answer your inquiries on the protection of personal information swiftly and sincerely.
1. Chief Privacy Officer
1) Name: Andy Hong
2) Title: Chief Privacy Officer
3) Telephone number: +1 770-910-9150
4) E-mail: opulent.exchange@gmail.com
C. You may make inquiries to the Personal Information Dispute Mediation Committee, Supreme Prosecutors’ Office, Korea National Policy Agency, Korea Internet & Security Agency if you need consulting to seek remedies for your compromised personal information.
1. Personal Information Dispute Mediation Committee (www.kopico.go.kr): 02-2100-2499
2. Supreme Prosecutors’ Office, National Digital Forensic Center (http://www.spo.go.kr): 1301
3. Korea National Policy Agency, Cyber Bureau (http://cyberbureau.police.go.kr): 182
4. Personal Information Response Center (http://privacy.kisa.or.kr): 118
10. Revision of Privacy Policy
Guideline that is caused by changes in the government’s policies or security technologies on the Notices menu on its homepage 7 days before the effectuation of such addition, deletion or modification.
- Date of effectuation: June 5, 2019