bitsensing, Inc. establishes and discloses what information it collects, uses, and manages in order to protect the personal information of data subjects and to enable prompt and smooth handling of complaints related thereto.
Outline
bitsensing, Inc. ("Company") complies with the personal information protection regulations under the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Personal Information Protection Act, and other related laws and regulations, and is committed to protecting the rights and interests of users by establishing a privacy policy in accordance with the relevant laws and regulations.
Through this Privacy Policy, we will inform you of the items of personal information collected from members, care recipients, and members (hereinafter referred to as "Users") who use the services provided by Bitsensing (the "Services"), the purpose of collecting and using personal information, the period of retention and use of personal information, and the measures being taken to protect personal information.
This Privacy Policy is effective as of July 7, 2022.
1. Purpose of collecting personal information
The company uses the collected personal information for the purpose of implementing contracts for service provision, user management, service improvement, and marketing.
•
Purpose of Service Delivery: Service Delivery, Service Improvement and Development, AI Wellness Radar Services
•
Contract performance for service provision and settlement of usage fees for service provision: provision of services and reports, provision of specific customized services, purchase of services and payment of charges (including payment of subscription payment service), issuance of evidentiary documents, collection of fees, processing of refunds, etc
•
User management: Identification of the user, personal identification, prevention of fraudulent use, confirmation of membership and intention to use the service, restriction on the number of subscriptions, preservation of records for dispute mediation, handling civil complaints such as handling complaints, delivery of notices, etc
•
Use for service improvement: Service improvement and development, correct sensor measurement results, check statistics on service use, verify service validity, provide event and advertising information, identify access frequency, etc
2. Period of retention and use of personal information
In principle, personal information is destroyed when the purpose of collection and use is achieved, but in some cases, it can be stored for a certain period of time.
In principle, personal information collected by the company is destroyed without delay when the purpose of collection and use is achieved. However, if the user obtains a separate consent for the period of personal information storage, or if the law imposes an obligation to store it for a certain period of time, personal information is stored safely during that period.
The following are the cases where users obtain consent for the period of personal information storage when signing up for membership or service registration.
1.
Prevention of fraudulent subscription and use
•
Item: Email address, name, mobile phone number
•
Retention period: 1 year from the date of withdrawal
2.
Dispute mediation and user inquiry response
•
Item: Email address, name, mobile phone number
•
Retention period: 1 year from the date of withdrawal
The company keeps personal information for a certain period of time prescribed by relevant laws and regulations as follows. In this case, the company uses the information it stores only for the purpose of its storage.
3.
Records on withdrawal of contracts or subscriptions, etc
•
Reason for Conservation: Consumer Protection Act in Electronic Commerce, etc
•
Retention period: 5 years
4.
Records on payment and supply of goods, etc.
•
Reason for Conservation: Consumer Protection Act in Electronic Commerce, etc
•
Retention period: 5 years
5.
Records on consumer complaints or dispute handling
•
Reason for Conservation: Consumer Protection Act in Electronic Commerce, etc
•
Retention period: 3 years
6.
Records on Display/Advertising
•
Reason for preservation: Consumer Protection in Electronic Commerce, etc. Act
•
Retention period: 6 months
7.
Records on identification
•
Reason for preservation: Act on Promotion of Information and Communication Network Utilization and Information Protection, etc
•
Retention period: 6 months
8.
Website visit record
•
Reason for preservation: Communications Secret Protection Act
•
Retention period: 3 months
9.
Records on electronic financial transactions
•
Reason for preservation: Electronic Financial Transactions Act
•
Retention period: 5 years
3. Personal Information Collection Items
Members' names, IDs, passwords, and mobile phone numbers are required, and the name, gender, age, occupation group, target sleep time, and chronic disease information of Wellun users are optionally collected.
The company basically asks for some information to provide services.
•
Mandatory: Member's name, ID, password, mobile phone number
•
Selection: Name, gender, age, occupation group, target sleep time, chronic disease, life pattern of well-run users measured through sensors, respiration, fall status, condition or situation of well-run users at a particular point in time
The company collects personal information through the app.
4. Personal information provision and handling consignment
In principle, personal information is not provided to the outside world, but it can be provided in some cases. If you use a paid service, your personal information is entrusted to the designated consignee for fee settlement within the designated range.
In principle, the company does not provide users' personal information to the outside world. However, exceptions are made in the following cases.
•
If the user has agreed in advance
•
Where there is a request from an investigative agency in accordance with the provisions of the statute or in accordance with the procedures and methods prescribed in the statute for the purpose of investigation
•
Where a particular individual is processed and provided in a form that cannot be identified for statistics preparation, academic research, or market research
The company entrusts and processes personal information within a set range to provide convenient and better service.
•
AWS Cloud Services: Amazon Web Services
•
Payment Processing: TBD
•
Customer Consultation: TBD
5. Consent to disclose personal information to third parties
wellune processes the personal information of the data subject only within the scope specified for the purpose of processing the personal information, and does not provide the personal information of the data subject to a third party only in cases falling under Articles 17 and 18 of the Personal Information Protection Act, such as the consent of the data subject or special provisions of the law, and otherwise does not provide the personal information of the data subject to a third party.
In order to provide smooth service, wellune obtains the consent of the information subject in the following cases and provides it only to the minimum extent necessary.
•
Provider
◦
Kakao Corporation
◦
Biztalk Corporation
•
Purpose of Provision
◦
To inform users of wellune's services and benefits
◦
To notify guardians in the event of an emergency of wellune users
•
Personal Information
◦
Name, address, mobile phone number, email
•
Period of retention and use
◦
From the date of the applicant's consent until the end of the service
◦
Until withdrawal of membership or withdrawal of consent to use the service
◦
However, if there is a preservation obligation under the relevant laws and regulations, it is kept until the applicable preservation period.
wellune may provide personal information to related organizations without the consent of the information subject in the event of an emergency such as a disaster, prisoner's disease, an event or accident that causes an imminent danger to life or body, or an imminent loss of property, as follows.
Categorization | Statutory Law | Provider organization | Personal information provided |
Disaster response | Disaster Safety Act | Central or regional task force | • Full name, social security number, address, and phone number (including cell phone)
• The following information for tracing and search and rescue purposes
A. Information collected through CCTV
B. Transportation card usage information
C. Date, time, and place of use of credit, debit, and prepaid cards
D. Name of medical institution, phone number, and date of treatment in the medical record book of the prescription
• (If you are a telecommunications provider or location information provider) Personal location information |
Prevent and manage infectious diseases | How to prevent infectious diseases | Centers for Disease Control and Prevention or national city or state | Name, social security number, address, and phone number (including cell phone number)
- Prescription and medical records in accordance with the Medical Act
- Immigration records for the period prescribed by the Commissioner of Disease Control and Prevention
- The following information to identify the route of travel
A. "Credit card, debit card, prepaid card, prepaid card, etc.
Credit card, debit card, and prepaid card usage information in accordance with the Financial Services Act
B. "Transportation card usage information pursuant to the Act on the Development and Promotion of Public Transportation
C. "Video information collected through video information processing equipment in accordance with the Personal Information Protection Act
- (List if you are a telecommunications provider or location information provider)
Personal location information |
Communicable Disease Outbreaks in Livestock - Preventing Spread | How to prevent infectious diseases in livestock | Ministry of Agriculture, Food and Rural Affairs National Livestock Biosecurity Agency | (Complete if you are a private location provider or toll road operator) Highway traffic information |
Find missing children, mentally disabled, dementia patients, etc. | Missing Children Act | Police stations | (List if you are a personal location information provider, telecommunications provider, identity verification organization, or provider of alternative means of resident registration) Personal location information, Internet address, telecommunications factual verification data |
Protecting suicide risk | Suicide prevention | Police Departments
Coast Guard
Fire Marshal's Office | Name, social security number (date of birth if no social security number), address, phone number, ID, e-mail address, and personal location information of the emergency recipient (if you are an ICT service provider) |
Responding to emergency calls and more | Location Information Act | Fire Departments | Personal location information (if you are a location provider) |
Dealing with a crisis, such as a loss of livelihood | Emergency Welfare Assistance Act | Countries and municipalities | The minimum information needed to identify people for emergency livelihood assistance, such as hardship. |
Processing personal data of persons involved in criminal activity, such as kidnapping and imprisonment | Privacy laws | Police stations | Video information such as CCTV |
Telecommunications Business Act | Investigator's Office | (If you are a telecommunications service provider, please provide) Your name, social security number, address, phone number, ID, and date of subscription or termination |
•
In this case, wellune will only provide the minimum amount of personal information required under the applicable law and will not provide it for a purpose other than that for which it was provided.
• (Individual) Location Information Provider
: A person who is authorized under the Location Information Protection Act to collect location information and provide it to a person engaged in the location-based service business.
• Telecommunication service provider
: A person who is registered or notified (including cases where notification is exempted) under the Telecommunications Business Act and provides telecommunications services
• Identity verification organization
: Identity verification organization pursuant to Article 23(3) of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.
• Provider of alternative means of registration for resident registration number
: Provider of alternative means of resident registration pursuant to Article 24-2 of the Personal Information Protection Act
• Information and communication service provider
: Telecommunications service providers pursuant to Article 2 (8) of the Telecommunications Business Act and those who provide information or mediate the provision of information using telecommunications services of telecommunications service providers for commercial purposes |
6. Procedures for destroying personal information and methods of destroying it
When the purpose of collecting and using personal information is achieved, personal information is destroyed quickly and safely.
When personal information becomes unnecessary, such as the expiration of the personal information retention period or the achievement of the purpose of processing, the company will destroy the information without delay.
The information provided by the user is transferred to a separate database after the purpose of collection and use is achieved (a separate document box in the case of paper) and stored for a certain period of time in accordance with the internal policy and other relevant reasons for information protection under the relevant laws and regulations (see retention and use period) before being destroyed. Personal information transferred to a separate database will not be used for any purpose other than to be retained unless it is by law.
Personal information stored in the form of an electronic file is deleted using a technical method that cannot be reproduced, and personal information printed on paper is crushed or incinerated with a shredder and destroyed.
7. Matters concerning children under the age of 14
Children under the age of 14 are not allowed to sign up for membership.
8. Matters concerning the installation/operation and rejection of automatic personal information collection devices
Use cookies to provide appropriate and useful services. You may refuse to save cookies in your web browser settings.
In order to provide users with more appropriate and useful services, the company uses "cookies" to store and retrieve users' information from time to time. A cookie is a tiny text file that the server that the company uses to run its service sends to the user's computer and is stored on the user's device. The user has the status of the cookie.
Some ways to reject cookie settings include allowing all cookies in the browser options you use, going through confirmation each time you save them, or denying all cookies. However, refusing to install cookies may make it difficult to use some services that require you to log in.
9. Technical and administrative measures for personal information protection
The company is making the best technical and administrative efforts to protect personal information.
The password is encrypted, stored, and managed, so only the person who knows it can check and change personal information. Therefore, be careful not to let others know the password.
The company is taking advantage of the necessary security measures to prevent leakage or damage of users' personal information by hacking or computer viruses, and is committed to having every technical way possible to secure more enhanced security measures.
The company limits the number of employees who handle personal information to a minimum, and checks the implementation and compliance of the policy that has been provided with training for related employees from time to time.
10. Civil service for personal information
The company has a personal information management manager to protect customers' personal information and handle complaints related to personal information. If you have any questions about personal information, please contact the personal information management manager below. We will respond to your inquiries promptly and sincerely.
Person in charge of personal information management
•
Name: Kwang-yeol, Lee
•
Number: 070-7114-1010
•
E-mail : mis9223@bitsensing.com
If you need to report or consult on other personal information infringement, please contact the following institution.
•
Personal Information Dispute Mediation Committee, 1833-6972 / kopico.go.kr
•
Personal Information Infringement Reporting Center, 118 without country code/ privacy.kisa.or.kr
•
Cyber Security Bureau of the National Police Agency / cyberbureau.police.go.kr
11. Changes to the Personal Information Processing Policy
In the case of addition, deletion, and correction in accordance with laws and policies, we will notify you through an announcement seven days before the enforcement of the changes.