Privacy Policy
Privacy Policy
Privacy Policy
Space Power Co., Ltd. (hereinafter referred to as the ‘Company’) protects members’ personal information and complies with the Information and Communications Network Utilization Promotion Act, Telecommunications Business Act, and Communications Confidentiality Protect Act
The Company establishes a personal information handling policy to protect members’ personal information and posts on the website to inform the purpose and method the personal information provided by the member to the Company online is being used and what measures are taken to protect personal information.
The Company’s privacy policy contains the following information:
1. Items of personal information to be collected and method of collection
2. Purpose of collection and use of personal information
3. Duration to retain and use of personal information
4. Sharing and provision of collected personal information
5. Consignment of handling of collected personal information
6. Procedure and method to destroy personal information
7. Rights of users and legal representatives and their exercise
8. Installation, operation, and refusal of automatic personal information collection devices
9. Technical and administrative measures to protect personal information
10. Contact information of chief privacy officer and managers
11. Report and arbitration on personal information
12. Duty of notification
Chapter 1. Items of personal information collected and method of collection
‘Personal information’ refers to the information of an individual used for identifying the individual by name, social security number, etc., including any information that can be used with other information, even if the information can not identify a specific individual properly by itself.
1. Items of personal information collected.
① The Company collects the following personal information for membership registration, service application, and customer service.
– Register
<Registering with general procedure> : Name, social security number (passport number or foreign resident registration number), ID, password, e-mail address, phone number (mobile phone number or landline number), legal representative information (for children under 14 years)
<Registering with I-PIN> : Name, date of birth, gender, i-PIN number, ID, duplicate sign-up confirmation information (Duplicated joining verification Information value), password, e-mail address, phone number (mobile phone number or landline phone number), legal representative information (for children under the age of 14 years)
– When applying specific services: Address, business-related information (company name, business registration number, name of representative, business address/phone number/fax number/e-mail address, website address, e-commerce business registration number)
– When requesting rea fund: Account information (name of transaction bank, account number, name of the account owner)
② The following information may be generated and collected during the service or business processing. The record of service use, access log, cookie, access IP information, payment record, suspension record and inappropriate use record.
2. Method to collect personal information
Company will use the following methods many to collect personal information.
① Registration on the webpage or written form
② Customer consultation and service usage management by phone, fax, and consultation bulletin board
③ Event (giveaway event) application, delivery request
④ Provision from the affiliates
⑤ Collection by tools to collect generated information
Chapter 2. Purpose of collection and use of personal information
The Company uses the collected personal information for the following purposes.
1. To Implement the contract for providing service and settle fees according to service provision To provide service and contents, deliver goods or invoices, authenticate member’s identity, process purchase and payment, and collect fees
2. Member management
To Identify the user according to the use of membership service, prevent fraudulent or unauthorized use of membership, confirm the intent to join, restrict registration and the number of registration, confirm the consent of legal representative when collecting personal information of children under the age of 14, identify legal representative, preserve records for dispute arbitrary, handle complaints, and to deliver notices
3. To develop new services and implement marketing and advertising
To develop new services, provide specialized services based on demographic characteristics, post advertisements, identify the frequency of access, measure statistics on members’ use of service, and deliver advertising information such as events.
Chapter 3. Duration to retain and use of personal information
In principle, the information is destroyed right after collecting and using personal information is accomplished. However, the following information is retained for the specified period for the following reasons.
1. Retention of the information per the Company’s internal policy
Even if a member withdraws, the Company keeps the member’s information as follows to provide seamless service and prevent fraudulent service use
– Name, social security number (passport number/foreign resident registration number), e-mail address, phone number
Reason for the retention: T prevent any confusion in the use of service, resolve disputes, and cooperate in response to requests from investigative agencies
Period of retention: On year
– 부Records of fraudulent/inappropriate use (including personal information of fraudulent/inappropriate users)
Reason of the retention: To prevent fraudulent and defective use of services and re-registration of those users
Period of retention: One year
2. To retain the information according to relevant laws and regulations
The Company can retain the information as required by the provisions of related laws, such as the Commercial Act and the Consumer Protection Act in Electronic Commerce, etc., for a certain period as determined by the relevant laws and regulations. In this case, the Company uses the retained information only for retention, and the retention period is as follows.
– Records on contract or subscription withdrawal, etc.
Reason for the retention: Acton Consumer Protection in Electronic Commerce, etc.
Period of retention: Five years
– Records on payment and supply of goods, etc.
Reason for the retention: Act on Consumer Protection in Electronic Commerce, etc.
Period of retention: Five ears
– Records on consumer complaints and dispute handling
Records on consumer complaints and dispute handling
Period of retention: Three ears
– log record
Reason of the retention: Protection of Communications Privacy Act
Period of retention: Three months
Chapter 4. Sharing and Provision of Personal Information
The Company uses the member’s personal information within the scope set for collection and usage. It does not use it beyond the scope or disclose/provide it to third parties. However, the following cases are considered as exceptions.
1. If the member has agreed in advance to provide or share with a third party
2. By the provisions of the law or the procedures and methods outlined in the law for investigation or if there is a request from the investigative agency
Chapter 5. Consignment of handling of collected personal information
The Company consigns the following tasks: customer service management and handling customer complaints to manage personal information for smooth business processes. In addition, the Company stipulates compliance with laws and regulations related to personal information protection, prohibition of providing personal information to third parties, and liability in case of accidents to ensure personal information protection during consignment contracts. If the Company is changed its name, its changed name will be notified through the notice or privacy policy screen
Chapter 6. Procedures and methods to destroy personal information
In principle, the Company destroys the information without delay after collecting and using personal information is achieved. Procedures and methods to destroy personal information are as follows.
1. Procedure of destruction
① The information the member entered for registration is destroyed after being stored for a certain period according to the internal policy and other relevant laws for information protection (see the period of retention and usage) after the purpose is achieved.
② This personal information will not be used for any other purpose unless otherwise required by law.
2. Method to destroy
① Personal information printed on paper is shredded with a shredder or destroyed by incineration.
② Personal information stored as an electronic file is deleted using a technical method that cannot perform reproduction.
Chapter 7. Rights of the member and legal representatives and their exercise
1. The member and legal representatives may review or modify their registered personal information or the personal information of children under 14 at any time. They may request cancellation of membership (withdrawal of consent).
2. To review or modify the personal information of members or children under 14, click “Modify member information.” To withdraw membership, click “Withdraw membership,” and the member can review, modify or withdraw after the identification authentication. Or, the Company will process the member’s request without delay if the member contacts the person in charge of personal information management in writing, by phone, e-mail, or through the customer service board.
3. If the member or legal representative requests the correction of an error in the personal information, it will be used or provided after the correction is completed. In addition, if incorrect personal information has already been provided to a third party, the result of the correction will be notified to the third party without delay so that the correction can be made.
4. The company processes the personal information that has been terminated or deleted at the request of the member or legal representative by “3. Duration to retain and use of personal information,” and it will not be reviewed or used for any other purpose.
Chapter 8. Installation, operation, and refusal of automatic personal information collection devices
The Company uses ‘cookies’ that frequently store and find member information to provide individually tailored services to members. The cookie is a small text file that is sent to the user’s browser by the server used to run the website and is stored on the hard disk of the user’s computer. It identifies the user’s computer but does not identify the user personally.
1. Purpose of using cookies
The Company uses cookies for the following purposes.
To analyze the access frequency and visit time of members and non-members, identify users’ preferences and areas of interest, track traces, and provide targeted marketing and personalized services by identifying the degree of participation in various events and the number of visits
2. How to reject cookie settings
Members have the option to install cookies. Therefore, members may allow all cookies, go through confirmation whenever a cookie is saved, or refuse to save any cookies by setting options in the web browser.
Example of setting: (In case of Internet Explorer) Tools at the top of the web browser > Internet Options > Personal Information
However, cookies should be accepted to access the Company homepage and use the service. If it is refused, it may not be available to use the company’s services that require login.
Chapter 9. Technical and administrative measures to protect personal information
The member’s personal information is protected by ID and password. In addition, the Company takes the following technical/administrative measures to ensure its protection and prevent any leakage, alteration, or damage in handling the member’s personal information.
1. Technical measures
① The password of the member account is encrypted and stored so that only the user can know it. Therefore, only the person who knows the ID and password can check and modify personal information that requires account login. ② The company backs up data from time to time in preparation for damage to personal information. It uses the latest vaccine program to prevent members’ personal information or data from being leaked or damaged by computer viruses. ③ The company adopts security devices to safely transmit personal information over the network in case of payment.
④ The company controls unauthorized access from the outside by using an intrusion prevention system (firewall) to prevent information leakage by hacking, etc., and strives to equip all possible technical devices to secure other systemic security.
2. Administrative measures
① When the company handles personal information due to the member’s request for a password, etc., the company verifies the member’s identity in the best possible way. It does its best to ensure that the information is processed safely.
② The company restricts access to personal information to those in charge of personal information management, such as those in charge of personal information management and those inevitably handling personal information for other business purposes. It provides regular training to the employees who handle personal information. Compliance with the handling policy is always emphasized.
In addition to the company’s efforts as above, members must be careful not to expose personal information such as ID, password, and social security number on the Internet or to others. The Company is not responsible for any personal information leakage, such as ID or password, due to the member’s negligence.
Therefore, it is recommended that the member’s ID and password be used only by the member and that the password be changed frequently.
Also, it is recommended that you always log out and close the web browser after using the service. When sharing a computer with others or using it in a public place, to secure personal information.
Chapter 10. Contact information for chief privacy officer and managers
The Company appoints a chief privacy officer and managers to protect the members’ personal information and handle complaints about personal information as follows;
1. Chief Privacy Officer
① Name :
② Affiliation :
③ Position :
④ Phone :
⑤ email :
The member should contact the chief privacy officer or manager regarding complaints that arise while using the Company’s services. The Company will provide prompt and sufficient response to the members’ responses.
Chapter 11. Report and arbitration on personal information
If you need to report or consult personal information infringement, please contact the Personal Information Infringement Report Center of the Korea Information Security Agency (KISA). In addition, if you have suffered financial or psychological damage due to personal information infringement, you can apply for damage relief to the Personal Information Dispute Mediation Committee of the Korea Information Security Agency (KISA).
– Personal Information Infringement Report Center (http://www.cyberprivacy.or.kr, phone 1336)
– Personal Information Dispute Mediation Committee (http://www.kopico.or.kr, phone 1336)
– Information Protection Mark Certification Committee (http://www.privacymark.or.kr, phone 02-580-0533)
– Supreme Prosecutor’s Office Internet Crime Investigation Center (http://www.spo.go.kr, phone 02-3480-3600)
– National Police Agency Cyber Terrorism Response Center (http://www.ctrc.go.kr, phone 02-392-0330)
– National Police Agency (http://www.police.go.kr)
Chapter 12. Obligation to notify in case of changes in policy
If there is any addition, deletion, or modification of the contents of the current Privacy Policy due to changes in laws, policies, or security technologies, the Company will notify it through the ‘Notice’ on the homepage at least seven days before the revised Privacy Policy is implemented.
[Supplements]
1. Date of announcement: 0000-00-00
2. Effective date: November 28, 2013
The Company establishes a personal information handling policy to protect members’ personal information and posts on the website to inform the purpose and method the personal information provided by the member to the Company online is being used and what measures are taken to protect personal information.
The Company’s privacy policy contains the following information:
1. Items of personal information to be collected and method of collection
2. Purpose of collection and use of personal information
3. Duration to retain and use of personal information
4. Sharing and provision of collected personal information
5. Consignment of handling of collected personal information
6. Procedure and method to destroy personal information
7. Rights of users and legal representatives and their exercise
8. Installation, operation, and refusal of automatic personal information collection devices
9. Technical and administrative measures to protect personal information
10. Contact information of chief privacy officer and managers
11. Report and arbitration on personal information
12. Duty of notification
Chapter 1. Items of personal information collected and method of collection
‘Personal information’ refers to the information of an individual used for identifying the individual by name, social security number, etc., including any information that can be used with other information, even if the information can not identify a specific individual properly by itself.
1. Items of personal information collected.
① The Company collects the following personal information for membership registration, service application, and customer service.
– Register
<Registering with general procedure> : Name, social security number (passport number or foreign resident registration number), ID, password, e-mail address, phone number (mobile phone number or landline number), legal representative information (for children under 14 years)
<Registering with I-PIN> : Name, date of birth, gender, i-PIN number, ID, duplicate sign-up confirmation information (Duplicated joining verification Information value), password, e-mail address, phone number (mobile phone number or landline phone number), legal representative information (for children under the age of 14 years)
– When applying specific services: Address, business-related information (company name, business registration number, name of representative, business address/phone number/fax number/e-mail address, website address, e-commerce business registration number)
– When requesting rea fund: Account information (name of transaction bank, account number, name of the account owner)
② The following information may be generated and collected during the service or business processing. The record of service use, access log, cookie, access IP information, payment record, suspension record and inappropriate use record.
2. Method to collect personal information
Company will use the following methods many to collect personal information.
① Registration on the webpage or written form
② Customer consultation and service usage management by phone, fax, and consultation bulletin board
③ Event (giveaway event) application, delivery request
④ Provision from the affiliates
⑤ Collection by tools to collect generated information
Chapter 2. Purpose of collection and use of personal information
The Company uses the collected personal information for the following purposes.
1. To Implement the contract for providing service and settle fees according to service provision To provide service and contents, deliver goods or invoices, authenticate member’s identity, process purchase and payment, and collect fees
2. Member management
To Identify the user according to the use of membership service, prevent fraudulent or unauthorized use of membership, confirm the intent to join, restrict registration and the number of registration, confirm the consent of legal representative when collecting personal information of children under the age of 14, identify legal representative, preserve records for dispute arbitrary, handle complaints, and to deliver notices
3. To develop new services and implement marketing and advertising
To develop new services, provide specialized services based on demographic characteristics, post advertisements, identify the frequency of access, measure statistics on members’ use of service, and deliver advertising information such as events.
Chapter 3. Duration to retain and use of personal information
In principle, the information is destroyed right after collecting and using personal information is accomplished. However, the following information is retained for the specified period for the following reasons.
1. Retention of the information per the Company’s internal policy
Even if a member withdraws, the Company keeps the member’s information as follows to provide seamless service and prevent fraudulent service use
– Name, social security number (passport number/foreign resident registration number), e-mail address, phone number
Reason for the retention: T prevent any confusion in the use of service, resolve disputes, and cooperate in response to requests from investigative agencies
Period of retention: On year
– 부Records of fraudulent/inappropriate use (including personal information of fraudulent/inappropriate users)
Reason of the retention: To prevent fraudulent and defective use of services and re-registration of those users
Period of retention: One year
2. To retain the information according to relevant laws and regulations
The Company can retain the information as required by the provisions of related laws, such as the Commercial Act and the Consumer Protection Act in Electronic Commerce, etc., for a certain period as determined by the relevant laws and regulations. In this case, the Company uses the retained information only for retention, and the retention period is as follows.
– Records on contract or subscription withdrawal, etc.
Reason for the retention: Acton Consumer Protection in Electronic Commerce, etc.
Period of retention: Five years
– Records on payment and supply of goods, etc.
Reason for the retention: Act on Consumer Protection in Electronic Commerce, etc.
Period of retention: Five ears
– Records on consumer complaints and dispute handling
Records on consumer complaints and dispute handling
Period of retention: Three ears
– log record
Reason of the retention: Protection of Communications Privacy Act
Period of retention: Three months
Chapter 4. Sharing and Provision of Personal Information
The Company uses the member’s personal information within the scope set for collection and usage. It does not use it beyond the scope or disclose/provide it to third parties. However, the following cases are considered as exceptions.
1. If the member has agreed in advance to provide or share with a third party
2. By the provisions of the law or the procedures and methods outlined in the law for investigation or if there is a request from the investigative agency
Chapter 5. Consignment of handling of collected personal information
The Company consigns the following tasks: customer service management and handling customer complaints to manage personal information for smooth business processes. In addition, the Company stipulates compliance with laws and regulations related to personal information protection, prohibition of providing personal information to third parties, and liability in case of accidents to ensure personal information protection during consignment contracts. If the Company is changed its name, its changed name will be notified through the notice or privacy policy screen
Chapter 6. Procedures and methods to destroy personal information
In principle, the Company destroys the information without delay after collecting and using personal information is achieved. Procedures and methods to destroy personal information are as follows.
1. Procedure of destruction
① The information the member entered for registration is destroyed after being stored for a certain period according to the internal policy and other relevant laws for information protection (see the period of retention and usage) after the purpose is achieved.
② This personal information will not be used for any other purpose unless otherwise required by law.
2. Method to destroy
① Personal information printed on paper is shredded with a shredder or destroyed by incineration.
② Personal information stored as an electronic file is deleted using a technical method that cannot perform reproduction.
Chapter 7. Rights of the member and legal representatives and their exercise
1. The member and legal representatives may review or modify their registered personal information or the personal information of children under 14 at any time. They may request cancellation of membership (withdrawal of consent).
2. To review or modify the personal information of members or children under 14, click “Modify member information.” To withdraw membership, click “Withdraw membership,” and the member can review, modify or withdraw after the identification authentication. Or, the Company will process the member’s request without delay if the member contacts the person in charge of personal information management in writing, by phone, e-mail, or through the customer service board.
3. If the member or legal representative requests the correction of an error in the personal information, it will be used or provided after the correction is completed. In addition, if incorrect personal information has already been provided to a third party, the result of the correction will be notified to the third party without delay so that the correction can be made.
4. The company processes the personal information that has been terminated or deleted at the request of the member or legal representative by “3. Duration to retain and use of personal information,” and it will not be reviewed or used for any other purpose.
Chapter 8. Installation, operation, and refusal of automatic personal information collection devices
The Company uses ‘cookies’ that frequently store and find member information to provide individually tailored services to members. The cookie is a small text file that is sent to the user’s browser by the server used to run the website and is stored on the hard disk of the user’s computer. It identifies the user’s computer but does not identify the user personally.
1. Purpose of using cookies
The Company uses cookies for the following purposes.
To analyze the access frequency and visit time of members and non-members, identify users’ preferences and areas of interest, track traces, and provide targeted marketing and personalized services by identifying the degree of participation in various events and the number of visits
2. How to reject cookie settings
Members have the option to install cookies. Therefore, members may allow all cookies, go through confirmation whenever a cookie is saved, or refuse to save any cookies by setting options in the web browser.
Example of setting: (In case of Internet Explorer) Tools at the top of the web browser > Internet Options > Personal Information
However, cookies should be accepted to access the Company homepage and use the service. If it is refused, it may not be available to use the company’s services that require login.
Chapter 9. Technical and administrative measures to protect personal information
The member’s personal information is protected by ID and password. In addition, the Company takes the following technical/administrative measures to ensure its protection and prevent any leakage, alteration, or damage in handling the member’s personal information.
1. Technical measures
① The password of the member account is encrypted and stored so that only the user can know it. Therefore, only the person who knows the ID and password can check and modify personal information that requires account login. ② The company backs up data from time to time in preparation for damage to personal information. It uses the latest vaccine program to prevent members’ personal information or data from being leaked or damaged by computer viruses. ③ The company adopts security devices to safely transmit personal information over the network in case of payment.
④ The company controls unauthorized access from the outside by using an intrusion prevention system (firewall) to prevent information leakage by hacking, etc., and strives to equip all possible technical devices to secure other systemic security.
2. Administrative measures
① When the company handles personal information due to the member’s request for a password, etc., the company verifies the member’s identity in the best possible way. It does its best to ensure that the information is processed safely.
② The company restricts access to personal information to those in charge of personal information management, such as those in charge of personal information management and those inevitably handling personal information for other business purposes. It provides regular training to the employees who handle personal information. Compliance with the handling policy is always emphasized.
In addition to the company’s efforts as above, members must be careful not to expose personal information such as ID, password, and social security number on the Internet or to others. The Company is not responsible for any personal information leakage, such as ID or password, due to the member’s negligence.
Therefore, it is recommended that the member’s ID and password be used only by the member and that the password be changed frequently.
Also, it is recommended that you always log out and close the web browser after using the service. When sharing a computer with others or using it in a public place, to secure personal information.
Chapter 10. Contact information for chief privacy officer and managers
The Company appoints a chief privacy officer and managers to protect the members’ personal information and handle complaints about personal information as follows;
1. Chief Privacy Officer
① Name :
② Affiliation :
③ Position :
④ Phone :
⑤ email :
The member should contact the chief privacy officer or manager regarding complaints that arise while using the Company’s services. The Company will provide prompt and sufficient response to the members’ responses.
Chapter 11. Report and arbitration on personal information
If you need to report or consult personal information infringement, please contact the Personal Information Infringement Report Center of the Korea Information Security Agency (KISA). In addition, if you have suffered financial or psychological damage due to personal information infringement, you can apply for damage relief to the Personal Information Dispute Mediation Committee of the Korea Information Security Agency (KISA).
– Personal Information Infringement Report Center (http://www.cyberprivacy.or.kr, phone 1336)
– Personal Information Dispute Mediation Committee (http://www.kopico.or.kr, phone 1336)
– Information Protection Mark Certification Committee (http://www.privacymark.or.kr, phone 02-580-0533)
– Supreme Prosecutor’s Office Internet Crime Investigation Center (http://www.spo.go.kr, phone 02-3480-3600)
– National Police Agency Cyber Terrorism Response Center (http://www.ctrc.go.kr, phone 02-392-0330)
– National Police Agency (http://www.police.go.kr)
Chapter 12. Obligation to notify in case of changes in policy
If there is any addition, deletion, or modification of the contents of the current Privacy Policy due to changes in laws, policies, or security technologies, the Company will notify it through the ‘Notice’ on the homepage at least seven days before the revised Privacy Policy is implemented.
[Supplements]
1. Date of announcement: 0000-00-00
2. Effective date: November 28, 2013