Windfall (hereinafter referred to as 'the Company') values your personal information and complies with the Act on Promotion of Information and Communications Network Utilization and Information Protection. Through this Privacy Policy, we inform you about how your personal information provided is used and protected, and what measures are taken to ensure its protection. If the Company revises the Privacy Policy, it will be announced through the website's notice section (or individual notice).
Article 1: Collection of Personal Information
- ① 1. The Company collects the following personal information for membership registration, consultation, service application, and other purposes.
- 1. Collected Items: Name, Date of Birth, Login ID, Password, Home Phone Number, Home Address, Mobile Phone Number, Email, Consent to Receive Emails
- 2. Method of Collection: Website (Website Membership Registration)
Article 2: Purpose of Collection and Use of Personal Information
- ① 1. The Company uses the collected personal information for the following purposes.
- 1. Fulfillment of service contracts and service provision, including billing and content delivery
- 2. Verification of identity for membership services, personal identification, prevention of fraudulent use by bad members, prevention of unauthorized use, confirmation of intention to join, age verification, confirmation of consent from legal representatives for children under 14, handling complaints and notifications
- 3. Utilization for marketing and advertising
Development and specialization of new services (products), delivery of promotional information about events, provision of services and advertisements based on demographic characteristics, tracking access frequency or statistics on service usage
- 4. Development and specialization of new services (products), delivery of promotional information about events, provision of services and advertisements based on demographic characteristics, tracking access frequency or statistics on service usage
Article 3: Retention and Use Period of Personal Information
- ① 1. The Company will destroy personal information without exception once the purpose of collection and use is achieved.
Article 4: Procedure and Method of Personal Information Destruction
- ① 1. The Company will destroy personal information as soon as the purpose of collection and use is achieved. The procedure and method of destruction are as follows:
- 1. Procedure of Destruction
: Information provided by users during registration will be transferred to a separate database (or separate file cabinet for paper documents) and will be stored for a certain period according to internal policies and relevant laws before destruction. Personal information transferred to the separate database will not be used for any purpose other than those specified by law.
- 2. Method of Destruction
: Personal information stored in electronic file formats will be deleted using technical methods that make the records unrecoverable.
Article 5: Provision of Personal Information
- ① The Company generally does not provide personal information to external parties. However, exceptions are made in the following cases
- 1. When users have given prior consent
- 2. When required by law or in accordance with procedures and methods specified by law for investigative purposes
Article 6: Outsourcing of Personal Information Processing
The Company outsources personal information processing for smooth business operations, such as customer service management and handling complaints. We ensure the protection of personal information by specifying compliance with personal information protection laws, prohibition of third-party provision, and liability in case of incidents in the outsourcing contract. We will notify you of any changes in the outsourced company through notices or the privacy policy screen.
Article 7: Rights of Users and Legal Representatives and How to Exercise Them
- ① Users and legal representatives may view or modify the personal information of themselves or children under 14 at any time and request membership withdrawal.
- ② To view or modify personal information, use the personal information change (or membership information modification) option, or to withdraw consent (membership cancellation), click on membership withdrawal and follow the verification process. Alternatively, contact the personal information management officer by written communication, phone, or email for prompt action.
- ③ The Company will not use or provide personal information pending correction if a user requests correction of erroneous information. If erroneous personal information has already been provided to a third party, the Company will promptly notify the third party of the correction results to ensure that the correction is made.
- ④ Personal information that has been deleted or terminated upon user or legal representative request will be processed in accordance with the retention and use period stated in the privacy policy, and will not be accessed or used for any other purposes.
Article 8: Installation, Operation, and Refusal of Automatic Collection Devices
- ① The Company does not operate devices that collect personal information automatically generated during internet service usage, such as cookies.
Article 9: Privacy-Related Complaints
- ① The Company has designated relevant departments and personal information management officers to protect personal information and handle privacy-related complaints as follows.
- • Personal Information Management Officer: [Name]
- • Phone Number: [Phone Number]
- • Email: [Email]
- ② 2. You may report any privacy-related complaints arising from the use of the Company's services to the personal information management officer or the relevant department. The Company will provide prompt and sufficient responses to user reports. For other privacy infringement reports or consultations, please contact the following institutions.
- • Personal Dispute Mediation Committee (privacy.kisa.or.kr / (No area code) 118)
- • Privacy Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533~4)
- • Supreme Prosecutors' Office Internet Crime Investigation Center (www.spp.go.kr / 02-3480-3573)
- • National Police Agency Cyber Terror Response Center (www.netan.go.kr / 1566-0112)
Personal Information Protection Officer
- Name: Kim Inhyeok
- Position: CEO
- Personal Information Protection Department
- Department Name: Design Team
- Email: info@windfallcreation.com