{{lang.privacy_policy}}

[COMPANY] (hereinafter referred to as the “Company”) respects privacy of individual users (“User”) and is committed to protecting it through the Company’s compliance with this Privacy Policy (hereinafter referred to as this “Policy”). This Policy is applicable to personal information collected in [SERVICE NAME] services (“Service”) operated by the Company. \n
\n
The Company is the controller of the personal information provided by a User or collected from a User. This Policy describes the types of personal information the Company may collect from a User or that User may provide, and the Company’s practices and purpose for collecting, using, maintaining, protecting, and disclosing the personal information. The Company endeavors to process user’s personal information in compliance with the European Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation or “GDPR”), and with the Korean Personal Information Protection Act (“PIPA”) and any other applicable data protection law.\n
\n
This Policy shall take effect on [2020.12.24] and, in case of modification thereof, the Company will make public notice of it by posting them on the Company’s Service or by using other methods (via text, e-mail, messenger or pop-up screen requesting acceptance at the time of a sign-in). \n
\n
Terms used in this Privacy Policy shall have the meaning set forth in the relevant laws and regulations and the Company's terms and conditions; other matters shall be subject to general commercial practice.\n
\n
1.	PERSONAL INFORMATION TO BE COLLECTED \n
\n
 (1)	Personal information provided by Users or third-party service provider\n
\n
The Company may receive the following personal information from Users upon registration, or from third party service providers upon User’s consent:\n
\n

	

	    
Required Information
	    
Upon registration: Email address, password, User’s ID, date of birth, mobile phone number, profile picture
	
	

	    
Optional Information
	    
Name, sex, resident registration number, electronic wallet address
	

\n
 (2)	Personal information collected while User’s use of Service \n
\n
Besides the personal information directly provided by the Users, the Company may also collect the following personal information that are automatically created during a User’s use of the Service: \n
\n
	IP address, cookie, MAC address, equipment information, operation system, hardware information, language settings of equipment, country setting, access records, log data, use time, use and faults records\n
\n
 (3)	Personal Information provided by Users during customer service\n
\n
	Name, ID, mobile phone number  \n
\n
 (4)	Sensitive Personal Information\n
\n
The Company does not collect any sensitive personal information about Users (this includes details about a User’s race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about health, and genetic and biometric data). Nor does the Company collect any information about criminal convictions and offences.\n
\n
2.	USE OF COLLECTED PERSONAL INFORMATION \n
\n
The Company uses the collected personal information of Users for the following purposes: \n
\n
 (1)	User registration, identification and management; \n
 (2)	To provide the Company’s Services; \n
 (3)	To provide marketing and advertising information in accordance with applicable laws; \n
 (4)	To analyze the effects of Services; \n
 (5)	To calculate and claim fees for the Services; \n
 (6)	To respond to User’s requests, make announcements, and provide customer services; \n
 (7)	To pursue legitimate interest of the Company, except where such interests are overridden by the interests or fundamental rights and freedoms of the Users; and\n
 (8)	To use personal information with prior consent of the Users.\n
\n
The Company agrees that it will obtain consent from each User, if the Company desires to use the personal information for any purposes other than those expressly stated in this Policy.\n
\n
3.	RETENTION PERIOD OF PERSONAL INFORMATION \n
\n
In principle, the Company destructs personal information of Users without delay when: the purpose of its collection and use has been achieved; a User withdraws from the Website; the legal or management needs are satisfied; or receipt of Users’ request. However, the Company will retain the following information for the duration as set forth below, as required by relevant laws and regulations:\n
\n
 (1)	Log record of Users such as internet/data detecting the place of User connection: 3 months (The Protection of Communications Secrets Act)\n
 (2)	Record regarding contract or withdrawal of subscription in case of electronic commerce: 5 years (The Act on Consumer Protection in Electronic Commerce) \n
 (3)	Record on payment and supply of goods in case of electronic commerce: 5 years (The Act on Consumer Protection in Electronic Commerce) \n
 (4)	Record on consumer complaint or dispute treatment in case of electronic commerce: 3 years (The Act on Consumer Protection in Electronic Commerce) \n
 (5)	Record on electronic financial transaction: 5 years (Electronic Financial Transactions Act)  \n
\n
4.	DISCLOSURE AND CONSIGNMENT OF PERSONAL INFORMATION \n
\n
 (1)	Disclosure of personal information to a third party \n
\n
The Company will process a User’s personal information only for the purpose set forth in Article 3 above and shall disclose personal information to a third party only if the User consents to such disclosure or such disclosure is required by laws. \n
\n
 (2)	Consignment of personal information\n
\n
To provide the Services, the Company may consign an external professional company or companies (subcontractors) to process personal information as described in this Article 4. This consigned processing of personal information is carried out by each subcontractor, only if necessary to obtain such processing services. \n
In consigning process of personal information, in order to protect the personal information, the Company will expressly state in its agreement with the subcontractors that those subcontractors will safely process and protect personal information in accordance with the applicable laws and regulations. \n
In case any of the below subcontractors are changed, the Company will immediately announce the change by amending this Policy. \n
\n
  (a)	To send text messages: \n

	

		
Name of subcontractor
		

	
	

	    
Contact Information
	    

	
	

	    
Purpose and Description of consigned works
	    
To send text messages for identification purposes when a User registers at the Services
	
	

	    
Provided items
	    

	
	

	    
Date of data provision
	    
When personal information is collected
	
	

	    
Method of provision
	    

	
	

	    
Term of Data Usage
	    
Until expiration of Service
	

\n
  (b)	To provide payment gateway services:
  

	

		
Name of subcontractor
		

	
	

	    
Contact Information
	    

	
	

	    
Purpose and Description of consigned works
	    
To provide payment gateway services
	
	

	    
Provided items
	    

	
	

	    
Date of data provision
	    
When personal information is collected
	
	

	    
Method of provision
	    

	
	

	    
Term of Data Usage
	    
Until expiration of Service
	

\n
5.	USER’S RIGHTS\n
\n
The Users or their legal representatives, as main agents of the personal information, may exercise the following rights regarding the collection, use and sharing of personal information by the Company: \n
•	Request access to personal information; \n
•	Request corrections or erasure of personal information; \n
•	Users and legal representatives may access and correct their registered personal information at any time. \n
•	Object to processing of personal information or request temporary suspension or restriction of processing personal information; \n
•	Request transfer of personal information; \n
•	Request information, in case of automated decision-making processes, of the logic underlying the system and the importance and consequences envisaged by the processing for the User concerned; or\n
•	Withdraw consent. \n
\n
If a User contacts the Company (or personal information manager or a deputy) via electronic mail or telephone in order to exercise any of the above rights as a User, the Company will take measures without delay; provided that the Company may reject a User’s request only to the extent that there exists either a proper cause as prescribed in the laws or an equivalent cause.\n
User’s withdrawal of consent will not affect the lawfulness of any processing carried out before such withdrawal of consent. If a User withdraws consent, the Company may not be able to provide certain products or services to such User. The Company will advise that User if this is the case at the time he or she withdraws consent.\n
Users have right to file complaints with supervisory authority. The Company requests such Users to contact the Company before submitting any complaints with the said supervisory authority to seek a mutually acceptable solution.\n
It is important that personal information the Company holds about a User is accurate and current. Users shall keep the Company informed if any of the User’s personal information changes.\n
\n
6.	User’s Obligation. \n
\n
 (1)	User shall also ensure that their personal information is secure. Users shall protect personal information by choosing sufficiently strong password and keep his or her credentials and password confidential at all times. A User has obligation to not infringe a third party’s personal information. A User shall refrain from disclosing his or her personal information such as password, and from damaging a third party’s personal information or privacy. \n
 (2)	It is important that the personal information the Company holds about a User is accurate and current. User shall inform the Company if his or her personal information changes during his or her use of the Services.\n
\n
7.	Procedure and method of destruction of personal information \n
\n
In principle, the Company destructs the personal information immediately after the Company has achieved the purpose of its collection and use, and the period for retention described in Article 3 is expired without delay. \n
If any personal information is to be retained as required by relevant laws and regulations, the Company will retain it at a separate database for the duration as required by those laws and regulations before destruction and, in such event, the personal information which is stored and managed separately will not be used for other purposes. \n
The Company destructs personal information as follows: \n
\n
 (1)	Process of destruction \n
\n
After the purpose is achieved, the personal information provided by the User for registration for the Company’s services will be transferred to a separate database or storage location and stored for the duration as required by the Company’s internal policy or applicable laws to protect the information (please refer to the period for retention and use of personal information) before destruction. Personal information stored as set forth above will not be used for any purpose other than the specified purpose. The Company will select personal information that are subject to destruction and destroy after obtaining approval from data protection officer of the Company. \n
\n
 (2)	Method of destruction \n
\n
The Company destroys hard copies of personal information by shredding with a shredder or incinerating it; and delete personal information stored in the form of electronic file by using method to make that personal information cannot be restored.\n
\n
8.	Measures to protect personal information\n
\n
In order to prevent the loss, theft, unauthorized disclosure, leakage, alteration or damage of personal information of the Users, the Company has implemented system of protection. Such measures include technical and managerial measures for security as follows:\n
\n
 (1)	Technical Measures \n
  (a)	Protect personal information with passwords\n
  (b)	Preventive measures against data leakage due to hacking and computer virus\n
  (c)	Encrypt and pseudonymize certain personal information\n
  (d)	Transmit personal information using security servers\n
 (2)	Managerial Measures\n
  (a)	Appoint a person in charge of protecting personal information to limit access to personal information \n
  (b)	Provide education and training for the person in charge on a regular basis to ensure compliance with the Company’s Policy  \n
  (c)	Ensure that the Company and its personnel are in compliance with the Policy, and promptly correct any non-compliance.\n
\n
9.	Cookies and Similar Technologies \n
\n
 (1)	The Company may collect collective and impersonal information through “cookies.” Cookies are very small text files to be sent to the storage device of the Users from the server used for operation of the Service. \n
 (2)	Cookies are transferred in a format that is only readable on the website server, and will be stored under a directory of a browser used by the User. When cookies cannot be used, such as in a mobile application setting, any other technology that could perform similar functions as a cookie (e.g., advertising identifier) may be used. \n
\n
	Purpose of using cookies: To improve security management and Services by analyzing User’s frequency and visit time, detecting a User’s usage patterns, tracking usage traces, and identifying number of visits. \n
\n
 (3)	The Users have an option for cookie installation. Users may either allow all cookies by setting option in web browser, make each cookie checked whenever it is saved, or refuse all cookies to be saved; provided that, if a User rejects the installation of cookies, it may be difficult for such User to use services provided by the Company in whole or in part which requires signing in.\n
 (4)	The Company improves User experience and efficiency of its Services through non-personal identification information. \n
\n
10.	Contact Information\n
\n
 (1)	The Company has designated the following data protection officer who will oversee processing of personal information and handling of any complaints and damages relief of a data subject in relation to personal information: \n
\n
Data Protection Officer \n
Name: David Oh\n
Position: Product Manager\n
Email: david@handypick.io\n
\n
 (2)	Please contact the Company by contacting the data protection officer above or the department in charge of privacy protection should you have any queries in respect to this policy or wish to update your personal information. \n
\n
11.	Modification of Privacy Policy \n
\n
The Company has the right to amend or modify this Policy from time to time and, in such case, the Company will make a public notice of it through the “Notice” of the Service by at least seven (7) days prior to implementing such modifications. \n
\n
12.	Miscellaneous \n
\n
This Policy will not be applicable to the collection and processing of personal information performed by third party service providers, such as any websites that are linked at the Service. \n
\n
The latest update date: [2020.12.24] \n

주식회사 핸디랩스 (이하 ‘회사’라 한다)는 관련 법령에 따라 정보주체의 개인정보를 보호하고 이와 관련한 고충을 신속하고 원활하게 처리할 수 있도록 하기 위하여 다음과 같이 개인정보 처리방침을 수립·공개합니다. \n
\n
제1조(개인정보의 처리목적) \n
회사는 다음의 목적을 위하여 개인정보를 처리합니다. \n
 1.	회원 가입 및 관리\n
 2.	회사 서비스 제공\n
 3.	마케팅 및 광고에 활용\n
 4.	서비스 효과 분석\n
 5.	서비스 제공에 따른 요금정산 및 추심\n
 6.	문의사항 및 고충처리, 공지사항 전달\n
\n
제2조(처리하는 개인정보 항목 및 수집방법) \n
회사는 다음의 개인정보 항목을 처리하고 있습니다. \n
 1.	정보주체가 회원 가입시 입력 또는 정보주체의 동의로 제3자로부터 제공받음\n
\n

	

	    
필수항목
	    
회원 가입 시 입력: 이메일(회원ID), 비밀번호, 닉네임
	
	

	    
선택항목
	    
성명, 성별, 주민등록번호, 전자지갑 주소정보, 생년월일, 휴대폰 전화번호, 사진
	

\n
 2.	서비스 이용과정에서 아래 개인정보 항목이 자동으로 생성되어 수집: IP주소, 쿠키, MAC주소, 서비스 이용기록, 방문기록, 접속 로그, 결제 기록 불량 이용기록, 게임 성공 실패 기록, 토큰 수령 기록\n
 3.	고충처리 과정에서 정보주체로부터 수집: 이름, ID, 휴대전화번호\n
\n
제3조(개인정보의 처리 및 보유기간) \n
회사는 회원의 탈퇴 시 회원의 개인정보를 즉시 파기합니다. 다만, 다음의 사유에 해당하는 경우에는 해당 기간 종료시까지 보존합니다.\n
 1.	서비스 이용 관련 개인정보(로그인기록)보존 근거 : 통신비밀보호법 보존 기간 : 3개월\n
 2.	계약 또는 청약철회 등에 관한 기록 보존 근거 : 전자상거래 등에서의 소비자보호에 관한 법률상 보존 기간 : 5년\n
 3.	대금결제 및 재화 등의 공급에 관한 기록 보존 근거 : 전자상거래 등에서의 소비자보호에 관한 법률상 보존 기간 : 5년\n
 4.	소비자의 불만 또는 분쟁처리에 관한 기록 보존 근거 : 전자상거래 등에서의 소비자보호에 관한 법률상 보존 기간 : 3년\n
 5.	전자금융 거래에 관한 기록 보존 근거 : 전자금융거래법상 보존 기간 : 5년\n
\n
제4조(개인정보의 제3자 제공)  \n
회사는 정보주체의 개인정보를 제1조(개인정보의 처리 목적)에서 명시한 범위 내에서만 처리하며, 정보주체의 동의를 받거나 법률의 특별한 규정이 있는 경우에만 개인정보를 제3자에게 제공합니다.\n
\n
제5조(개인정보처리의 위탁) \n
회사는 원활한 개인정보 업무처리를 위하여 다음과 같이 개인정보 처리업무를 위탁하고 있습니다.\n
 1.	문자메시지 발송\n
  ■	위탁받는 자 (수탁자) : [구글] \n
  ■	위탁하는 업무의 내용 : 회원가입 후 추가 본인인증 시 문자메시지 발송\n
  ■	위탁기간: 서비스 종료시까지\n
\n
제6조(정보주체의 권리․의무 및 행사방법) \n
① 정보주체는 회사에 대해 언제든지 다음 각 호의 개인정보 보호 관련 권리를 행사할 수 있습니다. \n
 1.	개인정보 열람요구\n
 2.	오류 등이 있을 경우 정정 요구\n
 3.	삭제요구 \n
 4.	처리정지 요구 \n
② 제1항에 따른 권리 행사는 회사에 대해 서면, 전화, 전자우편을 통하여 하실 수 있으며, 회사는 이에 대해 지체없이 조치하겠습니다. \n
③ 정보주체가 개인정보의 오류 등에 대한 정정 또는 삭제를 요구한 경우에는 회사는 정정 또는 삭제를 완료할 때까지 당해 개인정보를 이용하거나 제공하지 않습니다. \n
④ 제1항에 따른 권리 행사는 정보주체의 법정대리인이나 위임을 받은 자 등 대리인을 통하여 하실 수 있습니다. 이 경우 회사에 위임장을 제출하셔야 합니다. \n
⑤ 정보주체는 개인정보 보호법 등 관계법령을 위반하여 회사가 처리하고 있는 정보주체 본인이나 타인의 개인정보 및 사생활을 침해하여서는 아니됩니다. \n
\n
제7조(개인정보의 파기) \n
① 회사는 개인정보 보유기간의 경과, 처리목적 달성 등 개인정보가 불필요하게 되었을 때에는 지체없이 해당 개인정보를 파기합니다. \n
② 정보주체로부터 동의 받은 개인정보 보유기간이 경과하거나 처리목적이 달성되었음에도 불구하고 제3조에 기재된 법령에 따라 개인정보를 계속 보존하여야 하는 경우에는, 해당 개인정보를 별도의 데이터베이스(DB)로 옮기거나 보관장소를 달리하여 보존합니다. \n
③ 개인정보 파기의 절차 및 방법은 다음과 같습니다. \n
 1. 파기절차 : 회사는 파기 사유가 발생한 개인정보를 선정하고, 회사의 개인정보 보호책임자의 승인을 받아 개인정보를 파기합니다. \n
 2. 파기방법 : 회사는 전자적 파일 형태로 기록저장된 개인정보는 기록을 재생할 수 없도록 기술적 방법을 이용하여 파기하며, 종이 문서에 기록저장된 개인정보는 분쇄기로 분쇄하거나 소각하여 파기합니다. \n
\n
제8조(개인정보의 안전성 확보조치) \n
회사는 개인정보의 안전성 확보를 위해 다음과 같은 조치를 취하고 있습니다. \n
 1. 기술적 조치 : 회원의 개인정보는 비밀번호에 의해 보호되며, 중요한 데이터는 파일 및 전송 데이터를 암호화하거나 파일 잠금 기능을 사용하는 등의 별도 보안기능을 통해 보호하고 있습니다.\n
 2. 관리적 조치 : 개인정보관련 취급 직원은 담당자에 한정시켜 최소화 하고 개인정보보호 의무에 관해 정기적인 교육을 실시하며 접근 권한을 관리하는 등 관리적 대책을 시행하고 있습니다. \n
\n
제9조(개인정보 자동 수집 장치의 설치∙운영 및 거부에 관한 사항) \n
① 회사는 이용자에게 개별적인 맞춤서비스를 제공하기 위해 이용정보를 저장하고 수시로 불러오는 ‘쿠키(cookie)’를 사용합니다.\n
② 쿠키는 웹사이트 등을 운영하는데 이용되는 서버가 이용자의 모바일 기기에게 보내는 소량의 정보이며 이용자들의 모바일 기기내 저장공간 등에 저장되기도 합니다.\n
 1. 쿠키의 사용목적: 이용자의 접속 빈도나 방문 시간 등을 분석, 이용자의 서비스 사용 패턴 파악 및 자취 추적, 각종 방문 횟수 파악 등을 통해 보안 관리 및 서비스 이용 개선에 이용\n
 2. 쿠키의 설치∙운영 및 거부 : 서비스 이용자는 쿠키 설치에 대한 선택권을 가지고 있습니다. 따라서, 이용자는 모바일기기에서 옵션을 설정함으로써 모든 쿠키를 허용하거나, 쿠키가 저장될 때마다 확인을 거치거나, 아니면 모든 쿠키의 저장을 거부할 수 있습니다.\n
 3. 쿠키 저장을 거부할 경우 맞춤형 서비스 이용에 어려움이 발생할 수 있습니다.\n
③ 회사는 비개인식별정보를 통해 서비스 효율성을 제고하고 사용자 경험을 향상시키고 있습니다.\n
\n
제10조(개인정보 보호책임자) \n
① 회사는 개인정보 처리에 관한 업무를 총괄해서 책임지고, 개인정보 처리와 관련한 정보주체의 불만처리 및 피해구제 등을 위하여 아래와 같이 개인정보 보호책임자를 지정하고 있습니다. \n
\n
▶ 개인정보 보호책임자 \n
성명 : 오상엽	\n
직책 : 프로젝트 매니저\n
연락처 : 010-5628-1595\n
\n
② 정보주체께서는 회사의 서비스(또는 사업)을 이용하시면서 발생한 모든 개인정보 보호 관련 문의, 불만처리, 피해구제 등에 관한 사항을 개인정보 보호책임자 및 담당부서로 문의하실 수 있습니다. 회사는 정보주체의 문의에 대해 지체없이 답변 및 처리해드릴 것입니다. \n
\n
제11조(개인정보 처리방침의 적용일 및 변경) \n
이 개인정보처리방침은 시행일로부터 적용되며, 법령 및 방침에 따른 변경내용의 추가, 삭제 및 정정이 있는 경우에는 변경사항의 시행 7일 전부터 공지사항을 통하여 공지할 것입니다. \n