OHRAE Inc. (hereinafter referred to as the "Company") values the personal information of its members and complies with the personal information protection regulations under relevant laws and regulations that information and communication service providers must comply with, such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Personal Information Protection Act, the Communications Secrets Protection Act, and the Telecommunications Business Act, and does its best to protect the rights and interests of its members by establishing a personal information processing policy in accordance with relevant laws and regulations.

Through the Privacy Policy, the Company informs members of the purpose and manner in which the personal information provided by members is used and what measures are being taken to protect personal information. The Company makes this Privacy Policy public by posting it in the settings of ZeroEyes so that members can easily view it at any time.

If the Company revises the Privacy Policy, the Company will notify the reason for the revision and the contents of the revision through appropriate means such as SMS and messenger notification talk through the mobile phone number provided by the member, and a notification window when logging in, and if the Privacy Policy is changed, a version number is assigned so that the member can easily recognize the changes.

This Privacy Policy is effective from June 19, 2023.

Article 1 Purpose of Collection and Use of Personal Information

  1. The Company collects the minimum required information from members for the purpose of processing business necessary to provide smooth services to members of merchants (hereinafter referred to as "merchants") who have entered into a ZeroEyes usage agreement with the Company, and all personal information provided will not be provided to a third party or used for any purpose other than that purpose unless otherwise agreed.
  2. The Company uses the collected personal information only for the following purposes.
    1. User identification and verification of user's qualification and authority
      1. confirmation of membership and withdrawal intention, user identification or information verification, change of personal information, etc.
    2. reservation/purchase/payment/cancellation and refund processing of products or services provided by the Company
    3. communications and notifications necessary for service operation
      1. Delivery of notices such as purchase confirmation, revision of terms and conditions, and notifications related to reservation/purchase/payment/cancellation and refund processing, etc.
    4. Prevention and sanctions for acts that interfere with member protection and service operation
      1. prevention of account theft and unauthorized use by rogue members, prevention of unauthorized use, and restriction of use for members who violate laws and regulations and ZeroEyes Terms of Use, etc.
    5. preservation of records for dispute resolution and handling of complaints regarding service use between the Company and members
    6. Development of new services and utilization for marketing/advertising
      1. analyzing service usage records and access frequency, analysis and statistics on service usage, providing customized services and placing advertisements according to demographic characteristics, providing opportunities to participate in promotions, or providing advertising information
    7. Establishing a service use environment that members can use with confidence in terms of security, privacy, and safety

Article 2 Personal Information Collection Items and Collection Methods

  1. The Company collects the following personal information when using ZeroEyes to provide smooth service to members.
    1. When registering for membership (required information)
      1. mobile phone number, date of birth, gender
    2. When registering a member profile (optional information)
      1. name (real name or nickname), guardian's mobile phone number, verification number for group verification
    3. When a member requests a purchase, payment, or cancellation
      1. When making a credit card payment: card company name, card number, etc.
    4. When registering for My Card
      1. card type, card number, expiration date (month/year), first 2 digits of password, and 6 digits of date of birth (personal card, corporation designated card) or business license number (corporate public card)
  2. The Company may periodically validate or verify the member's information deemed necessary for service operation, such as the member's payment card and account number.
  3. If the Company collects additional personal information in the process of using the Service, the Company shall inform the Member of the personal information items to be collected, the purpose of collecting and using the personal information, and the storage period of the personal information at the time of collection and obtain consent. In addition, service usage records such as IP address, cookies, date of use, and bad usage records may be generated or stored by automated methods, and the Member's device information may be collected after being securely converted so that the original value cannot be identified.

Article 3 Use and Retention of Personal Information

  1. The Company may retain and use the Member's personal information collected while the Member remains a Member.
  2. If a member withdraws or is disqualified, the Company shall delete and destroy the collected member information even if there is no separate request from the member. However, despite the member's withdrawal or disqualification, the following information will be retained for a specified period of time and then deleted and destroyed for the following reasons.
    1. Retention of information in accordance with the Company's internal policies
      1. Recording of member information for resolving disputes and problems between the company and members: until the statute of limitations for disputes is exceeded, etc.
      2. Recording of member information to restrict the rejoining of withdrawn members: 3 months
      3. Recording of membership information to restrict the re-enrollment of restricted members and fraudulent members: according to the restriction period (stored separately)
    2. Retention of information under relevant laws
      1. Records on contract or subscription withdrawal: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
      2. Records on payment and supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce, etc. Act)
      3. Records of consumer complaints or dispute handling: 3 years (Act on Consumer Protection in Electronic Commerce, etc. Act on Consumer Protection in Electronic Commerce, etc.)
      4. Records on display/advertising: 6 months (Act on Consumer Protection in Electronic Commerce, etc.)
      5. Books and supporting documents for all transactions prescribed by tax laws: 5 years (National Tax Act)
      6. Login records: 3 months (Act on the Protection of Communications Secrets)

Article 4 Delegation of Personal Information Processing

  1. The Company may entrust the collection, storage, processing, etc. of members' personal information to other companies within the scope of necessary business in order to improve the service. In addition, in accordance with relevant laws and regulations, the Company stipulates the necessary matters so that personal information can be safely managed when entering into a consignment contract.

  2. When entering into an entrustment contract, the Company shall specify in documents such as contracts the prohibition of processing personal information other than for the purpose of performing entrusted tasks, technical/administrative protection measures, restrictions on re-consignment, management/supervision of the entrustee, and responsibilities such as compensation for damages in accordance with the Personal Information Protection Act, and thoroughly manage and supervise the entrustee to ensure that the personal information is safely processed.

  3. The company's personal information consignment processing organization and consignment business contents are as follows.

    Entrusted organization Entrusted business contents
    Tyro - Payment and collection of expenses and compensation, financial transactions

Article 5 Rights and obligations of members and legal representatives and how to exercise them