1. What Personal Information We
Collect
STARINDEX, Inc. (the “Company”)
collects and uses mandatory information only for the purposes of rendering
efficient management of membership, customer consulting service, and all types
of services. The Company also collects and uses optional information to provide
customized service, and other various services.
- Items of Information to be collected
- Mandatory Information(Upon signing up for
membership):
ID, name, email address, and some other information that the member
agrees to give it to the company - Optional Information (It will be collected
upon necessary, and the member may refuse to provide optional
information, but in such case, the member may be restricted from
accessing or using the services we provide.): Photo, residence,
self-introduction, occupation, cell-phone number, phone number (house),
facsimile number, external membership provider service ID, voucher
number, approval number, contact number and photo of a third person
stored in the mobile phone of a member - Following information may be automatically
created and collected in the course of rendering or accessing the service
we provide. Record on the use of the service, log file information (time
and date that the member visits web site), Cookies and IP address,
inappropriate using record, model and SN (Serial Number) of mobile phone,
and mobile phone carrier
- How to Collect Personal Information
We collect the member’s personal information through mobile phone
application and website, external membership provider service login,
written documents, facsimile, phone, use of service, feedback site and
email, subscription for event, tools gathering created information, and
change of membership information, etc. - Consent to Personal Information Collection
The member is considered to consent to this Privacy Policy and to give
personal information by signup and login[Consent] in ComeUp service. - The Company does not collect any sensitive
information that may infringe on the basic human rights (ethnic group,
ideology and creed, political bias and criminal record, health condition
and sexual life, etc.) of a member.
2. Purpose of Collection and Use
of Personal Information
The personal information
collected is used for the following purposes. Any and all information provided
by the member will not be used for any purpose other than the purposes
described below, and in case that the purposes are changed, the Company will
obtain the prior consent from the member.
- Provision of Service
Provision of contents and specific service on demand, delivery of products
or invoice, verification of identity, purchase and payment, collection of
fee - Membership Identification and Management
Confirmation and verification of identity, prevention of inappropriate use
and unauthorized use by bad user, confirmation of membership intent,
handling of customer complaint, and delivery of notice - Utilization for marketing and advertisement,
provision of customer information and personalized service in accordance
with the development of new service and special event, provision of
service in accordance with the demographic characteristics and publish of
advertisement, identifying the access frequency or compilation of
statistics on service use - Notification of information that a member
should know such as material changes and improvement of Company’s service,
and announcement of new service
3. Period for Retention and Use
of Personal Information
The Company will retain and use
the personal information of a member for the time span from the membership
application date to the termination date of membership. In case that a member
withdraws his/her consent for collection and use of personal information, or in
case that the Company fulfills the purposes outlined in this Privacy Policy and
that the retention period hereunder is expired, the concerned personal
information will be destroyed immediately. In such case, the personal
information may not be either inspected or used for any other purposes.
However, the following information will be retained for a specified time only
for the causes described below.
Items to be retained: any and all
records of membership register and its management including name, nickname, gender,
date of birth, residence, personal introduction and photo, statement of
settlement and purchase and records of fee-based commercial service.
Reasons for retention: prevention
of confusion or interference in using the service, cooperation with the relevant
authority which investigates the illegal user, and settlement of
debtor-creditor relations between the Company and the Member
Retention period: 1 year
If any personal information of a member is required to be retained under the
applicable laws and regulations, the Company will keep the information for a
certain period of time.
Record of
indication/advertisement: 6months (Act on the Consumer Protection in the
Electronic Commerce Transactions, etc.)
Records of contract or withdrawal of subscription: 5years (Act on the Consumer
Protection in the Electronic Commerce Transactions, etc.)
Records of payment and supply of goods: 5years (Act on the Consumer Protection
in the Electronic Commerce Transactions, etc.)
Records of consumer complaint or handling of disputes: 3 years (Act on the
Consumer Protection in the Electronic Commerce Transactions, etc.)
4. Procedures and Method of
Destruction of Personal Information
After fulfilling the purposes of
collection and use of the personal information, the member’s personal
information will be discarded, in principle. Any personal information stored in
electronic files will be discarded using technical methods preventing
restoration thereof and the personal information printed on paper will be
discarded by method of shredding or incineration.
5. Provision of Personal
Information to Third Person
Personal information of a member
will be used to the extent of being described in the “Purpose of Collection and
Use of Personal Information”, and it cannot be used for other purposes without
the prior consent of the member, and opened to the public, in principle. Any
personal information will not be divulged or disclosed to a third person,
corporate or organization without the consent of a member. However, in cases
falling under any of the following, the Company may use or provide the personal
information with caution:
- Where a member gives the prior consent for
disclosure. The member may refuse to consent but in such case, he/she may
be restricted in using the service. - Where the personal information is required
for the performance of any contract related to the provision of service,
but it is remarkably difficult to obtain normal consent due to
economic/technical reasons - Where it is required under the applicable
laws and regulations, or where it is required by the enforcement authority
in accordance with the statutory procedures for the purpose of
investigation - Where it is necessary for operation of new
service to be rendered by the Company - Where it is provided to sponsor, affiliate or
research institute, etc. in the form of non-identifiable information for
the purpose of compiling statistics, conducting academic research or
market research - Where it is requested in accordance with the
procedures defined in the applicable laws and regulations
However, even in
case that any personal information is provided pursuant to applicable laws and
regulation or at the request of enforcement authority, the Company should
notify the concerned member of the fact, in principle. However, legal issues
may force the Company to omit notification to the concerned member. The Company
will exert our best efforts to prevent the personal information from being
disclosed or provided indiscreetly contrary to the intended purposes of
collection and use.
Provided however, even though the Company collects information related to the
use pattern of the service of the user using Google Analytics and user analysis
service, the Company will not disclose the information gathered to third
parties.
6. Entrustment of Management of
Personal Information
The Company may entrust an
outside company with the management of some of the personal information for
smooth process, and upon executing the consignment agreement, the Company
should stipulate the provisions about purpose and scope of entrustment,
prevention from handling personal information for the purpose other than that
entrusted, restriction on sub-entrustment, management and supervision of
trustee, measures for security and responsibility in the document, and supervise
whether the trustee handles the personal information entrusted in safe ways.
7. Matters about Installation,
Operation and Denial of Device for Automatic Collection of Personal Information
The Company may operate ‘Cookies’
which stores and finds the member’s information from time to time in order to
personalized service to the member. Cookies are used to operate the web site
server sent to a member’s browser as a very small text file, which is stored on
a member’s computer hard disk. Company (s) use cookies for the following
purposes:
Company provides targeted marketing and personalized services through analysis
of the frequencies of access and visiting-hour of the member and non-member,
the user's tastes and interests and identification of various events such as
participation rate and number of visits. You have a choice in the placement of
Cookies. Thus, by setting your web browser options you may allow all Cookies,
or confirm each time Cookie is stored, or you can refuse all Cookies stored.
How to reject Cookies set:
For example, as methods to reject Cookies, by setting your web browser options
you may allow all Cookies, or confirm each time a Cookie is stored, or you can
refuse all Cookies stored.
How to set (Internet Explorer only):
Web browser at the top of the tools> Internet Options> Personal
Information
However, if you reject the placement of Cookies, it may be difficult to provide
services which require log-on.
8. How to Exercise the Rights of
User
The member reserves the rights to
access, correct and delete personal information and to request the company to
suspend the handling of the information at any time. Upon request of the
member, the Company manages the member’s request without delay. However, upon
request, the Company deletes the personal information in accordance with the
procedures and method described in Section 4 hereof.
9. Linked Sites
The service provided by the
Company may contain links to other company’s web sites or data. In such case,
the Company does not reserve any rights to control the external web sites and
data, and thus the Company should not be liable for or guarantee the utility of
the service or data provided by outside company. In particular, if the member
clicks on the links contained and transfers to other web site, the privacy
policy of the concerned web site will be applied.
10. Technical and Managerial
Measures to Protect the Personal Information
In handling the personal
information of a member, the Company applies the technical and managerial
measures as follows in order to prevent loss, stolen, divulge, falsification or
compromise and to secure the safety.
- Encryption of personal information: Personal
information of a member is protected by password, and important data is
encrypted or locked so that all the files and transferred data are not
read by other person. - Technical measures against hacking: The
Company operates system which blocks hacking and prevents personal
information from being leaked or compromised and the Company also installs
a system detecting external invasion and monitoring external access around
the clock. - Restriction on access to Personal Information
Management System: The Company takes any and all necessary measures to
control the access to the personal information by establishing criteria
regulating the grant of accessibility to, changes and cancellation of the
database system which is systematically composed to manage the personal
information, and operating the regulations on creation method of password
and cycle of its change. - Education of Personnel in charge of Personal
Information: The Company takes measures for efficient management of
accessibility by limiting the number of the personnel managing personal
information at the very least, providing training and education about
acquisition of new security technology and obligation to protect the
personal information on a regular basis and granting separate password to
the member. - Management of Personal ID and Password: ID
and password of a member is used only by the member in principle. The
Company shall not be liable for any damages incurred due to the member’s
negligence in connection with the leaks of personal information including
ID, password and email address and due to the inherent risks in Internet.
11. Civil Service about Personal
Information
The Company designates personal
information manager to protect customers' personal information and to handle
customer’s complaints regarding personal information.
The user may report any complaint related to Privacy Policy which occurs in the
course of using the Company’s service to the personal information manager, and
the Company will make prompt and sufficient response to the user’s complaint.
- Personal information manager
- Name: Wook Kim
- Phone number: +82.2.6243.0771
- Email address: cs@starindex.com
For report about
infringement on personal information or more consultation, please contact the
following agencies.
- Private Dispute Resolution Committee
(+82.1336) - Privacy Mark Certification Committee (+82.2.580.0533~
4) - Internet criminal investigation center of
Supreme Prosecutor Office (+82.2.3480.3600) - Cyber Terror Response Center of National
Police Agency (+82.2.392.0330)
12. Miscellaneous
If the Company makes additions,
deletions and changes to any terms or conditions of this Privacy Policy in
accordance with the laws/ policy or changes in the security technology, such
changes will be notified through a post through the service or email 7 days
prior to the implementation of new Privacy Policy.
Addendum
This Privacy Policy was enacted on June 15, 2015.