Personal Information Processing Policy
Function12, Inc. (hereinafter referred to as the “Company”) values Personal Information of Users, and as a Provider of Information and Communication Services, shall comply with Act on Promotion of Information and Communications Network Utilization and Information Protection, Personal Information Protection Act, Protection of Communications Secrets Act, Telecommunications Business Act and other relevant laws / regulations. According to such laws and regulations, the Company has established Personal Information Processing Policy and is safely managing Personal Information. Furthermore, the Company has kept disclosing this Policy for Users to easily check anytime.
Collection and Use of Personal Information
The Company collects and processes all Personal Information for the following purposes such as member management, development / provision / improvement of services and safe mobile use environment. Personal Information that has been processed shall not be used for purposes other than the followings and if such purposes are changed, the Company will seek prior consents from the Users.
1. The Purposes of the collection and use of Personal Information and relevant items
The services provided by the Company are freely accessible without a separate membership registration. Personal Information collected and used for membership services of the Company will not be used for purposes other than the followings, and as explained above, necessary measures such as obtaining separate consents if the purposes are changed, shall be executed.

1.1 Execution of contracts about provision of services, provision and purchase and payment of contents about fee settlements according to provision of services, etc., identity verification for financial transaction and other financial services

1.2 Member management identification for services provided by the Company, Personal identification, Prevention of illegal and unauthorized usage by defective/faulty members, confirmation of intent for registration of membership, confirmation of age, complaint handling and delivery of notices

1.3 This information shall not be combined with personally identifiable information.

1.4 Development and Specialization of new services (products) to be utilized for marketing and advertisement, delivery of advertising information such as coupons and events, provision of services according to demographic characteristics as well as advertisements (Optional, and the Company does not provide personalized advertisements to anyone aged under 14)

2. The Company only uses Users’ Personal Information within the notified purposes under 「 The Purposes of the collection and use of Personal Information and relevant items」 and the Company shall not use such Personal Information outside the aforementioned purposes and provide it to a third party. However, the Company may provide Users’ Personal Information to a third party in the following cases.
2.1 Cooperation Relationship: The Company may provide Personal Information of Users to affiliates for provision of better services. In this case, the Company shall obtain consents from Users in advance after explaining about items of Personal Information to be provided, the purposes and period of provision, as well as protection measures. If Users do not consent, the Company shall not provide Personal Information to affiliates and notify to Users any changes or terminations of relevant Cooperation Relationship. When a Cooperation Relationship is terminated, and Users do not consent about provision of their Personal Information, that information already provided shall be destroyed without delay, Users can always withdraw their consent about provision of their Personal Information at any time.

2.2 Consignment: For smooth business operation and to provide better services to Users, the Company can consign processing of Users’ Personal Information to third parties. In this case, the Company shall notify to Users about names of consignees, purposes of consignment, scopes of Personal Information to be consigned, consignment periods in advance.

2.3 Disposal of Business, Mergers and Acquisitions: If the rights and obligations of the Service Provider are succeeded or transferred, this must be notified in advance, and Users’ option to withdraw their consents about personal information shall be given.

2.4 If there are special provisions in relevant laws and regulations. if it is necessary for fee settlements, if a transaction is made through the Service provided by the Company, for smooth communication and transaction between parties to a transaction and if it is necessary to provide information relevant to delivery within the required range, the Company may provide Personal Information to a third party.
3. Items of Personal Information for collection: Information Users directly enter for using services provided by the Company such as User ID, users’ play data, passwords, addresses of delivery, transaction details, mobile phone number, e-mail address, encrypted user verification value (CI), bank account information, Business registration number, name of business, name of representative of business, details regarding connected third party accounts (such as the e-mail or username for a connected PayPal, Google or Facebook account), scanned identification documents provided to the Company (such as an ID card, driver’s license, passport or official company registration documents, student ID), service use records, access logs, cookies, access IP information, geo-location, payment records, etc.
4. Methods of collecting Personal Information
4.1 Via Homepage (membership registration, profile editing, account setting, etc.)
4.2 Automatically collected through running or using service programs provided by the Company
4.3 Collection through voluntary provision of Personal Information by Users during service subscription or usage
The Period for retaining and using Personal Information
1. The Company processes and retains Personal Information within the period agreed by Users when collected
1.1 Membership Information: up to 90 days after membership withdrawal

1.2 Non-Membership Information: Until purposes of business are achieved

Nevertheless, the Company may retain Personal Information until cases are closed if an investigation is in progress about violations of laws and regulations by a particular User, and until the time of settlement if there remains a claim-obligation relationship due to that User’s usage of services.
2. In accordance with Article 29 of 『Act on Promotion of Information and Communications Network Utilization and Information Protection』, if there has been no record of usage of services for 1 year, such User will be notified in advance and Personal Information shall be separated and retained for 1 year from the date of conversion to a dormant account.
3. To prevent members from doing expedient or illegal actions such as re-joining or arbitrarily cancelling memberships after withdrawal or suspension of memberships to obtain economic benefits e.g. discount coupons and event benefits provided by the Company, or using others’ names without permission, the Company shall retain Users’ Personal Information for 90 days after withdrawal of membership.
4. The Company may retain Personal Information for a certain period of time by moving it to a separate database (DB) or by changing the storage location with the provisions of relevant laws and regulations such as Act on the Consumer Protection in Electronic Commerce.
Name of Statutes Items Period
Act on The Consumer Protection in Electronic Commerce Records about indications or advertisements 6 months
Records about contracts or cancellation of orders etc. 5 years
Records about payment and supply of goods etc. 5 years
Records about complaints from Users or resolution of disputes 3 years
Act on the Protection and Use of Location Information Records about personal location information 6 months
Electronic Financial Transactions Act Records about electronic financial transactions 5 years
Protection of Communications Secrets Act Personal Information related to usage of services (log records) 3 months
Framework Act on National Taxes National Tax Evidence etc. 10 years
Reported data of Tax base and the amount 5 years
Value-Added Tax Act Reported data of Value-Added Tax base and the amount 5 years
The Right of Data Subjects to deny consent and disadvantages, if any, resulting from the denial of consent
Users have the right to refuse consent to collection and use of Personal Information. Nevertheless, in the case of refusal to consent to collection and use of minimum Personal Information necessary for conclusion and execution of the contract, services cannot be used. In the case of refusal to consent to collection and use of Personal Information and/or selective collection and use of Personal Information for marketing activities and public relations, there may be disadvantages, for instance, not being able to receive information about events and benefits, be provided with free gifts and promotional materials, use affiliated services, discounts, and accumulate points.
Outsourcing of Personal Information Process
1. The Company consigns Personal Information processing tasks for smooth handling of Personal Information as follows.
2. The Company consigns only some of tasks necessary for provision of services to external companies. When consigning contracts are concluded, prohibiting provisions of processing Personal Information other than the purposes of performing consigned tasks, technical and administrative protection measures, restrictions on reconsignment, management and supervision of consignees, compensation for damages shall be specified in consigning contracts in accordance with relevant laws and regulations. The Company shall regulate, manage, and supervise matters necessary for consignees to safely process Personal Information in accordance with relevant laws and regulations.
Consignee Details of consignment tasks
Paymentwall
KGinicis Co., Ltd,
Kakao Pei Corporation,
NHN KCP Corporation,
Naver Corporation,
SBV Peiko,
eBay Korea,
Samsung Electronics,
Google Payment Korea,
People Corporation 		Provision of electronic payment methods
AWS Identification
SendinBlue
MailChimp 		Mail services
AWS Operation of services
Zendesk Help Center
Google analysis Service usage behavior analysis
Apple
Goolge
AWS 		Certification
Provision of Personal Information to a Third Party
1. The Company processes Users’ Personal Information only within the scope specified below, and only provides such Information to a third party when there is a consent from Data Subjects or a special provision of relevant laws and regulations. Without a User’s prior consent, the Company shall not use his/her Personal Information outside the scope of given consent or provide Personal Information to a third party in principle.
2. Currently, the Company does not provide Personal Information to a third party except cases necessary for performance of consignment tasks in the preceding article. If Personal Information is provided to a third party other than for the purpose of performing consigned tasks, the Company shall seek consent from Users with regard to ① the Person receiving Personal Information, ② the purposes of using Personal Information by such Person, ③ items of Personal Information to be provided, ④ Retention and period of usage of Personal Information, as well as the fact that Users have the right to refuse consent to provision of their Personal Information and following disadvantages arising out of refusal of consent, etc.
The Rights and Obligations of Data Subjects and their Legal Representatives and How to Execute Such Rights
1. Users can exercise the following rights related to their Personal Information protection against the Company at any time.
a) The right to request access to Personal Information
b) The right to request a correction if there is an error, etc.
c) The right to request an erasure
d) The right to request suspend the processing of Personal Information
2. Users may exercise the rights specified in the preceding Paragraph in writing, by phone, e-mail, fax, etc., and the Company will handle the issues within 10 business days according to its internal procedures.
3. If a User requests correction or deletion of errors with regard to his/her Personal Information, the Company shall not use the relevant Personal Information before requested correction or deletion.
4. Users may exercise the rights specified in Paragraph 1 of this Article via an agent such as a legal representative or delegate, and the agent can exercise all the above rights on behalf of a particular user.
5. Users shall not infringe on Personal Information and privacy of themselves, or third parties processed by the Company in violation of relevant laws and regulations such as Act on Promotion of Information and Communications Network Utilization and Information Protection, and Personal Information Protection Act.
6. Users have rights to view, correct, or withdraw their Personal Information through 『Settings』 at any time.
7. If any User wishes to withdraw from membership, the User can click 『Settings』-> 『Withdrawal of Membership』 or contact the person in charge of Personal Information Protection by fax, mail, phone. Then, the Company shall take necessary measures such as deletion of Personal Information after retention of that information, for 90 days from the application for withdrawal of membership.
8. Users shall prevent any unexpected accidents or incidents by entering or notifying their Personal Information up to date to the Company.
9. Users are responsible for any accidents or incidents that occur due to inaccuracies of information provided or entered by Users, and provision of services may be restrained if false information such as a non-relevant person’s information is entered.
10. Users have the right to be protected from infringement of their Personal Information and the duty to protect themselves / not to infringe Personal Information of others. Users shall also be careful not to leak and damage other Users’ Personal Information. If a User fails to fulfill the above responsibilities and somehow damages Personal Information and dignity of others, he/she may be subject to punishment under 「Act on Promotion of Information and Communications Network Utilization and Information Protection」, 「Personal Information Protection Act」.
Protection of Personal Information of Data Subjects aged under 18
To protect Personal Information of persons aged under 18, the Company shall not allow registration of membership of those children aged under 18. 
Installation and Operation of an Automatic Collection Tool for Personal Information and the denial thereof
1. When using services provided the Company, service usage records and connected device information such as cookies (text files sent by the server used in the Company service to Users’ browser and saved on the hard disk of Users’ device), IP address etc., are automatically created and stored.
2. The purpose of using Cookies is as follows, and bulletin board post registration Cookies expire when the browser is closed or logged out.

  1. By analyzing frequency of access or usage of time spent, etc., Users’ preferences and interests are identified and used for targeted marketing (this is not combined with information that can identify Users)
  2. Measures such as service reorganization and etc. by analyzing Users’ habitual behaviors
Users can refuse to install cookies (IE standard setting method: Tools at the top of the browser > Internet Options > Personal Information > Site Blocking). Nevertheless, if a User refuses to install cookies, it may be difficult to use a number of services that require login.
Destruction of Personal Information
The Company shall destroy all Personal Information without delay, after the purpose of collecting and using the above information is achieved. Personal Information recorded and stored in electronic format should be destroyed so that it cannot be reproduced. Personal Information recorded and stores in written format (paper) should be shredded or incinerated.
Copyright © 2022 Function12 Co., Inc