Dunamu (hereinafter referred to as "the Company") has created and disclosed its privacy policy as described below (“Privacy Policy”) to protect the privacy of the User and address relevant issues in a prompt and seamless manner in accordance with Article 30 of the Personal Information Protection Act (PIPA).
The Company allows the User to access this Privacy Policy easily at any time by publishing it on the first landing page of the website.
This Privacy Policy is subject to change in accordance with relevant laws and the Company’s internal policy. In case of an amendment, the Company implements version control to ensure that amended provisions are easily distinguished.
1. Purposes of Collection and Use of Personal Information
The Company manages personal information collected for the following purposes:
|
Category |
Purposes |
|
Management of UDC program purchasers, participants and registrants |
- To manage program applications/purchases/reservations and handle changes/cancellations - To provide and manage application/purchase/reservation information about the UDC event - To ensure the smooth operations of the UDC event - To provide various information about the event |
|
Management of speaker applications and registrations |
- To manage speaker applications/registrations and handle changes/cancellations - To provide information about speaker application/registration and run relevant programs - To ensure the smooth operations of the UDC event |
|
Promotion of UDC events |
- To provide marketing information such as events, promotions and benefits related to the UDC event |
|
UDC raffle |
- To select winners and ship prizes and handle taxes and dues, where necessary. |
2. Period of Managing and Retaining Personal Information
The company uses the collected personal information within the period of retention in accordance with laws and regulations or within the period of retention agreed when collecting personal information from users.
Each period of use and retention of personal information is as follows
(1) Period of Use and Retention of Personal Information for operating UDC(Upbit Developer Conference)
|
Type |
Retention Period |
|
Management of UDC program purchasers, participants and registrants |
To be disposed of safely after the conference. |
|
Management of speaker applications and registrations |
To be disposed of safely after the conference, except for registered speaker’s name, organization, position and photo, which are to be disposed of upon the speaker’s withdrawal of consent |
|
Promotion of UDC events |
2 years |
|
UDC raffle |
To be disposed of safely after the event prize is provided. |
(2) Preservation by law in accordance with the provision of goods or services
Notwithstanding Paragraph 1, The information may be retained for longer periods as required by law.
|
Type |
Legal Ground |
Retention Period |
|
Records related to withdrawal of contract or subscription |
The Act on Consumer Protection in Electronic Commerce, ETC. |
5 years |
|
Record of payment and goods supply |
5 years |
|
|
Records of consumer complaints or disputes |
3 years |
|
|
User's
Internet log record |
The Communication Confidentiality Protection Act |
More than 3 months |
|
Payment of taxes and dues, processing records for cash receipts |
Framework Act on National Taxes |
5 years |
3. Provision of Personal Information to Third Parties
The Company does not disclose the User’s information to third parties, unless such disclosure is required by law.
4. Outsourcing of Personal Information Management
① The Company entrusts personal information to external contractors to allow them to perform some of the tasks necessary for the provision of services. It supervises and monitors entrusted parties to ensure their compliance with relevant law.
② The Company entrusts the handling of personal information to external contractors as follows:
|
External Professional Contractor |
Task |
|
INTERCOM Convention Services, Inc. |
Pre-event and on-site operation of the UDC |
|
amPR CO., Ltd. (Subcontractor of INTERCOM Convention Services) |
Send out event prizes |
|
Infobank Inc. |
Message service on event information of the UDC |
|
BIZTALK Co., Ltd |
Send notification talk(Kakao) |
|
KG INICIS Co., Ltd |
Payment gateway |
5. Overseas Transfer of Personal Information
The Company transfers personal information overseas as follows:
(1) Overseas contractors to process personal information
|
Entrusted contractors |
Purpose of entrustment |
Personal information to be entrusted |
Entrusted country, contact information |
Timing and method of entrustment |
Retention/use period |
|
Twilio Inc. |
Send information email |
Name, affiliation, phone number, email address |
USA, |
At the time of email communication and service use via a network |
30 days after an email is sent |
|
PayPal Pte. Ltd. |
Payment Gateway |
Purchase and payment information |
Singapore, paypal@generalagent.co.kr |
At the time of payment via a network |
Until the purpose of using the PayPal payment service is met |
6. Rights of Users and Legal Representatives and How to Exercise the Right ① The User can always exercise the right to request that the Company allow them access to their personal information retained, correct or delete it, or suspend its management, provided that the exercise of this right may be restricted in accordance with the provisions of relevant laws, including Article 35, Paragraph 4 and Article 37, Paragraph 2 of the PIPA.
② The User can exercise their rights through means such as paper document, email, and fax in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the PIPA, in which case the Company shall take prompt action.
③ The User may exercise the rights stipulated in Paragraph 1 through an agent such as a legal representative or a person who has been delegated to act on the User’s behalf, in which case a power of attorney shall be submitted in accordance with Form 11 of the Appendix of the Public Notice on the Management of Personal Information.
④ A request to correct or delete personal information shall not be accommodated if such personal information must be collected in accordance with other laws.
⑤ When there is a request to access, correct, delete, or suspend the management of personal information in accordance with the User’s rights, the Company shall verify if the requestor is the User or their authorized agent.
7. Personal Information Items Managed
① The Company processes the following personal information of the User when operating the Upbit Developer Conference (UDC) and providing relevant services:
(1) Types of Personal Information Items
|
Type |
Personal Information Items To Be Managed |
|
|
Management of UDC ticket purchaser and participants |
[Purchaser Information] Name(Eng), mobile phone number, email address, affiliation, password, payment information,
[Participant Information] Name(Eng), mobile phone number, email address, affiliation, password, payment information, (Optional items for participants information: position, organization, traffic source) |
|
|
Speaker Early online registration |
Name(Eng), mobile phone number, email address, nationality, organization, position, biography, company profile, profile image. |
|
|
Call for speakers |
Name(Eng), mobile phone number, email address, nation, affiliation, position, biography |
|
|
Information of speakers |
Name(Eng), mobile phone number, email address, nation, affiliation, position, biography, profile photo, Contact of speakers(person in charge and contact) |
|
|
Items generated and processed during service use |
Device information (OS, model name, carrier, device identification number, language information), IP address, service records, cookies |
|
|
UDC raffle |
Name,
mobile phone number, email address, address |
|
|
Event and promotional information notification (Option) |
Name, mobile phone number, email address, |
|
※ In principle, the company does not collect personal information if the user is under 14 years old.
② The Company may collect personal information and use it for the intended purpose of collection, in accordance with Article 15 (Collection and Use of Personal Information) of Personal Information Protection Act, where:
1. required by law or necessary to comply with legal obligations; or
2. necessary to enter into or perform a contract with the subject of information; or
3. deemed necessary for physical safety and property interests of the subject of information or a third person, as the subject of information or his/her legal representative cannot give prior consent because he/she is unable to express his/her intention or by reason of his/her unidentified address; or
4. necessary for a personal information manager to realize his/her legitimate interests, which explicitly takes precedence over the rights of the subject of information, provided that such information is substantially relevant to the personal information manager's legitimate interests and falls within the reasonable scope.
8. Procedures and Methods for the Destruction of Records Containing Personal Information
① The company shall destroy the information immediately after the purpose of collecting and using personal information is achieved.
② If personal information must be retained even after the retention period as agreed upon by the User expires or the purpose of management has been achieved, such personal information shall be transferred to a separate database or stored in another location.
③ Personal information shall be destroyed as follows:
(1) The personal information stored in the form of electronic files shall be deleted using a technical method that prevents the data to be recovered.
(2) the personal information printed on paper shall be shredded by a paper shredder or destroyed by incineration.
9. Measures to Ensure the Security of Personal Information
In accordance with Article 29 of the PIPA, the Company shall take managerial, technical, and physical measures which are necessary to ensure the security of personal information as stipulated in the following subparagraphs:
(1) Managerial measures
- Creation of internal management plans: The Company shall develop and implement internal plans to manage the personal information retained in a secure manner.
- Minimum staff to manage personal information and their training: The Company shall keep the size of the staff responsible for managing personal information to a minimum required for the work and instill the importance of personal information in them by taking managerial measures including the training of the staff .
(2) Technical measures
- Control of access to the personal information management system: The Company shall take measures necessary to control access to personal information by granting, modifying, or revoking access to the database system and shall use the intrusion prevention system to block unauthorized access from outside.
- Encryption of personal information: The Company shall use safe algorithms to encrypt personal information before storing and managing such information
- Technical measures against attacks such as hacking: The Company shall strive to prevent the User’s personal information from being leaked or compromised due to hacking or computer viruses. It shall back up data on a continued basis in response to the potential leakage or compromise of the User’s personal information and shall ensure personal information is transmitted securely on the network by leveraging encrypted communication etc.
(3) Physical measures
- The Company shall place its systems in a location which is not accessible by external entities to prevent the leakage or compromise of the User’s personal information and shall create and implement access control procedures.
10. Cookies And Other Tracking Technologies
We may also collect specific information through the use of "cookies" and other tracking technologies.
Cookies refer to a small packet of information sent to the User’s computer browser by the server which is used to manage the website (http).
(1) Purpose of Using Cookies
Cookies support more rapid web environments for users by storing users' preferred settings and are used for the improvement of services to allow for the more convenient use of Services. By doing so, cookies allow Users to use services more easily.
(1) Installation, Operation and Rejection of Cookies
Applicants / Users have an option to either install cookies, refuse to accept/store cookies or delete them at any time.
(2) How to block the storage of Cookies
Applicants / Users have an option to either install cookies, refuse to accept/store cookies or delete them at any time.
- Internet Explorer: Select Tool Menu > Select Internet Options > Click Personal Data Tab > Setting the Level of Handling Personal Data
- Chrome: Select Settings Menu > Privacy and security > Cookies and other site data > Set-Cookie Level
- Safari: Select Environmental Setting Menu > Click Personal Data Tab > Setting the Level of Cookie and Website Data
11. Management of Behavioral Information
① Behavioral information means the User’s online activity information which can help identify and analyze his/her interests, preferences and tendencies, such as history of website visits, purchases and searches.
② The Company processes behavioral information for product and service development, customer analysis and the provision of customized services tailored to the User’s behaviors.
(1) Behavioral information to be collected
§ The User’s activity information is collected, such as web service visits, usage records including searches/clicks, device information and IP addresses.
(2) Method of collection
§ Behavioral information is automatically generated and saved by Google Analytics when the User uses a service.
(3) Purpose of collection
§ Behavioral information is processed for the purpose of product and service development, statistical and customer analysis, service speed and quality improvement and the provision of customized services tailored to the User’s behaviors.
(4) Retention and use period
§ Behavioral information is retained for up to 26 months, after which it will be deleted without delay.
(5) How to exercise user control
§ The User may decline the use of his/her behavioral information by changing browser settings, including through declining to give consent for cookies.
§ e.g. Web browser: Tools > Internet Options > Privacy > Advanced > Block Cookies
§ How to disable Google Analytics
(6) How to file a user complaint
§ Contact: 1588-5682(Customer Service)
§ Email: udc_reg@upbit.com
12. Information on the Person in Charge of Personal Information Protection and the Customer Service Department
① In order to protect the personal information of the user and to deal with complaints related to personal information, the Company has designated the relevant department and the person in charge of personal information protection as follows.
(1) Person in Charge of Personal information Protection
|
Position |
Name |
Team in Charge |
Contact / Email |
|
Person in Charge of Personal information Protection |
SungBae Kim |
Information Security Team(Dunamu Inc.) |
1588-5682(Customer
Service) |
|
Personal information Protection Manager |
Taesung Park |
② The User may notify all personal information protection complaints that occur while using company's services to the person in charge of personal information protection or the relevant department. The company shall respond promptly to the users' complaints promptly.
13. Request to Access Own Personal Information
The User can make a request for accessing their personal information retained in accordance with Article 35 of the PIPA to the following team:
▶ Team responsible for receiving and processing requests for accessing personal information retained
ㆍTeam in charge: Operation Support Team
ㆍContact: 1588-5682(Customer Service)
ㆍEmail : udc_reg@upbit.com
14. Methods of Redressing Rights Violation
If you need to report or consult about other personal information infringement, please contact the following organizations.
ㆍPrivacy Infringement Reporting Center (privacy.kisa.or.kr / 118 without area code)
ㆍSupreme Prosecutor's Office (www.spo.go.kr / 1301 without area code)
ㆍNational Police Agency (cyberbureau.police.go.kr / 182 without area code)
ㆍPersonal Information Dispute Resolution Committee (www.kopico.go.kr / 1833-6972)
15. Responsibility of Links to Other Websites
The website may, from time to time, contain links to and from the websites of our partner networks, advertisers and Affiliates. Please note that the Company has no control over the external websites, so the Company cannot guarantee or be held responsible for the usefulness, authenticity, and legality of the service or data provided to the User through the external sites. Also, the privacy policies of the linked external websites are not relevant to the Company, so please check their policies.
16. Changes in Privacy Policy
In the event that the Company makes changes to the Privacy Policy, the Company shall notify the dates of change and implementation and revised provisions on a continued basis and show provisions before and after such revisions for easy comparison by the User.
Enforcement Date of Personal Information Management Policy V1.8: May 25, 2022
You can find the previous version of Privacy Policy by clicking the link below
Privacy Policy V1.7 (July 28, 2021 ~ May 17, 2022)
Privacy Policy V1.6 (July 1, 2021 ~ July 27, 2021)
Privacy Policy V1.5 (May 26, 2021 ~ June 30, 2021)
Privacy Policy V1.4 (Nov 27, 2020 ~ May 25, 2021)
Privacy Policy V1.3 (Nov 6, 2020 ~ Nov 26, 2020)
Privacy Policy V1.2 (May 22, 2019 ~ Nov 5, 2020)
Privacy Policy V1 (Apr 30, 2019 ~ May 21, 2019)