Contact Us

Privacy policy

Privacy policy

<Changeall: the title of the service Mori> has the following process policies to protect the personal information and rights and to address the user’s problems related to personal information.  

<Changeall> will notify the user through the website notice (or individual notice) in the case of the modification of the privacy policy.   

○ This policy will be implemented from August 1, 2021.

1. The purpose of processing personal information processes personal information for the following purposes. The processed information will not be used in any other purposes than following purposes and we will seek consent before the modification of the purpose of use.

The signing up membership of the service (App) and  management

  1. Personal information is processed for the following purposes: the confirmation of the signing up of membership, identification and authorization of the user according to providing service, the retention and maintenance of the qualification of the members, the identification of the user in respond to the implementation of the user identification system, the prevention of the misuse of the service, the preservation of a variety of notices and records for settling disputes.
  2. providing Goods and Service

  Personal information is processed for the purpose of providing services, contents and the validation of the user

  1. the utilization in the areas marketing and advertisements.

Personal information is processed the following purposes: the development of new services (products) providing customized services, providing information on events and advertisements and opportunities for participating in them, the providing services and advertisements based on demographic characteristics, the confirmation of the validity of services, checking on the frequency of access or statistics of the use of service by the members.   
 

2. Status of personal information file

The purpose of processing personal information files registered and disclosed in accordance with Article 32 of the Personal Information Protection Act is as follows

Personal information file name: Personal information handling file

-Personal information items: email, login ID, service usage record

-collection method: service (App), provided by social affiliates

-grounds for retention: customer management, service provision, content provision, marketing utilization, etc.

-the period of retention: 3 years

-related regulations: customers’ complaints or the records of the settlements of the suits. :

3 years

※ For the disclosure of other personal information files, please refer to the Ministry of the Public Administration and Security’s Personal Information Comprehensive Support Portal (www.privacy.go.kr) → Personal Information complaint → Requesting the opening personal information  → personal information file list search menu.

3. Processing and retention period of personal information

① Changeall processes and retains personal information within the period of retention and use of personal information in accordance with regulations and within the period of the retention and use of personal information, personal information given consent by the subjects of the information is processed and retained.

② Each personal information processing and retention period is as follows 

  1. <Signing up of membership of service (App) and management >. Personal information related to .<Signing up of membership of service (App) and management > will be retained and used for above mentioned purposes from the date of agreement on the collection and use up to <three years>
  • The ground for the retention: the management of customers, service provision, content provision, the utilization in marketing
  • Related regulation: records of consumer complaints and or disputes: 3 years

4. Information subject and the user of the law representative’s rights and obligations and the method of exercise can exercise the following rights.

①  The information subject may exercise his or her right to read, correct, delete or stop processing personal information at any time regarding Changeall

②  The exercise of the right under the Paragraph 1 can be done in writing or by email in accordance with Paragraph 1 of Article 41 and Changeall will take measures without delay. 

③ The exercise of rights under Paragraph 1 can be done through the legal representative who has been delegated. In this case, one must submit a power of attorney according to Form 11 of the Enforcement Regulations of the Personal Information Protection Act.           

④ The request for opening and stopping the process of personal information may restrict the right of the information subject in accordance with Paragraph 5 of Article 35, Paragraph 2 of Article 37 

⑤  A request for correction or deletion of personal information may not request the deletion if the personal information is specified for collection in other laws and regulations.

⑥  Changeall confirms that the person who requests the opening according to the right of the information subject, correction and deletion and the suspension of the process is himself or herself or a valid representative.   

5. Creating items of personal information to be processed

①  Changeall processes the following personal information items.

1<Signing up membership of the service (App) and management>
-Required items: email, login ID, the record of the use of service  

6. The destruction of personal information Changeall destroys personal information without delay when the purpose of processing personal information is achieved in principle. The procedures, deadlines and methods of destruction are as follows

-The procedure of destruction

The information entered by the user is transferred to a separate DB ( in the case of paper a different document) on achieving its objective and saved for a specific time in accordance with regulations and immediately destroyed. At the time, the personal information transferred to the DB will not be used for other purposes unless required by law.  

        

-The period of destruction

In case the retention period of personal information expires, within 5 days from the expiration day of the retention period, the personal information of the user is destroyed within 5 days when the information is unnecessary due to such as the achievement pf processing personal information, the termination of the service and the business,

 

-The method of destruction

Information in the form of electronic files uses a technical method that cannot reproduce the record. Personal information printed on paper is destroyed by shredding or incineration. 

7. Issues of installation, operation and rejection of automatic collection of personal information

Changeall does not use ‘coolies’ that save and retrieve the information of use of the information subject.  

8. The composition of the supervisor for the protection of personal information

Changeall is wholly responsible for the tasks of handling personal information and designates the person mentioned below in order to address the complaints of the information subject related to the processing of personal information.    

 

▶ Supervisor for the protection of Personal Information

Name: Kim Jung Eun

Position: In charge of the protection of personal information

Contact: changeallkorea@naver.com,

The information subject can inquire of all issues concerning the protection of personal information, the handling of complaints, compensation for damage to the supervisor for the protection of personal information and the relevant department. Changeall will respond to and address the inquires of the information subject.

9. The modification of the policy of processing personal information

① The policy of personal information is applied to on the day of its implementation, and in the case of adding, deleting, and correcting the contents of the modification, it will be notified through the notice 7 days before the implementation.

10. The measures to secure the safety of personal information. Changeall takes technological, administrative and physical measures to secure safety in accordance with Article 29 of the personal Information Protection Act.

1. The implementation of regular self-check

In order to make sure the safety of personal information, Changeall conduct regular self-check (once a quarter).  


2. The minimization of the number of employees handling personal information and training.
We implement measures in which employees handling personal information are designated and minimizing their number.

 

3.  The establishment and Implementation of internal management plan

In order to process personal information in safety, we establish internal management plan and implement it.  

 

4. Technological measures against hacking

Changeall installs security program, make regular update and check-up, installs the system in the area to which access is not prevented from the outside and monitors and blocks the access technologically and physically.    

 

5. Encryption of Personal information

The user’s personal information is stored and managed by encrypting the password; therefore, only the user can know it and important data encrypt files and sending data and separate security functions are applied such as locking the files.

 

6. Storage of access record and the prevention of forgery

We keep and manage the access records to the personal information processing system for at least 6 months and use the security functions to prevent the access record from being forged, stole or lost.   

 

7. Restriction of access to personal information

We take measures to control the access to personal information by means of granting the authorization of access to the data base processing personal information and modifying and nullifying the authorization.

 

8. Controlling access by unauthorized persons

We set up a separate physical space for personal information and establish and implement the procedures for controlling access.

 

The version number of the policy of processing personal information: Ver1.0

Announcement Date: October 1, 2021

Effective Day: October 1, 2021

© CHANGE ALL Corp.