Privacy Policy
Pharos Labs Co., Ltd. (hereinafter referred to as the "Company") values the user's personal information.
The company complies with personal information protection regulations and guidelines related to the personal information protection act, such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Telecommunications Business Act, the Protection of Communications Secret Act, etc.
Through the privacy policy, the company would like to inform the members of the purpose and way in which the information provided by the members to the company is being used and protected.
**1. Personal information to be collected**
The company collects information for service provisions, such as initial membership subscription, customer counseling, and other services. The company collects optional information to provide customized services and various services.
1) Collected Information
(1)Required information:
A. Upon subscription:
-Subscription as a general member: email address (account name), mobile phone number, password, nickname, date of birth, address (not detailed address), gender
-Signing up with Facebook account: Facebook's unique ID/value, email address (account name), mobile phone number, password, nickname, date of birth, address (not detailed address), gender
-Signing up with Google account: Google's unique ID/value, email address (account name), mobile phone number, password, nickname, date of birth, address (not detailed address), gender
B. Upon (Adult) verification:
-Upon verification with a mobile phone: name, mobile phone number, date of birth, gender, Duplication Information (DI), Connecting Information (CI), verification IP, verification information (date, method, country)
C. Upon inquiry:
Nickname, name, email address, verification information, etc.
(There may be additional personal information collected depending on the type of inquiry)
(2) Optional Information:
A. Additional information upon completion of My Profile:
Information added in My Profile, such as photo, educational background, occupation, position, annual salary, marital status, annual household income, etc.
B. Automatically generated information upon using the service to secure service stability, to prevent fraud, to protect accounts and items, to restrict violation of CRATOS Terms and Conditions and law such as IP, access records, service usage records, records of misusage, download records, payment records, cookies, etc.) and information to identify a device such as OS information, hardware information, Mac Address, advertisement identifiers, etc. may be collected.
C. Members' personal information collected upon member's agreement on terms to use the information for marketing purposes such as name, gender, birth date, mobile phone number, and Connecting Information(CI) may be collected to deliver commercial information for profit through phone, SMS, LMS, MMS, e-mail, and push notifications within the Service.
D. Upon agreement to provide information to the third-party, information such as name, gender, date of birth, mobile phone number, and Connecting Information (CI) may be collected to transmit the marketing information to the member.
E. When using the customer center or applying for an event, additional personal information that has not been collected upon subscription can be collected to handle grievances, send prizes, and report taxes. In addition to the information below, there may be additional personal information collected depending on the type. In this process, the company will guide you through the collection and obtain separate consent.
Customer center:
Phone number, e-mail address, name, changed information, etc.
Applications for an event and upon prize-winning:
Name, phone number, e-mail address, wallet address, resident registration number
-Collection of resident registration numbers:
It is limited to cases where it is necessary to collect in accordance with the relevant laws for the winner's handling of tax and utility bills and the settlement of sponsored coins, and separate consent is obtained upon collection of resident registration numbers.
2)How personal information is collected
The company collects personal information through its website, mobile app, subscription on mobile web, written form, fax, phone, service use, feedback page and e-mail, event application, the information generated through a collection tool, member information modification, and information collection through joint partnership and cooperation.
3)Consent to the collection
In order for all members to use services provided by the company, personal information is required, and personal information is collected with the consent of the applicant upon subscription by members' agreement to the subscription form.
4)Some of the information the members choose to provide the company may be considered "special" or "sensitive" in certain jurisdictions, such as members' race or ethnicity, sexual taste, and religious beliefs. By providing this information, it is deemed that the members agree such information be processed by the company.
**2. Purpose of collection and use of personal information**
The company uses the collected personal information for the following purposes.
All information provided by the member is not used for any purpose other than the following purposes, and if the purpose of use changes, prior consent will be obtained.
1) Implementation of contracts on service provision, provision of additional services, and member management
Matching services and content provision, verification necessary for member-exclusive services, personal identification, confirmation of subscription, age verification, subscription and restriction of subscription, identification of unique accounts to provide additional services, prevention of illegal use and unauthorized use of members, prevention of resubscription for 24 hours after membership withdrawal, handling of complaints and grievances, preservation of records for dispute resolution, delivery of announcements, confirmation for withdrawal
2) Event management
Event application, confirmation of winning and related information, sending prizes, handling related inquiries and affairs, tax reports
3) Used for developing new services and for marketing and advertising purposes
New service development, information transmission, and customized service provision according to events, service provision, and advertisement according to demographic information, service validity verification, access frequency, or statistics on service use of the member
4) Service announcement and notification.
Transmission of information that a member should be aware of to use the Service such as significant modification, improvement, malfunction of the Service provided by the company, records of usage, personal information usage records, etc.
**3. Preservation period and use of personal information**
The company holds and uses the member's personal information only during the period of service provision from the date the member applies for the subscription.
Upon withdrawal of the consent to the collection and use of personal information, the personal information will be deleted without delay if the purpose of collection and use is achieved or the period of preservation and use has terminated.
In this case, personal information will not be browsed nor be used for any purpose.
However, the following information is preserved for the period specified for the following reasons.
1) Reasons for holding information according to the company's internal policy
- Reasons for preservation: To prevent confusion upon the use of Service and illegal use(illegal subscription and abnormal use of services) and handle grievance and resolve dispute upon withdrawal of the membership, etc.
- Preserved information: ID, nickname, gender, address, date of birth, phone number, identification values (CI, DI)
- Preservation period: 6 months
2) Personal information separately preserved and for restoration of dormant accounts following the implementation of the personal information validity period policy
Personal information included in membership information of members who do not use the Service for a long time will be stored separately. If members want to reuse the Service, members can restore it as an active ID after the dormant cancellation process.
- Separately stored information: Personal information included in member information (including required and optional information)
- Criteria for separate storage: Conversion to a dormant account and separate storage of personal information in case of not signing in within one year from the last activity.
- Excluded information for separate storage: information necessary for dormant notification and restoration and information necessary to be preserved in accordance with the provisions of laws and regulations and internal regulations are excluded from separate storage
- Reasons for separate storage: Personal information protection of dormant users pursuant to the "Act on Promotion of Information and Communications Network Utilization and Information Protection, etc."
- Separate storage period: 1 year after a conversion to a dormant account
3) Reasons for preserving information under relevant laws and regulations
- Statement/advertisement Records: 6 months (Act on Consumer Protection in Electronic Commerce, etc.)
- Contract or Withdrawal of Subscription Records, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- Records on Payment and Supply of Goods/Services, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- Consumer Complaints or Disputes Records : 3 years (Act on Consumer Protection in Electronic Commerce, etc.)
- Telecommunication records of the member, starting and end date, member number of the counterpart, usage frequency, and Tracking Data of Transmission Station: 1 Year (Protection of Communications Secret Act)
- Records of web/app visits such as service usage records, access logs, and access IP: 3 months (Protection of Communications Secret Act)
- National tax proofs, tax base, and reported tax amount: 10 years (Framework Act on National Taxes)
**4. Consignment of personal information handling**
The company shall not use or share the customer's personal information beyond the scope of the purpose specified in this policy or provide or share it to a third party, except in cases where the customer agrees separately in the process of using the service or otherwise stipulated by law. However, for service improvement and stable handling of personal information, the company may entrust members' personal information to external parties.
In the case of entrusting the processing of personal information, the service provider's strict instructions on personal information protection, the confidentiality of personal data, prohibition of provision to third parties, and responsibility for accidents will be clearly defined and kept in writing or electronically.
Currently, the member's personal information is entrusted only if consent is obtained in advance to provide high-quality services to members.
l The consignee and the consignment service details
Consignee: Naver and SMS Service Providers
- Consignment service details: SMS/LMS/MMS text message and notification service
- Period of preservation and use: Until withdrawal of membership or the termination of the consignment contract
**5. Procedures and methods for deleting personal information**
In principle, the company will destroy the information without delay after the purpose of collecting and using personal information is achieved. However, other information that must be kept by laws and regulations shall be preserved separately for a certain period of time and deleted immediately.
**6. Provision of personal information**
The company uses members' personal information within the scope notified for the purpose of collecting and using personal information and does not use it beyond such scope or provide members' personal information to external parties. Also, the company does not provide it to third parties, companies, or institutions without the prior consent of the members.
However, personal information can be used and provided with caution in the following cases.
l In the case where the members agree to disclose it in advance
- Before collecting or providing information, the company informs and obtains consent from its members regarding the partner that would be provided with the information, necessary information, and preservation period, and if the members do not agree, the company does not collect nor disclose additional information.
l Where it is remarkably difficult to obtain ordinary consent due to economic/technical reasons as personal information necessary for the implementation of a contract on the provision of services.
l Where there is a request from an investigative agency in accordance with the provisions of the law or in accordance with the procedures and methods prescribed in the law for the purpose of investigation.
l When it is necessary to use the new service provided by the company
l In the case of provision of information in a form that cannot be identified for statistical preparation, academic research, or market research to advertisers, partners, research organizations, etc.
l Where there is a request in accordance with the procedures prescribed by other relevant laws and regulations
However, the members are still notified regarding the provision of information under relevant laws or at the request of an investigative agency even upon the provision of information in exceptional cases. Members may not be notified due to legal grounds. Contrary to the original purpose of collection and use, the company will strive its best to prevent information from being provided indiscriminately.
**7. Matters concerning the installation and operation of an automatic personal information collection device and refusal**
In order to provide customized services to members, the company operates a "cookie" that stores and searches members' information from time to time.
Cookies are very small text files sent by members' browsers and mobile devices by servers used to run websites or mobile app services and are also stored on the hard disk of members' devices. The company uses cookies for the following purposes.
l The purpose of using cookies, etc.
Target marketing and personalized service providers have the choice to install cookies by analyzing the frequency of access and number of visits and time of members and non-members, tracking and identifying their preferences and interests, and identifying the degree of participation and number of visits. The methods and information collected are as follows.
- Google Analytics: The company uses web log analysis tools provided by Google. Google Analytics collects the main behavior (behavioral information) of users of the services provided by the company through cookies.
The collected information cannot identify the individual member, and members can delete the cache and data by refusing to set up cookies.
- Facebook App Analysis Tool: When a specific event occurs in the service, the server and client (Android/iOS/PC) will send log data, and members can delete the cache and data by refusing to set up cookies.
- Firebase: When a specific event occurs in the service, the server and client (Android/iOS/PC) will send log data, and members can delete the cache and data by refusing to set up cookies.
Therefore, members may allow all cookies by setting options in a web browser, go through verification whenever they are saved or refuse to save all cookies.
l How to reject cookies
As a way to refuse to set up cookies, members can modify the web browser settings or select the CRATOS app in Mobile Device App Management to allow all cookies, go through confirmation every time cookies are saved or refuse to save all cookies.
- Browser Settings Method (Chrome): Top right [?] button > Settings > Privacy and Security > Delete Cookies
- For Android phones: Settings > Apps > CRATOS > Storage > Data/Cache> Clear Data / Clear Cache
- For iPhone: Settings > General > iPhone Storage > CRATOS > Offload App
However, if members refuse to accept cookies, it may be difficult to use some services that require signing in.
**8. Site Links**
The company may provide members with links to other companies' websites or publications. In this case, the company has no control over external sites and publications, so it is not responsible and does not guarantee for the usefulness of the services or materials provided therefrom. In particular, if members click the link that the contained in the service and move to a page on another site, the privacy policy of the site is irrelevant to the member, so please check the policy of the new site visited.
**9 Technical and administrative protection measures for personal information**
The company is taking the following technical and management measures to ensure safety in handling members' personal information so that such information is not lost, stolen, leaked, altered, nor damaged.
1) Personal information encryption
Members' personal information is protected by passwords, and important data is protected by separate security functions such as encrypting files and transport data or using file lock features.
2) In order to prevent the leakage or damage of members' personal information due to hacking or computer viruses, technical countermeasures used by the company is installing systems in areas where access is restricted from the external parties, using intrusion blocking devices, and intrusion detection systems to monitor them at all times.
3) Company restricts access to personal information processing systems by establishing standards for granting, changing, and canceling access to database systems that are systematically configured to process personal information, and is taking necessary measures to control access to other personal information such as setting standards on the creation of passwords, modification period, etc.
4) Training of staff handling personal information
Staff handling personal information are limited to the person in charge, provide regular training on acquiring new security technologies and protecting personal information, etc, and the numbers of staff are minimized as an administrative measure.
5) Personal ID and password management
In principle, the ID and password used by the members are intended to be used only by the members. The company is not responsible for the leakage of personal information such as IDs, passwords, and e-mails due to the members' negligence and the basic risks arising from the Internet. Please change the password frequently with a security awareness of the password and pay special attention to prevent personal information from being leaked when signing in from a public PC.
**10 The rights of members and legal representatives and exercise of rights**
Members and legal representatives can inquire or modify their registered personal information at any time, and if they disagree with the company on the processing of their personal information, they may refuse consent or request cancellation of membership (withdrawal from membership). However, in such cases, it may be difficult to use part or all of the services.
To check and modify the member's personal information, click "Change basic profile information and add additional personal information."
In order to terminate the subscription (withdraw consent), members can cancel and withdraw the contract by clicking "withdraw membership."
Or if the member contacts the Chief Privacy Officer in writing, phone, or e-mail, and the CPO will take action without delay.
If a member requests the correction of an error in personal information, the personal information will not be used or provided until correction is completed. In addition, if false personal information has already been provided to a third party, the company will notify the third party of the correction process without delay so that the correction can be made appropriately.
The company will process personal information relevantly upon termination or deletion request of a member or its legal representative as specified in the "3. Preservation period and use of personal information" and will not browse or use for other purposes.
**11 Complaints on Personal Information**
In order to protect customers' personal information and handle complaints related to personal information, the company designates a person in charge to manage personal information as follows.
Members can report all personal information protection-related complaints arising from using the company's services to the person in charge of personal information management. The company will respond quickly and sufficiently to members' complaints and inquiries.
l Person in charge of personal information management (Chief Privacy Officer)
Name: Kang Dongwon
e-mail: info@cratostoken.com
**12 Addendum**
This privacy policy will take effect on December 1, 2021, and if there are addition, deletion, or modification of contents due to changes in laws, policies, or security technologies, it will be notified through announcements within the service seven days before the enforcement date of the modification.
It is considered that the members agree to the modified policy by continuing to use the service after that day