Mindlogic, Inc. (the "Company") collects, records, stores and uses ("Processes") the personal information of its Users solely for the following purposes. The Company will not Process its Users’ personal information for any purposes other than the following. If the purpose of use is changed, the Company will take necessary measures under applicable laws, such as obtaining consent in accordance with Article 18 of the Personal Information Protection Act.
1. Confirmation of intention to join the Service’s membership, age verification and consent of legal representatives, identification of Users and their legal representatives, confirmation of intention to withdraw from membership
2. User protection and Service operation, such as preventing and sanctioning acts that impede the smooth operation of Services, including violations of terms, preventing account theft, delivering notices such as amendments to terms and conditions, preserving records for dispute mediation, and handling of User complaints
3. Analysis of Service usage records and access frequency, statistics regarding Service usage, customized Service and advertisement delivery according to Service analysis and statistics, etc.
4. In addition to providing existing services such as content (including advertisements), discovering new Services and improving existing Services, such as demographic analysis, Service usage analysis, formation of relationships between Users based on personal information and interests, and provision of customized services based on acquaintances and interests
5. Establishing a service that Users can use with confidence in terms of security, privacy and safety
The personal information collected by the Company regarding application of User registration and Service provision is as follows.
1. User Registration and Management
a. Required items: Date of birth, gender
b. Optional items: Phone number, email address, name, religion, occupation, marital status, hobbies, etc.
2. Provision of Paid Service
a. Required items: Information necessary for identity authentication such as date of birth, gender, name, past purchase history
b. Optional: (None)
3. Automatically collected items: IP information, MAC information, usage records, access logs, cookies
The Company retains the collected personal information of Users within the period of retention agreed upon when collecting personal information and Processes it according to the aforementioned purposes. The retention period may vary if permitted or required by law, including in the following cases, and will expire immediately when the User withdraws consent to the collection and use of personal information.
1. Records of contracts or subscription withdrawal. These will be preserved for 5 years in accordance with Article 6 of the Act on the Consumer Protection in Electronic Commerce. and Article 6 of the Enforcement Decree, even if the User withdraws consent for the use of personal information.
2. Records of payment and supply of goods. These will be preserved for 5 years in accordance with Article 6 of the Consumer Protection Act in Electronic Commerce. and Article 6 of the Enforcement Decree, even if the User withdraws consent for the use of personal information.
3. Records of consumer complaints or dispute resolution. These will be preserved for 3 years in accordance with Article 6 of the Consumer Protection Act in Electronic Commerce. and Article 6 of the Enforcement Decree, even if the User withdraws consent for the use of personal information.
4. Records related to communication confirmation such as access. These will be preserved for 3 months from the time the records are created in accordance with Article 15-2 of the Protection of Communications Secrets Act and Article 41 of the Enforcement Decree.
The Company collects and uses Users' personal information within the scope of the purpose notified to the User, and does not use it beyond the scope or provide it to a third party without the User’s prior consent, with the exception of the following scenarios.
1. The User consents to a provision to a third party in advance
2. The law provides otherwise, or there is a request from a government investigative agency in accordance with the procedures and methods under applicable laws
3. It is significantly difficult to obtain consent by ordinary means due to economic and technical reasons, and it is absolutely necessary for the implementation of the User Agreement, such as for the provision of Services.
4. Personal information is used after altered in a way that Processed and used in a state in which the User cannot be specified or identified
The Company entrusts the processing of personal information as follows for effective Service implementation, and the company entrusted with the processing of personal information will process the personal information to the least extent necessary to perform the entrusted work. The contents of the entrusted work for the processing of personal information and the entrusted persons are as follows.
1. Contents of Entrusted Work: [N/A]
2. Entrusted Person: [N/A]
3. Contact: [N/A]
1. Users and their legal representatives may at any time inquire, view, or modify their registered personal information, request the termination of the User Agreement, or withdraw consent for the processing of personal information.
2. The exercise of the rights under Paragraph 1 can be done by pressing the membership withdrawal button posted in the Service.
3. If the Company receives an application related to Paragraph 1 from a User or a legal representative, unless there is a justifiable reason, the Company will complete relevant measures within 10 days and notify the User accordingly.
4. If the Company refuses or postpones the approval of the application from the User or a legal representative under Paragraph 1, the Company shall notify the User about the reasons for the objection and the appeal procedure within 10 days from the date of receipt of the application.
The Company uses 'authentication tokens' that automatically store and retrieve User information to provide Services personlized and customized to each User. The authentication token is a very small text file that is sent to the User’s client application by the server and is stored in the User’s mobile device.
1. Purpose of Token: The token is used to provide optimized information to Users by recognizing their visits and usage patterns.
2. Installation, Operation, and Rejection of Token: Tokens are an essential element in order to provide and use this Service. Users who do not agree to the installation and operation of tokens may stop using the Service or delete the Service from their mobile device to prevent the tokens from being used.
After the purpose of Processing Users’ personal information has been achieved and the retention period has expired, the Company shall destroy Users’ personal information without delay in accordance with the following procedures and methods.
1. Destruction procedure: When the retention period of the Company expires, all personal information provided by the User to the Company is automatically selected for destruction and is destroyed according to the Company's internal policies and related laws.
2. Destruction method: Personal information that the Company holds electronically is permanently deleted using a technical method that prevents the reproduction of data. Any hard copies such as paper printouts are permanently destroyed through shredding or incineration.
The Company shall take the following measures to protect Users' personal information.
1. Establishment of Internal Regulations and Guidelines
The Company has established relevant internal regulations and guidelines to emphasize the security of all Users' personal information.
2. Management of Access Rights
The authority to access Users' personal information are differentiated according to the job title and position of each employee, and every access to Users’ personal information is continuously monitored.
3. Password Management
The Company stores passwords via one-way encryption.
4. Control Access by Unauthorized Persons
The Company controls access to Users’ personal information by persons without access authority.
5. Encrypting Personal Information
The Company stores the personal information of each User in an encrypted form.
6. Storage of Access Records and Prevention of Falsification
The Company keeps the log-in records (date, time, subject, IP, etc.) of employees who have accessed computer systems and backs the records up to a separate device to prevent forgery and falsification.
7. Physical Access Prevention
The Company uses IDC services provided by Amazon Web Services (AWS), Google Cloud Platform (GCP), and Pubnub. Physical access prevention is implemented in accordance with the policies of those services.
The User may submit inquiries or grievances regarding the Company's protection of personal information to the following officer.
Name: Kim, Jin Wook
Position: Co-CEO
Contact: contact@mindlogic.ai