The Company establishes and discloses this Privacy Policy to protect the rights of users and to promptly resolve any issues related to privacy. This policy may be updated in accordance with changes in relevant laws and guidelines or internal operating policies of the Company.
2.
Celib Inc. (hereinafter referred to as the "Company") complies with South Korea's privacy protection laws and regulations, and this Privacy Policy applies to all services provided by the Company (hereinafter referred to as the "Services").
Article 2 (Collection of Personal Information)
1.
Data Collected
a.
Confirmation of Membership Intent
•
Data Collected: Name, Date of Birth, Email, Mobile Number
•
Storage Duration: Retained for 1 year after account deletion or for the period required by law
b.
Identity Verification
•
Data Collected: Name, Gender, Date of Birth, Mobile Number, Telecommunication Provider, Nationality Status, Encrypted User ID (CI), Duplicate Registration Information (DI)
•
Storage Duration: Retained for 1 year after account deletion or for the period required by law
c.
Payment and Refund Processing
•
Data Collected: For Credit Card Payments (Partial Card Number, Card Issuer), For Bank Transfers (Bank, Account Number, Account Holder)
•
Storage Duration: Retained for 1 year after account deletion or for the period required by law
d.
Cash Receipt Issuance
•
Data Collected: Mobile Number, Business Registration Number
•
Storage Duration: Retained for 1 year after account deletion or for the period required by law
e.
Service and Custom Service Provision
•
Data Collected: Cookie Information, Application Usage History, User Location Data, Records of User Location Data Usage and Sharing
•
Storage Duration: Retained for 1 year after account deletion or for the period required by law
f.
Customer Service Usage
•
Data Collected: Personal information included in consultation and inquiry details
•
Storage Duration: Retained for 1 year after account deletion or for the period required by law
g.
Statistical and Research Purposes
•
Data Collected: Name, Gender, Date of Birth, Mobile Number, Telecommunication Provider, Nationality Status, Encrypted User ID (CI), Duplicate Registration Information (DI), Company Name/Size/Industry/Address, Phone Number/Position/Department in the company, Email
•
Storage Duration: Retained for 1 year after account deletion or for the period required by law
h.
Marketing and Advertising (Optional)
•
Data Collected: Name, Date of Birth, Mobile Number, Frequency of Access, Telecommunication Provider, Nationality Status, Encrypted User ID (CI), Duplicate Registration Information (DI)
•
Storage Duration: Retained for 1 year after account deletion or for the period required by law
2.
Collection Methods
•
When users agree to the collection of personal information during the registration or service use process and input their information directly
•
When personal information is provided by affiliated services or third parties
3.
Protection of Personal Information of Minors
•
The collection, use, and provision of personal information of minors under the age of 14 require the consent of a legal guardian.
•
Legal guardians may request the viewing, correction, deletion, or suspension of the processing of the minor's personal information.
Article 3 (Provision of Personal Information)
The Company does not provide personal information to third parties, except in cases where the user has given separate consent or when required by law.
Article 4 (Outsourcing of Personal Information Processing)
The Company outsources some of the tasks required to provide services to external companies for the purpose of processing personal information. The Company also ensures that outsourced companies comply with relevant laws and regulations.
a.
List of Outsourced Companies
a.
Amazon Web Services, Inc
•
Business Content: Cloud server operation and management
•
Storage Duration: Retained for 1 year after account deletion or until the outsourcing contract ends
b.
I'mweb Inc.
•
Business Content: Website construction and management
•
Storage Duration: Retained for 1 year after service provision or until the contract ends
c.
Janda Co. (JungleBooking)
•
Business Content: Reservation management
•
Storage Duration: Retained for 1 year after service provision or until the contract ends
d.
Channel Corporation
•
Business Content: User 1:1 chat counseling
•
Storage Duration: Retained for 1 year after account deletion or until the outsourcing contract ends
eFormWorks (WithSign)
e.
eFormWorks (WithSign)
•
Business Content: Electronic contracts
•
Storage Duration: Retained for 1 year after account deletion or until the outsourcing contract ends
Article 5 (Destruction of Personal Information)
1.
Personal information will be destroyed without delay once its collection and usage purposes have been fulfilled.
2.
Destruction Method
•
For electronic files: Permanent deletion using methods that make recovery or reconstitution impossible.
•
SFor paper documents: Shredding or burning the documents.
3.
Personal information will be destroyed without delay once its collection and usage purposes have been fulfilled.
Article 6 (Modification of Personal Information)
1.
Reasons for Modification
The Company may modify the Privacy Policy in case of changes in relevant laws, policies, or services.
2.
Modification Procedure
•
Any changes to the Privacy Policy will be announced on the website.
•
The modified Privacy Policy will take effect 7 days after being posted.
3.
Notice of Significant Changes
If there is a significant change in the purpose of collecting personal information, collection methods, or third-party provisions, the Company will notify users at least 30 days in advance.
Article 7 (Installation and Operation of Automatic Personal Data Collection Tools)
1.
Use of Cookies
The Company may use cookies to provide services on its website. Cookies are used to support faster and more convenient website usage and to provide customized services.
2.
Purpose of Use
•
To provide personalized and customized services
•
To maintain user preferences and provide targeted ads
•
To provide useful and relevant information based on user data
•
To Improve Website Accessibility and Convenience
3.
Cookie Storage and Management
Cookies do not store personal information such as names or phone numbers, and users have the option to disable cookies. Users can configure their browser to allow all cookies, prompt for confirmation before storing cookies, or reject all cookies.
Article 8 (Rights of the Data Subject and Methods of Exercise)
1.
Rights of the Data Subject
The data subject may exercise the following rights with respect to the company at any time:
•
Request access to personal data
•
Request correction or deletion of inaccurate personal data
•
Request suspension of processing of personal data
2.
Methods of Exercising Rights
The rights outlined above can be exercised in the following ways:
•
By submitting a request in writing, via phone, email, or fax. The company will take prompt action to address the request.
•
The company will process the request after verifying the identity of the data subject.
•
Requests may also be made by a legal guardian or an authorized representative. In such cases, the authorized representative must provide proof of authorization.
•
When a request is made by a representative, the company will verify the authenticity of the request through a power of attorney, the data subject’s seal certificate, and the representative’s identification.
3.
Limitation of Processing
If the data subject requests the correction or deletion of inaccurate personal data, the company will suspend the use or provision of such data until the necessary corrections or deletions are completed.
4.
Obligations of the Data Subject
The data subject must comply with applicable data protection laws and regulations and must not infringe upon the privacy or personal data of others processed by the company.
Article 9 (Measures to Ensure the Security of Personal Data)
1.
Technical Protection Measures
•
Encryption of personal data
•
Establishment of security systems to defend against hacking and computer viruses
•
Access control and restriction of permissions for personal data processing systems
•
Storage of personal data access records and prevention of tampering
•
Installation and periodic updates and inspections of security programs
•
Implementation of database access rights management systems
2.
Administrative Protection Measures
•
Establishment and implementation of internal management plans
•
Regular privacy protection training for employees
•
Compliance with personal data protection laws and regulations
•
Establishment and implementation of internal audit plans
•
Minimization of access rights for personal data handlers
3.
Physical Protection Measures
•
Establishment and operation of access control procedures for personal data storage locations
•
Implementation of security measures for auxiliary storage devices
•
Provision of secure storage facilities for personal data and installation of locking mechanisms
Article 10 (Personal Data Protection Officer and Rights Redress)
1.
Personal Data Protection Officer
Officer: Kim Jeong-Hyun
•
Affiliation: CEO Office
•
Contact: 02.743.1013 / celibgadi@celib.kr
2.
Guarantee of Rights for the Data Subject
•
Request for access, correction, or deletion of personal data is possible
•
Withdrawal of consent for the collection and use of personal data is possible
•
Request for membership withdrawal is possible
•
Rights can be exercised through the customer service center or settings within the service
3.
Processing of Rights Requests
•
The company will promptly take action on the data subject’s request
•
In case of a correction request, the use or provision of the relevant information will be suspended until the correction is completed
•
Rights can also be exercised by the data subject’s legal guardian or authorized representative
4.
Redress for Violations
•
Personal Data Infringement Report Center: privacy.kisa.or.kr