Heaventree Co., Ltd. Privacy Policy
Heaventree Co., Ltd. (hereinafter “we” or “the Company”) protects user’s personal information with great responsibility and is committed to protecting the user rights to control one’s own personal information according to the relevant laws and regulations (more specifically provided for in Article 3.3). We provide our Privacy Policy as below, which may be revised according to changes in applicable laws and regulations, our Terms of Service, or our internal policies. When the Privacy Policy is revised, we will notify of the change on our website. This Privacy Policy applies to the service provided by the Company.Article 1 Collecting personal information
1. What Personal Information We may collect
We will notify you and obtain your consent when we collect your personal information. The following personal information is collected when you sign up for our service.- When you create your account on our website, your user ID, password, name, email address, country, and how you found us (purchase information, payment information (nationality, card company name, card number, card expiration date, card security code (CSV, CVC), address, phone number, e-mail, etc.)
- When you contact our customer service, personal information may be collected through web pages, e-mail exchanges, fax, or phone calls.
- Other information such as your use of service record, server logs, IP address, cookies, device information, location information may be automatically created and collected while you use our Service.
- You may refuse to receive direct marketing communication and your personal information being collected for such purpose, and still use our Service. However, you may not be able to participate in events or receive information on certain subjects.
- Information related to a third-party authentication identity provider, such as Google Authenticator for managing your ability to log in and out may be automatically created and collected while you use our Service.
2. How We collect personal information
In case of collecting personal information, we inform the fact to you in advance and ask for you consent. Personal information is collected via the following methods:- When a user agrees to the collection of personal information and directly inputs information during membership registration and service use, the personal information is collected.
- During the consultation process through the customer center, personal information may be collected through web pages, e-mails, faxes, and phone calls.
- Personal information may be collected in writing or electronically in the process of participating in online and offline events, events, and seminars.
- IP address, cookies, access information (visit date, service use record, illegal use record), log, device information (OS, model, model name, screen size, device ID, etc.), location information, etc. It is collected in the course of use or is collected through tools provided and generated information from business partners.
Article 2 Use of personal information
Personal information is used for membership management, managing and improving our services, developing new service, and establishing a safe environment. Specifics are provided below:- Member registration, personal identification, identification/age confirmation, prevention of illegal use, customer consultation, dispute resolution, member management, etc.
- Payment, refund processing, etc. when you use paid services
- In addition to providing useful services to users, demographic analysis, analysis of visit dates and usage records to provide customized services based on personal information, interests, preferences, and dispositions and to improve services.
- Discovering new service elements that combine AI technology and cloud technology
- To restrict a user’s use of service when illegal act or breach of contract is involved and to prevent inappropriate use of service and theft of user account.
- To convey information such as notification of revision our Terms of Service, preserve records in case of a dispute resolution, and handle inquiries or complaints
- To deliver marketing communication such as event information and advertisement
- To establish and improve the service environment in terms of security, privacy and safety
Article 3 When We share your information
1. Principle
We only share your personal information within the scope outlined in this Privacy Policy, and generally do not provide personal information to a third party without your prior consent. However, there may be exceptions in the following cases.- In case we have an obligation to submit personal information in accordance with relevant laws
- To relive the user from an imminent danger
- When we already have your consent
2. Sharing your personal information outside of Heaventree
We’ll share personal information outside of Google when we have your consent. When we ask for your permission, you will first be notified of the name of the recipient, what personal information is provided, why the recipient is getting your information, and for how long the recipient will retain and use your personal information.3. Sharing your personal information with third-party service providers with prior consent
We provide the minimum amount of personal information to our affiliates and other trusted businesses or persons to process it for us, based on our instructions and in compliance with 「Personal Information Protection Act」, 「Act On Promotion Of Information And Communications Network Utilization And Information Protection」, 「Act On Promotion Of Information And Communications Network Utilization And Information Protection」 of Republic of Korea, our Privacy Policy and any other appropriate confidentiality and security measures.We provide personal information to a cloud service provider located overseas. The personal information is provided for the limited purpose of the services of storing and ensuring that we may access the personal information. The service provider only physically manages the server and cannot access users' personal information.
If you don’t want us to provide your personal information to such service provider, you can let us know through our Personal Information Protection Officer. In such case, your personal information will not be transmitted overseas. However, you may not be able to use some of the services that we provide.
| Name of the Recipient | Purpose | Storage Period |
|---|---|---|
| Amazon Web Services Korea Inc. |
Data storage and access | 1 year from the last service use date or membership cancellation date or other period according to the applicable law |
4. Notification of change
In the event that any of the information related to third-party service providers notified to you is changed, we will give you a notice through our website.Article 4 Destruction of personal information We hold
When the purpose of collecting and using your personal information is achieved, the company destroys it without delay. If any personal information is saved in an electronic file, it is safely deleted so that it cannot be recovered or reproduced. However, the following information is stored for the specified period of time for the given reasons.A. According to Our internal policy
We keep records of fraudulent or illegal use of service for up to one year.B. According to relevant laws and regulations
| Laws and Regulations | Items of Personal Information | Retained period |
|---|---|---|
| Act On the Consumer Protection In Electronic Commerce | Records of contract or subscription withdrawal | 5 years |
| Records of payment and supply of goods | 5 years | |
| Records of consumer complaints or dispute resolution | 3 years | |
| Records of advertisement | 6 months | |
| Framework Act on National Taxes | Books and supporting documents for all transactions required by tax laws | 5 years |
| Act on Reporting and Using Specified Financial Transaction Information | Identification confirmation information | 5 years |
| Electronic Financial Transactions Act | Records of electronic financial transactions | 5 years |
| Protection of Communications Secrets Act | visit history | 3 months |
Article 5 We use Cookies and you can Reject them
1. What are cookies?
Cookies are very small text files sent by the website server to the user's web browser when the user accesses the website and are stored in the user's PC.2. Purpose of using cookies
We use cookies to provide customized services. When you come back to our website, the website server reads the contents of the cookies stored in your PC and maintains environment settings. Cookies help the user use the website easily and conveniently by finding out the user's preferences. Also, they are used to provide customized marketing information by tracing your visit history and user patterns. Cookies are automatically deleted when you close your browser or sign out.3. Options regarding Cookies
You have the option to install cookies or not. Accordingly, you can accept or reject all cookies by adjusting the options in the web browser, or check each time a cookie is saved.[How to change cookies settings on your computer]
▪ For Chrome browsers
- Select [Settings] on the right side of the browser toolbar. => [Privacy and Security] on the left side of the screen. => “Cookies and other website data”▪ For Microsoft Edge
- Select [Settings] menu on the right side of the browser toolbar. => [Cookies and Site Permissions] on the left side of the screen. => 'Manage and delete your cookies and other website data’4. Restrictions on refusal to install cookies
If you refuse to install cookies, web use may become inconvenient and there may be difficulties in using some services that require login. In addition, some services provided by the company, such as personalized services, may be difficult to use.Article 6 Your Rights
We acknowledge and protect user rights as follows.- You can inquire or modify their personal information at any time.
- You can, at any time, withdraw your permission that allowed us to collect and use your personal information, and may request termination of membership.
- If a user requests correction of a personal information error, we will not use or convey that personal information until it is corrected. If incorrect personal information has already been provided to a third party, we will notify the third party of the result of the correction without delay.
Article 7 Personal Information Protection Efforts
We work hard to protect you and the Company from unauthorized access, alteration, disclosure, or destruction of information we hold. Here are some of the technical and administrative measures that we take:1. Your Personal Information is encrypted
We encrypt all personal information and safely stores and manages it. We use encryption to keep your sensitive data private while in transit.2. Separation of server and controlled access
We separate collected personal information from other company data, and save it in a different server. In addition, the computer room and data storage room are designated as special protection areas, and access is restricted except for authorized personnel.3. Personal information is protected from hacking attempts and computer viruses.
The company frequently backs up data in preparation for damage to personal information caused by hacking or computer viruses, and is working hard to prevent the system from being infected with malicious codes or viruses by using the latest vaccine program.4. Personal Information is handled by minimum personnel.
We minimize the number of employees handling personal information, and related computers are not connected to external internet services to protect from unauthorized access.5. Operation of a dedicated team for personal information protection
We have a team dedicated for personal information protection, which ensure compliance of business with this Privacy Policy. If a non-compliance is found this team detects the root issue and addresses them immediately. However, we are not responsible for any problems caused by the leakage of personal information such as user ID and password due to the user's negligence or internet connection issues.6. Our employees receive regular training on personal information protection
All employees who handle personal information receive regular in-house training and outsourced training on personal information protection obligations and security.Article 8 Personal Information Protection Officer
We have a Personal Information Protection officer who will address any inquiries, complaints, feedback or other matters related to personal information protection that arise while you use our service. Please contact our Privacy Protection Officer or the responsible department for such matter. We will do our best to promptly answer any questions you may have.[Personal Information Protection Officer] Name: Hong Jeong-won Position: Chief Executive Officer Affiliation: Heaven Tree Co., Ltd. E-mail: [email protected] Phone number: +82-53-716-0045
Article 9 Scope of Application
This Privacy Policy does not apply to the collection of personal information by other websites whose links are provided within our service. This Privacy Policy applies to you only if you have a contract with the Company.Article 10 Duty to notify
The personal information processing policy may be revised to reflect any legal or service changes. Should this Privacy Policy be revised, we will make a notification on our website or e-mail you at least 7 days before the effective date.If there is any major change to user rights, including which personal information is collected and why, we will notify you at least 30 days in advance.
Effective date: March 2, 2022