COLOSSEUM Co., Ltd. (hereinafter referred to as the 'company') complies with all private information protection related laws and regulations including 『Private information protection act』, 『Act on promotion of information and communications network utilization and information protection, etc.』 and protects private information of the user by establishing and complying with a separate Privacy Policy of the company. Further, the company discloses the Privacy Policy at the company’s homepage so that the user can read and understand it.
The company’s Privacy Policy is subject to change according to the change of the laws or notification or the change of the internal operation policy. If the Privacy Policy is changed, the changed matters shall be notified through the homepage.
When this Privacy Policy Applies
This Privacy Policy applies to our processing of your personal data in connection with your access to and use of our online services platform.
Important Terms
As used in this Privacy Policy:
“personal information”means any information that can be used to identify you, which may consist of information within the following categories: identifiers (e.g., name, email address, username), commercial information (e.g., records of product or service purchases, information concerning purchase histories), internet or other electronic network activity information (e.g., browsing and search history and information regarding interaction with a website), geolocation data, and professional or employment-related information; and
“processing” means anything we might do with respect to personal data, including collecting it, using it, disclosing it, and deleting it.
For the purpose of collecting and using personal information, it shall be used within the range notified, and if the range is exceeded or changed, the consent of the user shall be obtained in advance. The same applies to changes in the retention and usage period of personal information, provision to third parties, and changes in the contents at the time of outsourcing. All major changes shall be notified to the user and shall be consented by the method of internet site, written document, telephone, email, etc.
The company collects personal information by the following items and collection methods.
1. Collection items: ID and password, name, address, postal code, telephone number, mobile phone number, email address, country, business registration number, company name, bank account information, credit card information, bad usage record, access date and time, service usage record, PC IP and cookie
2. When registering as a member, the company presents the required fields and optional fields. The applicant for membership services must fill in the required fields to use the membership services provided by the company. However, even if the applicant does not enter this in the optional fields, there are no restrictions on the use of the membership service. The member who wishes to use the paid service must enter items such as bank account information and credit card information within the range necessary for payment of the usage fee, which is used for the purpose of payment of usage slips.
The company shall not use the entered information for any other purpose other than the purpose of publicizing it to the user in advance and shall not disclose it to the outside.
The purpose of collecting and using personal information collected by the company is as follows.
Identifiers:We use your identifiers for a few reasons. The main ones are (1) to onboard you onto the platform (i.e., getting you set up to use our services); (2) to authenticate your platform access; (3) to keep records of the transactions you manage through the platform; (4) billing you or your employer for services rendered; and (5) communicating with you concerning the platform and services (e.g., providing order updates, inventory status, etc.).
Internet / network activity information:We monitor internet and network activity to operate our service, understand user profiles of platform visitors, and analyze traffic to our platform for purposes of improving them. We may also use this information to deliver customized content and advertising within platform to customers whose behavior indicates that they are interested in a particular subject area.
We do not process personal data without a lawful basis for doing so. In most cases under this privacy policy, our processing is required to fulfill our contract with you that obligates us to provide our services. In some situations (mostly our recordkeeping and transactional communications), we process to serve our legitimate interest in maintaining our products and services and ensuring they are being used appropriately (e.g., for lawful reasons). Given the limited data collected from you and our limited processing of it, we do not view this processing as harmful to data subject rights or freedoms.
In principle, the company shall destroy the personal information without delay after the purpose of collecting and using it has been achieved.
However, the following information shall be retained during the specified period for the following reasons.
- Retention items: ID and password, name, date of birth, address, phone number, mobile phone number, email address, access date and time, service usage record, legal representative information, PC IP, other logistic information.
- Basis for retention: Purpose for consumer complaint and dispute resolution at the time of membership withdrawal: 90 days
Even if the purpose of collection or provision is achieved, if it is necessary to store it in accordance with the provisions of laws and regulations such as the act on the consumer protection in electronic commerce, etc., personal information protection act, commercial act, and framework act on national taxes, the personal information can be retained for a certain period of time.
In principle, the company does not provide the personal information of users to the outside. However, the following cases are exceptions.
1. When the user agrees in advance
2. When it is necessary for payment of charges associated with service provision
3. When it is based on the related laws and regulations such as the framework act on telecommunications and the telecommunications business act or there is a request from an investigative agency according to the procedures and methods specified in the laws and regulations for the purpose of investigation
4. Matters concerning the member's management of personal information
- The member can withdraw his/her consent to collect personal information by clicking "My Profile> Delete Account" on the company homepage or by writing, telephone, or email to the person in charge of personal information management. After confirming the identity of the person, the company shall take measures such as destroying the personal information unless the law provides different provisions. However, if personal information is destroyed due to withdrawal from the membership, the related information generated and accumulated by the member while using the company's services may be destroyed at the same time.
- The member can request viewing and correction of his/her personal information through the member information modification page on the company's homepage, in which case the company shall take necessary measures.
- If the member's agent requires viewing or correction by visiting in person, the company may check if the person is the true agent of the member, in which case the company can request to present an evidence of agent relationship.
- If there is a valid reason for refusing to view all or part of the personal information or request correction of the member's personal information, the company shall notify the member without delay and explain the reason.
- Since the change of required fields such as name, date of birth, email address, etc., provided by the member at time of subscription are matters that can cause service errors provided by the company, the company can request a separate procedure to the relevant member for the change of required fields of the member for smooth and stable services.
The company operates 'cookies (access information files)' that store and search for member information at any time in order to provide customized services for each member.
The company identifies the member's computer in connection with the operation of the cookies, but does not personally identify the member.
- The member has the right to choose "cookies". The member can allow all cookies, go through a confirmation each time a cookie is saved or refuse the save of all cookies by selecting [Tools]> ]Internet Option]> [Security]> [User Defined Level] in the web browser. However, if the member refuses to store all cookies, he/she is able to use the services provided by the company using cookies.
1. When processing the personal information of the member, the company takes technical measures to ensure safety so that the personal information may not be lost, stolen, leaked, altered or damaged.
2. The member's personal information is encrypted and can only be confirmed by the person himself/herself, and the personal information can be confirmed and changed only by the person himself/herself.
3. The company enables the secure transmission of personal information over the network through encrypted communication.
4. The company does its best to prevent the leakage or damage of member's personal information due to hacking or computer viruses.
5. The company regularly backs up personal information in case of emergency situation, and uses a vaccine program to take steps to prevent damage from computer viruses.
6. The company makes continual efforts to enhance security through measures such as access control to the system, authority management, and inspection of vulnerabilities.
7. The company limits the access authority to the member's personal information to the minimum number of people, and provides regular education to the staff who handle personal information.
8. The company confirms whether the department in charge of personal information protection business complies with the Privacy Policy and internal regulations, and makes efforts to correct any problems found immediately.
9. The company shall not be held responsible for any problems caused by leakage of personal information such as ID, password, date of birth, etc. due to negligence of the member or problems on the Internet.
1. The company shall destroy the user's personal information without delay when the purpose of use is achieved and the user's service cancellation request is made. However, this does not apply if it is necessary to save it according to the provisions of laws and regulations.
2. The company converts the user who does not use the services for one year into a dormant account according to the 'personal information validity period system' and stores personal information separately. The company informs the user of the fact that the member will be separately stored by 30 days before the conversion to dormant account, the scheduled dormant date, and the personal information items to be separately stored by email, SMS, App push, etc. However, if the information regarding the notification means is absent or incorrect, it shall be substituted with the contents of the Privacy Policy and destruction or separate store can be notified afterwards when logging in. Personal information stored separately shall be destroyed without delay after being stored for 4 years.
3. If the member does not wish to convert to a dormant account, the member needs to log in to the service before converting to a dormant account. In addition, even if the account is converted to a dormant account, when logging in, the dormant account can be restored and normal services can be used with the consent of the user.
4. In principle, the company destroys the personal information of the user in a way that cannot be reproduced once the retention period of the user's personal information has passed and the purpose of use is achieved. The electronic file format is safely deleted using a technical method that cannot be recovered or reproduced, and the printed personal information on paper is shredded or incinerated for destruction.
If there are any additions, deletions or amendments of the contents of the Privacy Policy due to changes in the legal policy or security technology, it shall be notified of the reason for the change and the content through the homepage or notified by e-mail before the changed Privacy Policy is implemented.
COLOSSEUM welcomes your questions or comments regarding this Privacy Policy. If you have questions concerning this Privacy Policy, if you believe that we has not adhered to this Privacy Policy, or if you wish to exercise one of your privacy rights, please contact at:
Address:
COLOSSEUM Co., Ltd.
415, Yeoksam-ro, Gangnam-gu, Seoul, Republic of Korea
E-mail:
support@colosseum.kr