innogs Korea Co., Ltd. (hereinafter, referred to as "Company") 'collects, uses and provides personal information based on user's consent', and actively guarantees on 'the rights of users (right to self-determination for personal information). "Privacy Protection" refers to a guideline that Company should comply to make users can use a service in relief by protecting users' important personal information, and Company complies with the personal information protect regulation and guideline of Republic of Korea (the law regarding the promotion of information and communication network use and protection of information, Telecommunications Business Act, Protection of Communications Secrets Act).
1. Purposes for Collecting and Using Personal Information
Company uses personal information for the following purposes, and does not use the information for any other purpose.
- A.Contract fulfillment regarding to Service Provision and Payment for Charge in accordance with Service Provision
Responding to inquiries for personal identification and service; purchase and payment of charge in accordance with service provision, and contract fulfillment regarding to providing service and sending technical data; sending billings; member authentication.
- B.Management of Membership
Member verification in accordance with using membership service; personal identification; actions of use restriction regarding to a member who violated Terms and Conditions; restrictions of actions that disrupting service operation and using service illegally; confirmation of intention to join; restriction of sign-up and number of sign-ups; confirmation of intention to withdraw membership; confirmation of whether legal representative agreed when collecting personal information of a member under 14; identify verification of legal representative afterwards; record preservation for dispute conciliation; handling civil affairs like complaints, etc.; delivering of notice.
- C.Development and Marketing for New Service
Developing new service and providing customized service, providing service and posting ads in accordance with statistical characteristics, confirmation for service effectiveness, checking access frequency, statistics on service use of members, providing event details and participating chance, providing advertising information.
2. What information we collect and how we collect it
Company collects personal information to the minimum extent necessary for provision of service under such principle as:
- A.What information we collect
- - Essential information: at the time of registering for membership, user ID, password, name, e-mail address;
- - Optional information: We may periodically collect additional (optional) information to the minimum extent necessary for provision of specialized service to users. However, there is no restriction on use of service, even if no optional information has been submitted.
- - We collect information in three ways as follows:
Category |
Personal information to collect |
Sign-up stage |
● (Individual Members) Mandatory fields: ID, password, name, e-mail address. |
● (Corporate Members) Mandatory fields: ID, password, name, e-mail address
● Optional fields: business information for issuance of tax invoices, tax registration number, corporate name, name of representative, business address, business category, business conditions, name of person in charge, e-mail address of person in charge, telephone number
|
When using paid service |
● Information of credit card, bank account, payment records, etc. may be collected for payment and refund. |
When verifying identity |
● If it is required for providing service, consent of the legal representative is required, and identity verification is required to comply with the applicable laws, name, birthdate, gender, nationality (foreigner/resident), mobile number, information of mobile carrier (optional) or iPIN information (optional), identity verification value may be collected. |
- - In addition, information as below may be created and collected during the process of service use:
Name, real name authentication value, gender, birthdate, occupation, company name, business category, country, address, telephone number, fax number, English name/address (essential information under domain administrative regulations), records of service use, access logs, cookies, access IP information, payment records, records of faulty use, information of user status, visiting dates.
- B.How we collect information
Company collects personal information as following methods,
- - online collection via website;
- - collection through created information collect tool.
3. Preservation and Period of Use of collected Personal Information
In principle, Company destroys personal information without delay, once its purpose has been fulfilled. However, Company may retain the following information for the period of preservation in accordance with the basis specified in “preservation grounds”.
- A.Preservation of Information according to Internal Policies
- - - Items to preserve: ID, password, name, English name, date of birth, gender, real name authentication value, authentication information, iPIN information, mobile phone number, information of mobile carrier, telephone number, bank account information, credit card information, access dates and times, information of accessed locations, records of faulty use, records of service use, information of legal representative, etc.
Preservation grounds: to resolve user's complaints and disputes when withdrawing membership
Period for preservation: one year after withdrawing membership
- B.Retention of Information by Applicable Laws
Company preserves member's information for the period defined by the applicable laws if it is necessary to preserve by the regulations of applicable laws such as Commercial Code, Electronic Commerce Act, etc. In such a case, Company uses the information they preserve only for the purpose of preservation, and preserves the information in accordance with the preservation grounds specified for the period of preservation, and then destroys the information without delay after the period of preservation had expired.
- - Records regarding to contract or withdrawal of contract
Preservation grounds: Acts on Consumer Protection in Electronic Commerce Transactions, etc.
Preservation period: 5 years
- - Records in connection with payment and provision of goods, etc.
Preservation grounds: Acts on Consumer Protection in Electronic Commerce Transactions, etc.
Preservation period: 5 years
- - Records in connection with resolution of users’ complaints or disputes
Preservation grounds: Acts on Consumer Protection in Electronic Commerce Transactions, etc.
Preservation period: 3 years
- - Records in connection with website visit (service use record, access log, access IP information)
Preservation grounds: Protection of Communications Secrets Act
Preservation period: 3 months
4. Procedure and Method for Destruction of Personal Information
User's personal information shall be destructed immediately once the purpose of collecting and using personal information is fulfilled in principle. Company's procedure and method for destruction of personal information are as follow:
- A.Procedure for destruction
- - The information user entered for sign-up or other purposes will be transferred to a separate database (a separate filing cabinet in case of papers), and it will be destructed after saved for certain period according to the reasons of for information protection under internal policies and other applicable laws (refer to the period of preservation and use).
- - Such personal information is not used for any other purposes other than preservation except when specified by legislations and laws.
- B.Method for destruction
- - Personal information printed on paper is shredded with shredder or destroyed by incineration.
- - Personal information saved by electronic file shall be deleted through use of technical methods that make it impossible to restore the record.
5. Provision and Share of Personal Information
In principle, Company receives consent from user pursuant to law when Company is required to provide user's personal information to a third party. However, it is excepted in any event where:
- A.the user had agreed in advance;
- B.it is necessary for settlement of service charges;
- C.national agency such as court, etc. forced to provide user's personal information based on law;
- D.it is too difficult to receive consent caused by economic or technical reason as essential information required for provision of various services promised with users;
- E.use and provision of personal information which accords with the user purpose:
- - when it is necessary to provide applicant’s information to the relevant service registered business operator needed to register domain, keywords, WINC, and SSL;
- - when it is necessary to provide for innogs Korea Co., Ltd. service in connection with domain name;
- - when dispute conciliation organization or court requests the domain registrant's contact information involved with the domain name;
- - when Company is required to delegate and keep the data regarding to international domain name registrant's personal information (member's ID and password, Domain Name, name server information, expiry date, owner name and address, email address) to an overseas escrow service in accordance with the contract with ICANN (Internet Corporation for Assigned Names and Numbers);
- - when government organization requests domain name and name server information to execute the duty defined by the law;
- - when using member's information (name, address, telephone number) for work-related contact;
- - when providing in a form of cannot verify certain customer, which is for statistic producing, promotional material, academic research or market research.
6. Consignment of Personal Information collected
Company consigns part of its works required to outside companies, and regulates and manages required matters to treat the personal information in safe in accordance with the Information Communications Network Act.
Corporate name |
Commissioned work |
Period of retention and use of personal information |
Inicis |
Payment Processing |
Until withdrawal from membership or termination of commission agreement |
PayPal |
Payment Processing |
Whois (whois.com) |
Domain registration |
Gabia |
Domain registration |
Freebill |
Tax invoice issuance |
7. Matters regarding to Installation/Operation and Rejection of Personal Information Automatic Collect Device
- A.What are cookies?
Company use ‘cookies (access information files)’ which periodically save and search members’ information, in order to provide specialized and customized service to users. Company identifies member's computer in connection with cookies operation, but does not identify the member personally.
- B.Installation/Operation and Rejection of Cookies
Members has a choice on installing cookies. Members may allow all cookies or confirm every time when cookies are saved or reject save of all cookies, by selecting [Tools]>[Internet Options]>[Security]>Custom Level]. However, in case of rejecting save of cookies, there might restriction to use service Company provides.
8. Technical/Administrative Countermeasure for Personal Information Protection
In handling users' personal information, Company considers technical/administrative countermeasures as follows, to prevent loss, stealing, leakage, falsification, or damage of personal information, for securing stability:
- A.Encryption of Member ID and Password
Member ID and password are saved and managed by encryption.
- B.Encryption when receiving/sending personal information and authentication information
Company encrypts user's personal information and verification information by building safe security server, etc. when receiving and sending the information through information and communications network.
- C.Ways to prepare for hacking, etc.
Company is making administrative/technical efforts for the security of homepage, however we recommend you to avoid writing sensitive information, which can be a problem when invasion occurred. Company is doing its best to prevent that member's personal information had exposed or damaged, by hacking, computer virus, etc. Company is back data up frequently to prevent damage of personal information, prevents that user's personal information or data is leaked or damaged with using the latest vaccine program, and transmitting personal information securely on network through cryptographic communications, etc. In addition, Company controls unauthorized access from outside with using firewall system, and has been trying to have all technical devices which is possible to secure systematic security.
- D.Minimization and Education of Employees
Company limits the employees who are handling personal information to the person in charge, assigns separate password and renew it periodically, and emphasizes compliance with this Privacy Policy through education for the person in charge.
- E.Operation of organization exclusively for personal information protection
Company checks whether execution of Privacy Policy and compliance of the person in charge through organization exclusively for personal information protection, etc., and does its best effort to modify and correct immediately when problem has found. However, Company is not liable for the problem arises out of that personal information had exposed due to user's negligence or issues on internet.
- F.Miscellaneous
Other matters are subject to the notification of “Standard of measures for technical/administrative protective action of personal information” of the Communications Commission.
9. Rights of Users and Legal Representatives and Exercise Method thereof
- - A user and legal representative may, at any time, search or modify the registered personal information of itself, or a minor under the age of 14, and may reject consent or request to cancel the membership (Membership withdrawal) when they don't agree to Company's personal information process. However, in such a case, using some portion of, or whole service may be limited.
- - Users may search and modify personal information of the user or minor under 14 by clicking 'Change personal information (or Change user information)', or withdraw their membership (withdrawing consent) by clicking 'Close account'.
- - Otherwise, please contact the personal information manager in writing, by phone or e-mail, and we will promptly take necessary actions.
- - When user requested to correct error on personal information, Company doesn't use or provide the personal information until the correction has completed. In addition, when incorrect information had been already provided to a third party, Company notifies the process result of correction to the third party immediately.
- - Company deals with the personal information terminated or deleted by the request of the user or legal representative pursuant to the guideline specified under "3. Preservation and Period of Use of collected Personal Information', and so as not to view or use for other purposes.
10. Manager of Personal Information
At innogs Korea Co., Ltd., we assign a personal information manager as follows to handle inquiries or complaints in connection with the personal information of users.
Personal Information Manager |
Name |
Hakjoon Lee, Manager |
Position |
Laboratory |
Contact number |
070-4613-6027 |
Email |
privacy@hydradns.com |
If you require further information or consultation regarding personal information infringement, please contact the organizations below:
- - Korean Privacy Complaint Center (privacy.kisa.or.kr / Tel.118)
- - Cybercrime Investigation Division of Supreme Prosecutor's Office (www.spo.go.kr / Tel. 1301)
- - Korean National Police Agency Cyber Bureau (www.ctrc.go.kr / Tel.182)
11. Link Site
Company may provide user with links to other company's website or material. In such a case, as Company does not have control over such external website and source, we are not liable for, and do not guarantee its usability thereof. Please check the policies of that website as that website's privacy policy is not related with Company's.
12. Obligation of Notification
Should there be any addition of contents, delete, or change to this Privacy Policy, we will give notice thereof at least 7 days before enforcement through ‘Public Notice’, provided that we will give notice thereof at least 30 days in advance regarding material change to such items as collected personal information, or purpose of use, and acquire consent of user again, if necessary.
- Enforcement date: 1st November, 2021