πŸͺ–

Goondori Privacy Policy

Privacy Policy

Holy Kiwi Co., Ltd. (hereinafter referred to as "the Company") establishes the following privacy policy to protect the personal information of users, safeguard their rights, and handle users' grievances related to personal information smoothly in accordance with the Personal Information Protection Act.
The Company will notify users via the website's notice board (or individual notifications) if the privacy policy is amended.
This policy is effective from June 7, 2023.

1. Purpose of Processing Personal Information

Goondori (https://goondori.com) processes personal information for the following purposes. Processed personal information will not be used for any purpose other than the following, and in case of any change in the intended use, prior consent will be sought.
β€’
Marketing and Advertising: Personal information is processed for purposes such as developing new services/products, providing customized services, offering events and advertising information, providing opportunities for participation, delivering services and advertisements based on demographic characteristics, identifying access frequency, and generating statistics on service usage.

2. Status of Personal Information Files

1.
Personal Information File Name: Personal Information File
β€’
Personal Information Items: Email, login ID, gender, name, service usage history, access logs, cookies, access IP information
β€’
Collection Method: Website, direct input
β€’
Retention Basis: Service provision
β€’
Retention Period: Until membership withdrawal
β€’
Relevant Law: Records of display/advertisement: 6 months

3. Processing and Retention Period of Personal Information

1.
Marketing and Advertising: Personal information will be retained and used from the date of consent until the user withdraws for the purpose of providing the service.
β€’
Retention Basis: Service provision
β€’
Relevant Law: Records of display/advertisement: 6 months

4. Provision of Personal Information to Third Parties

Goondori (https://goondori.com) provides personal information to third parties only in cases that fall under Articles 17 and 18 of the Personal Information Protection Act, such as obtaining the data subject's consent or specific legal regulations.

5. Outsourcing the Processing of Personal Information

Goondori entrusts the processing of personal information as follows for smooth processing of personal information tasks:
When entering into an outsourcing agreement, Goondori specifies in the contract or other documents the prohibition of processing personal information beyond the purpose of the outsourced task, technical and managerial protection measures, restrictions on re-outsourcing, supervision of the trustee, compensation, and other matters in accordance with Article 25 of the Personal Information Protection Act. The Company also oversees whether the trustee safely processes personal information.
Changes to the details of the outsourced task or the trustee will be disclosed promptly through this privacy policy.

6. Rights and Obligations of Data Subjects and Legal Representatives

Users can exercise the following rights as personal information subjects:
1.
Data subjects may exercise their rights regarding access, correction, deletion, and suspension of processing of personal information at any time against Holy Kiwi.
2.
Requests pursuant to Paragraph 1 can be made to Holy Kiwi in writing, by email, or by fax, in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and the Company will take prompt action.
3.
Requests pursuant to Paragraph 1 may also be made through a legal representative or an agent. In such cases, a power of attorney must be submitted following the form specified in Form 11 of the Enforcement Rules of the Personal Information Protection Act.
4.
Requests for access and suspension of processing of personal information may be restricted as per Articles 35, Paragraph 5, and 37, Paragraph 2 of the Personal Information Protection Act.
5.
Requests for correction and deletion cannot be made if other laws specify that the data is subject to collection.
6.
Holy Kiwi verifies whether the requester is the data subject or a legitimate representative when requests for access, correction, deletion, or suspension of processing are made according to the data subject's rights.

7. Personal Information Items Processed

Goondori (https://goondori.com) processes the following personal information:
β€’
For Marketing and Advertising: Email, login ID, gender, name, service usage history, access logs, cookies, access IP information

8. Destruction of Personal Information

Goondori destroys personal information without delay when the purpose of processing is achieved. The destruction procedure, timing, and method are as follows:
β€’
Destruction Procedure: Information entered by users is transferred to a separate database (in case of paper, a separate document) after achieving the purpose and is stored for a certain period or destroyed immediately according to internal policies and other relevant laws. Information transferred to the database will not be used for other purposes unless required by law.
β€’
Destruction Timing: Personal information is destroyed within five days from the end date of the retention period or when it is recognized as unnecessary due to the achievement of the purpose of processing, service termination, business closure, etc.
β€’
Destruction Method: Electronic files containing personal information are destroyed using technical methods that prevent the recovery of records.

9. Installation, Operation, and Rejection of Automatic Personal Information Collection Devices

1.
Holy Kiwi uses "cookies" to provide personalized services by storing and frequently retrieving user information.
2.
Cookies are small pieces of information sent from a website server to a user's computer browser and stored on the user's hard disk.
β€’
Purpose of Cookies: To understand usage patterns, popular search terms, security access status, and more to provide optimized information to users.
β€’
Managing Cookies: You can refuse to store cookies by adjusting settings in your web browser under Tools > Internet Options > Privacy.
β€’
Note: Refusing cookies may cause difficulties in using customized services.

10. Appointment of a Personal Information Protection Officer

Holy Kiwi (https://goondori.com) designates a Personal Information Protection Officer as follows to take charge of handling personal information:
β€’
Personal Information Protection Officer
β—¦
Name: Joonwoo Ji
β—¦
Position: Development Lead
β—¦
Title: Product Manager
β—¦
Contact: iam@holy.kiwi
Users can contact the Personal Information Protection Officer or the relevant department for inquiries related to personal information protection, complaints, and damage relief. Holy Kiwi will respond promptly to inquiries.

11. Changes to the Privacy Policy

This Privacy Policy applies from the effective date. Any additions, deletions, or amendments in line with changes in laws or policies will be notified at least seven days before implementation via announcements.

12. Measures to Ensure the Safety of Personal Information

Goondori takes the following technical, managerial, and physical measures to ensure the safety of personal information as per Article 29 of the Personal Information Protection Act:
1.
Regular Self-Audit: Conducts self-audits regularly (quarterly) to ensure the safety of handling personal information.
2.
Minimization and Training of Staff Handling Personal Information: Limits the number of staff handling personal information and ensures their training.
3.
Implementation of an Internal Management Plan: Establishes and implements an internal management plan for safe processing.
4.
Technical Measures Against Hacking: Installs and updates security programs, monitors, and blocks unauthorized access.
5.
Encryption of Personal Information: Encrypts users' passwords and important data.
6.
Storage and Prevention of Alteration of Access Logs: Stores access logs for at least six months and uses security features to prevent tampering.
7.
Access Restrictions: Manages access to personal information processing systems through granting, modifying, and deleting access rights.
8.
Document Security: Stores documents containing personal information in secure, locked locations.
9.
Access Control: Establishes and operates access control procedures for physical storage locations.

13. Retaining Email Information Upon Community Activity Suspension

Goondori may retain encrypted email addresses during community activity suspension to facilitate user convenience when service resumes and comply with relevant laws. This encryption ensures the original email address cannot be restored.