Korea Optical Industry Agency (hereinafter referred to as the “Company”) complies with the laws and regulations related to personal information, such as the Act on Promotion of Information and Communication Network Utilization and Information Protection, and the Personal Information Protection Act, and has established a personal information processing policy. We are doing our best to protect the rights and interests of users.
This privacy policy provides services such as virtual wearing of glasses through a camera provided through a smart fitting app operated, managed and provided by the company, finding an optician based on the user's location information, and providing related contents (hereinafter referred to as'service ') and contains the following contents.
1. Items of personal information to be collected and collection method
end. Items of personal information to be collected
The company collects the following personal information from users during the membership registration process for membership registration and management, smooth grievance handling, and provision of various services.
-Required items: name, ID, contact information, face information, location information
-Optional items: information required by the company to provide personalized services
I. Collection method
When users sign up as a member to use the member service, the company receives essential information for service provision online. In addition, you can selectively request personal information input for statistical analysis or giveaways during surveys or events within the service. However, sensitive personal information that may infringe on the user's basic human rights (race and ethnicity, ideology and creed, place of origin and domicile, political orientation and criminal record, health status and sex life, etc.) is not collected, and if it is inevitable, the user We will surely seek their prior consent.
2. Purpose of collection and use of personal information
end. Development of new services
We can develop more useful services based on the personal information provided by users. When developing new services or expanding contents, the company more efficiently prioritizes the services to be developed based on the personal information provided by existing users, and the company rationally selects the contents that users need. Can provide.
I. Member management
Identity verification, personal identification, prevention of illegal use and unauthorized use of bad members, confirmation of sign-up, age confirmation, confirmation of consent of a legal representative when collecting personal information of children under 14 years of age, complaint handling, etc. Delivery of notices
All. Used for marketing and advertising
New service development and delivery of information according to event events and provision of customized services, provision of services and advertisements according to demographic characteristics, identification of access frequency, or statistics on member service use
3. Retention and use period of personal information
In principle, the company destroys users' personal information without delay when the purpose of collecting and using personal information is achieved. However, the following information is retained for the specified period for the following reasons.
end. Reasons for information retention according to the company's internal policy
-Illegal use record: Prevention of illegal use
-Retention period: 1 year from the date of illegal use
I. Reasons for information retention according to related laws
-Records on contract or subscription withdrawal: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
-Records on payment and supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
-Records on consumer complaints or dispute settlement: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)
-Records on visits (logs): 3 months (Communication Secret Protection Act)
4. Personal information destruction procedure and method
When the purpose of collecting and using personal information is achieved, the user's personal information is destroyed without delay in the following ways.
end. Destruction procedure
The information entered by the user for service use, etc., is transferred to a separate DB (separate filing cabinet in the case of paper) after the purpose is achieved and is scheduled according to the reason for information protection according to internal policies and other related laws (refer to retention and use period) It is destroyed after the period is saved. Personal information transferred to a separate DB is not used for any other purpose other than to be retained unless required by law.
I. Method of destruction
Personal information recorded and stored on paper is destroyed by shredding or incineration, and personal information stored in the form of electronic files is deleted using technical methods so that the records cannot be reproduced.
5. Provision of personal information to a third party
The company provides the user's personal information to a third party within the scope of consent by notifying or specifying the following when registering as a member.
-Recipient: Seller (Seller)
-Purpose of provision: service management by base, customer consultation and complaint handling
-Provided items: name, ID, contact information, product inquiry information
-Retention and use period: Until membership withdrawal or service termination
In principle, personal information of users is not provided outside of the above. However, the following cases are exceptions.
-When there is a request from a public institution for investigation purposes under related laws
-When providing statistics, academic research, or market research in a form in which a specific individual cannot be identified
-When there is a request in accordance with the procedures stipulated by other related laws
-However, even with exceptions, if information is provided in accordance with relevant laws or at the request of an investigative agency, it is operated in principle to notify the parties. There may be cases in which notification may not be made unavoidably due to legal grounds. The company will make every effort to prevent information from being provided indiscriminately against the original purpose of collection and use.
6. Consignment processing of personal information
The company entrusts personal information for smooth provision of services, and stipulates necessary matters so that personal information can be safely managed when consigning contracts in accordance with relevant laws and regulations.
Currently, the company's personal information processing trustee and the contents of its work are as follows.
-Consignment target (consignee) / contents of consignment / retention and use period
7. Rights of users and legal representatives and how to exercise them
end. Users and legal representatives may view or modify their registered personal information or the personal information of children under the age of 14 at any time, and may request termination of subscription (withdrawal of consent).
I. To view or modify personal information of users or children under the age of 14, click'My Profile' (or'modify member information') on MyPage after logging in, and click "Membership withdrawal" to cancel subscription (withdrawal of consent). After going through the verification process, you can directly view, correct or withdraw. Or, if you contact the person in charge of personal information protection in writing, by phone or by email, we will take action without delay.
All. If a user requests correction of errors in personal information, the personal information will not be used or provided until the correction is completed. In addition, if incorrect personal information has already been provided to a third party, we will notify the third party of the result of correction without delay so that the correction can be made.
la. The Company handles personal information that is canceled or deleted at the request of a user or legal representative as specified in "3. Retention and Use Period of Personal Information" and does not allow it to be viewed or used for any other purpose.
8. Matters on the operation of cookies
In order to provide personalized and customized services, the company operates'cookies' that store and retrieve user information from time to time. Cookies are very small text files that the server used to operate the company's website sends to the user's browser and are stored on the user's computer hard disk.
end. Purpose of use such as cookies
Provide targeted marketing and customized services by analyzing users' access frequency and visiting time, identifying users' tastes and interests, tracking traces, and identifying the degree of participation in various events and the number of visits
I. Installation/operation of cookies
Users have the option of installing cookies. Therefore, the user may allow all cookies by setting options in the web browser, check each time a cookie is saved, or refuse to save all cookies.
All. How to reject cookie settings
As a method of rejecting the cookie setting, you can allow all cookies by selecting the option of the web browser you are using, check every time you save a cookie, or refuse to save all cookies. However, if the user refuses to install cookies, there may be difficulties in providing the service.
Example of setting method (for Internet Explorer): Tools at the top of the web browser> Internet Options> Personal Information
9. Technical/administrative measures for personal information protection
① The company establishes/implements an internal management plan and installs and operates an access control device to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged in handling users' personal information. /We are taking technical/administrative measures such as using security functions to prevent tampering.
-Personal information encryption: The company encrypts personal information such as passwords and payment methods according to the standards required by laws and regulations, and takes separate security measures such as encrypting files and transmission data for important data to protect users' personal information. Are protected.
-Countermeasures against hacking, etc.: The company is doing its best to prevent the leakage or damage of members' personal information due to hacking or computer viruses. In preparation for damage to personal information, data are backed up from time to time, and users' personal information or data are prevented from being leaked or damaged by using the latest vaccine program, so that personal information can be safely transmitted over the network through encrypted communication, etc. I'm doing it. In addition, we use an intrusion prevention system to control unauthorized access from outside, and strive to equip all possible technical devices to secure systemic security.
-Minimization of handling staff and training: The company's personal information-related handling staff is limited to the person in charge, and a separate password is given and updated regularly, and the company's personal information processing policy is observed through frequent training for the person in charge. We are constantly striving to ensure that personal information protection is practical by always emphasizing.
-Operation of a dedicated personal information protection organization: The company checks the compliance of the company's personal information processing policy and the person in charge through a department that performs personal information protection work within the company, and if a problem is found, it can be corrected and corrected immediately. Are working hard to
➁ Notwithstanding Paragraph 1, the Company shall not be held liable for any problems arising from the leakage or exposure of the user's account information and personal information due to the user's intention or carelessness or problems on the Internet. Each user must properly manage and take responsibility for his or her ID and password in order to protect his/her personal information.
10. Matters on the use of K-eyewear Smart Fitting
The company measures the user's face data using the K-Eyewear app service when Face Scanning for smart fitting. Measurement data is only used when requesting smart fit, is not collected or stored separately, and is not shared with third parties. You can deny use by releasing the camera permission in the application's permission settings. However, if the authority is denied, the Smart Fitting service may not be available.
11. Personal information protection officer and contact information
The company is doing its best to ensure that users can safely use good information. In protecting personal information, the company takes full responsibility in the event of an accident that goes against the matters notified to the user. However, despite technical supplementary measures, the company is not responsible for damage to information due to unexpected accidents caused by basic network risks such as hacking, and for various disputes caused by posts created by visitors. The person in charge of handling user's personal information is as follows, and responds promptly and faithfully to inquiries related to personal information.
Name of personal information manager: Kim Jeong-ha
Affiliation/Title: Korea Optical Industry Agency / Team Leader
Phone number: +82-53-350-7851
Email: dal@koia.or.kr
If you need to report or consult about other personal information infringement, please contact the following organizations.
-Personal Information Infringement Report Center (https://privacy.kisa.or.kr / 118)
-Personal Dispute Mediation Committee (https://www.kopico.go.kr / 1833-6972)
-Information Protection Mark Certification Committee (https://www.eprivacy.or.kr / 02-550-9500)
-Cyber Bureau, National Police Agency (https://cyberbureau.police.go.kr / 182)
-Cyber Investigation Division, Supreme Prosecutors' Office (https://www.spo.go.kr / 1301)
12. Notification obligation
end. Details on the protection of other personal information, including this privacy policy, are disclosed on the first screen of the app so that users can always easily view it.
I. In the event of additional deletion or modification of important content due to changes in legal policy or security technology, we will notify the reason and contents of the change through the app before implementing the changed privacy policy.
All. The contents of this privacy policy may change from time to time, so please check it every time you visit the app.
This policy will take effect on November 30, 2020.