ARIN m.h.c

Website visitors can use all services except individual consultation service without membership.

(1) Personal information collected

1) After Service, Project Request - (Required) Name, e-mail, company, address, mobile phone number

2) Information automatically generated during the process of using the services - Service usage history, IP address, cookies, date of visit, abnormal usage record, device information (OS version, unique device identifier), ADID, IDFA

3) When providing customer dispute processing and customer service - Content and detail of the customer service

(2) Purpose of using the collected personal information

1) Personal identification - Name, e-mail, password, mobile phone number

2) Contact and notification for providing services and processing customer claims - Name, e-mail, mobile phone number

3) Prevention of fraudulent use, prevention of unauthorized use, preservation of record for dispute resolution, customer dispute resolution and other customer services, etc. Service usage history, IP address, cookies, abnormal usage record, device information (OS version, unique device identifier), content of customer service

In accordance with the Company's internal policies, if you have been informed in advance and agreed to by the user or otherwise specified in a separate act, it will be kept safely during that period and never used for any other purpose.

(1) The way of keeping the information set forth in the intenal policy is as follow

1) The retention period is 3 years and can be deleted by user's request

(2) The information retained pursuant to the applicable laws is as follows..

1) Protection of Communications Secrets Act

• (Purpose) Provided when requested by law enforcement authority with a warrant
• (Collected Items) Log information, IP, etc.
• (Duration of Retention) 3 months

In principle, the personal information of the user is destroyed without delay if the purpose of using the personal information is achieved

A. Destruction procedure

The information collected through the reception of the inquiry is transferred to a separate DB after the completion of the purpose (separate paper box in the case of paper) and stored according to the internal policy and other relevant laws and regulations it is destroyed.
Personal information transferred to a separate DB is kept in accordance with relevant laws and is not used for any other purposes.

B. Destruction method

• Personal information stored in the form of electronic file is deleted irrecoverably in a secure manner.
• Personal information printed on paper is destroyed by shredding.

(1) As a general rule, the Company does not provide User’s personal information to third parties outside the purpose of collection and use of such personal information. However, when it is necessary to share User’s personal information with partnering business entities and other parties for the purpose of providing better service, the Company will seek User’s consent by notifying the User of the identity of the parties that will receive the information, purpose of providing the information, information to be provided, and period of use and retention. Also, personal information of User may be provided pursuant to a legal provision or upon a demand by law enforcement authority for law enforcement purposes in accordance with the procedure and method set forth by applicable laws.

(2) The Company does not use User’s personal information for any purpose other than delivering internet services provided by the Company and does not provide personal information to any third party without consent of User. When it is necessary to provide personal information, the Company will notify the User and obtain separate consent. However, the following exceptions apply.

• When it is deemed necessary to disclose personal information in order to take legal action against any person who violated the Company’s terms of use, harmed another person by using the services or engaged in unlawful activities against social order and customs;
• Pursuant to a legal provision, or when there is a demand by law enforcement authority for law enforcement purposes in accordance with the procedure and method set by applicable laws; and
• When information is provided in de-identified form for the purpose of producing statistical data, conducting academic studies or market researches, providing information or sending out instruction emails for public announcement.

The Company handles certain tasks required for providing services to Users by outsourcing part of such tasks to third-party service providers.

When the Company outsources such tasks, the Company identifies the obligation to comply with the laws pertaining to the protection of personal information, maintenance of confidentiality of personal information, prohibition of sharing the information with third parties, period of outsourcing, and the obligation to destroy personal information after completion of the task, and the Company provides management and supervision to ensure compliance.

For improved services and effective handling of the tasks, the Company outsources the processing of personal information as follows.

ARIN m.h.c continuously supervises and manages the third-party service providers to securely process the outsourced personal information and ensures that the third-party service providers immediately destroy the personal information in their possession upon completion of the outsourced tasks.

The Company may provide User with a link to website or certain material provided by another company. Because the Company does not have any control over third-party websites or materials provided therein when the Company provides the User with a link to website or material of another company, the Company cannot warrant or take responsibility for the validity of the services or materials provided through such website or material. When you move to a third-party website by clicking a link included on the Company’s website, please review the terms and conditions of the third-party website since the privacy policy of such third-party website has no relation to the Company.

User and the User’s legal guardian may exercise the following rights.

(1) User and the User’s legal guardian may view or change the registered personal information of the User at any time and may refuse to give consent or request termination if the User does not consent to the Company’s processing of personal information. However, if User revokes consent to the processing of personal information, use of the services may be inevitably restricted in part or in whole.

(2) Personal information modification and receipt deletion (withdrawal of consent) is available as follows.

- If you contact the person in charge of privacy who is disclosing through personal information processing policy in writing or by phone, we will take action without delay.

(3) Or, you may contact the Privacy Officer in writing or by phone as disclosed in this Privacy Policy, and we will take necessary actions without delay.

(4) When User requests correction of error in personal information, the personal information is not used or provided until such correction is completed. Also, when incorrect personal information has been provided to a third party, the Company will complete the correction process by notifying the third party of the result of such correction without delay.

(5) The Company processes any information terminated or deleted by the request of User in accordance with the terms set forth in “retention and usage period” of personal information collected by the Company and takes measures to prevent such personal information from being viewed or used.

(6) Only those who are 14 years of age or older are eligible for membership registration, and as a general rule, the Company does not collect personal information of children under 14 years of age for whom legal guardian’s consent is required for collection/use of personal information.

(1) User has obligation to protect his or her own personal information, and the Company takes no responsibility for the issues arising out of leakage of personal information due to User’s negligence.

(2) User should provide accurate and up-to-date personal information. The liability for any problem caused by User’s providing inaccurate information is upon the User, User registers as a member or uses services by misappropriating another person’s personal information, the User may lose the membership status and be punished by applicable laws pertaining to personal information.

(3) Together with the right to be protected of personal information, User also has the obligation to protect oneself and not to infringe upon the information of another person. You should take cautions so that your personal information is not leaked and also that you do not infringe upon personal information of other persons, including web postings.

(4) User must comply with the “Act on Promotion of Information and Communications Network Utilization and Information Protection,” “Personal Information Protection Act,” and other laws pertaining to personal information.

Following are the items related to the installation, operation, and refusal regarding automatic personal information collection system.

The Company utilizes cookies, which frequently saves and finds User’s information. A cookie is a very small text file sent by the website to the User’s browser and stored in the User’s hard disk.

(1) Purpose of using cookies

• Cookies are used in order to provide customized services to individuals, by analyzing frequency and time of visit by members and non-members, patterns of use and field of interest, tracking online traces, number of visits and such others.

• User has the right to accept or refuse installation of cookies and may at any time choose to refuse or delete the storage of cookies.

• User may choose options available on web browsers to (i) allow all cookies, (ii) check whenever cookies are stored, or (iii) block storage of all cookies. Since each web browser has different mechanisms for setting cookies, please refer to the instruction for each web browser for further details.

• Internet Explorer: Tools > Internet Options > Privacy tab > Select a setting for the Internet zone
• Chrome: Settings > Advanced > Under “Privacy and Security,” click Content Settings > Select the desired level of cookies
• Firefox: Options > Privacy > History - Select “Use custom settings for history” > Select the desired level of cookies
• Safari: Preferences > Privacy tab > Select a “Cookies and website data” option

• How to disable AdID/IDFA

• ios: Settings > Advertising > Switch on “Limit Ad Tracking”
• Android: Settings > Google (Google Settings) > Ads > Opt out of interest-based ads

• However, when storage of cookies is blocked, use of certain services such as personally customized services may become difficult.

The Company strives to protect information by preparing technological/managerial safeguards in processing Users’ personal information.

The Company implements the following technological/managerial safeguards in order to ensure security in processing the personal information of Users and prevent loss, theft, leakage, alteration or contamination of personal information.

(1) Encryption of passwords

• User passwords are stored and managed after one-way encryption, and only the owner of the personal information who knows the password may view or change the information. Therefore, please take extra care so that your password is not disclosed to any other person.

(2) Anti-hacking measures

• The Company operates systems to detect and block intrusion 24 hours a day to prevent loss, theft, leakage, alteration or contamination of Users’ personal information through intrusion into the information communication network of the Company such as hacking or viruses, and such intrusion detection and blocking systems are operated with double-layered structure in case of any emergency situation.

• Important data are backed up on regular basis preparing for the case personal information is damaged, and the Company strives to prevent leakage of personal information or other important data using antivirus software.

• Sensitive personal information is encrypted in the process of being transmitted over the information communication network to ensure secure transmission of the personal information.

• The Company continues to ensure data security in other ways such as adopting security systems and expanding professional work force in this field.

(3) Minimization and regular training of personal information managers

• The Company minimizes the number of persons managing personal information by limiting personal information management task only to the necessary personnel; when there is any HR change such as termination or transfer of positions, the Company restricts access to personal information through adjustment or termination of the relevant authority without delay.

• The Company makes its best efforts by conducting trainings for personal information managers on regular basis to raise awareness of the importance of the protection of personal information and to ensure that the information is securely managed.

The Company has designated Privacy Officer and the department in charge of the protection of personal information in order to handle claims regarding personal information of Users.

(1) For any claims related to personal information that may arise while using the services, please contact the Privacy Officer or the department in charge of personal information. The Company will swiftly respond to such inquiries.

(2) If any other reporting or consultation is required regarding infringement of personal information, please contact the following organizations.

• Personal Information Infringement Reporting Center (http://privacy.kisa.or.kr / 118 with no preceding numbers)

• Supreme Prosecutor’s Office Cyber Security Center (http://www.spo.go.kr / 1301 with no preceding numbers)

• National Police Agency Cyber Security Bureau (http://cyberbureau.police.go.kr/index.do / 182 with no preceding numbers)

• Electronic Transactions Dispute Resolution Commission (https://www.ecmc.or.kr / 1661-5714)

The current Privacy Policy may be revised according to the government policy or the need of the Company. When there is any addition, deletion or modification of the content, notice will be provided through the homepage or email in advance at least 7 days prior to the effective date that the Policy as amended will take effect 7 days from the date of notification. If any material term (i.e., the purpose of collection and use of personal information, the third party to which personal information will be provided, etc.) is added, deleted or revised, such addition, deletion or revision will be notified in advance at least 30 days prior to the effective date that the Policy as amended will take effect 30 days from the date of notification. Also, the Company will seek separate consent from User in accordance with applicable laws for any addition or modification of the content pertaining to the items that require separate consent, such as collection and use of personal information and sharing of the information with third parties, pursuant to the applicable laws such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

Effective date: OCT 26, 2020