GOM Lab Policy
Privacy Policy
GOM & Company Co., Ltd. (hereinafter the “Company”) complies with the Personal Information Protection Act and is committed to protecting the rights and interests of users so that users can receive services safely by establishing a privacy policy under relevant laws and regulations.
Through this Privacy Policy, the Company aims to inform you of the purpose and method of using the personal information provided by users and what measures are being taken to protect personal information.
Article 1 [Personal Information to be Collected and Method of Collection]
- ① Collected Items
-
-
1)In order to provide services at the time of initial membership registration, only the most essential and basic personal information is selectively collected according to the membership type.
- ▶ When registering as an Individual member
-
- □Mandatory Items: Email address, password, nickname, Country, age verification (over/under the age of 13)(South Korea – if under 14 years of age), date of birth, legal representatives’ name and email address
- □Optional Items: Contact Number
- ▶ When registering as a Business member
-
- □ Email address, password, nickname, Country, organization type, organization, manager name, age verification (over/under the age of 13), Contact Number
- □Optional Items: Company Registration Number
- ▶ Mandatory Items when registering with your Social Media account
-
- NAVER: Email Address, Profile Picture
- kakao: Email Address, Profile Picture
- Google: Email Address, Profile Picture
- Facebook: Email Address, Profile Picture
- LINE: Email Address, Profile Picture
- VK: Email Address, Profile Picture
-
2)The following information may be automatically generated and collected in the process of service usage or business processing:
- □Service use and suspension records, access logs, cookies, access IP information, payment records, PC device name, device type, and others
- □Mac Address, Disk Serial
- 3)Additional information may be collected only for the users using the other services with their email addresses or in the process of participating in an event. However, this shall apply only when the consent to additional collection of personal information is obtained.
-
4)When using the Talk Student ID service, the following information is mandatory to collect with user consent.
- □Required Information: Name, Date of Birth, Mobile Phone Number
-
1)In order to provide services at the time of initial membership registration, only the most essential and basic personal information is selectively collected according to the membership type.
- ② Method of Collection
-
The Company collects personal information as following methods:
- □Website membership registration, usage of paid/free service, written form, phone, fax, inquiry board, event participation, email, collection through generated information collection tools, and others
Article 2 [Purpose of Collection and Use of Personal Information]
- ①The Company collects users' personal information in order to ensure more safe and comfortable use of service based on trust and provide optimally customized services for users. Based on the personal information provided by the user, the Company is able to provide more useful information to the user at an optional level. The Company does not disclose the users' personal information without their prior consent, and is using the information collected as follows.
- ②Personal information registered by the user is used to facilitate the Company’s provision of services, such as performing what is agreed on service provision, payment for service provision, identity verification for membership services, identification, prevention of illegal use by unqualified members or unauthorized use, confirmation of age, handling of complaints and opinions, sending newsletters on service-related news, events, updates, etc. which are sent upon consent of the users.
- ③The Company may post advertisements, etc. in each service or menu based on the accurate personal information of the Users to provide various free services. The Company provides custom-based advertisements according to the type of users and does not to show or disclose users’ personal information to advertisers.
- ④The Company may use statistics on the use of services by the users and personal information, etc. registered by the users for marketing and advertising activities, such as development and specialization of new services (products), guidance on and solicitation of allied financial products (insurance, cards, etc.) and living convenience services, transmission of event announcement and other advertisement for profit-making purposes (telephone, mail, e-mail, text messages, etc.) and provision of services according to demographic characteristics.
Article 3 [Retention and Use Period of Collected Personal Information]
In principle, personal information will be destroyed when the purpose of collection or provision is achieved as below. However, the following information will be retained for the periods specified below.
-
①Records on Illegal Use
- □Grounds for retention: Prevention of illegal use
- □Retention period: 1 year
In addition, if it is required by the applicable laws and regulations to preserve such information, the Company shall retain the user information for a certain period prescribed by the applicable laws and regulations which is as follows:
- ②Records on contracts and withdrawal of offer, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- ③Records on payment and supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- ④Records on electronic financial transactions: 5 years (Electronic Financial Transactions Act)
- ⑤Records on consumer complaints and handling of disputes: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)
- ⑥Records on visit: 3 months (Protection of Communications Secrets Act)
Article 4 [Personal Information Collection Items of Mobile App Service, Purpose of Use and Processing Method]
Personal information may be collected in the process of using the mobile app service, and it is processed as follows.
-
①Personal information Category
- □Android advertisement ID
- □Installed Applications
-
②Purpose of personal information
- □In-App advertisement
- □User analysis for advertisement
-
③Method of Collecting Personal Information
- □Auto collection when the user runs the app
-
④Personal Information Retention Period
- □When the purpose is achieved and until the app is deleted
It is used only for user analysis and advertisement for in-app advertising and is completely anonymized. The information listed above is de-identified and may be provided to third parties for purposes of marketing targeting an unspecified population. When the purpose is achieved, personal information will be destroyed and the above category will not be used when deleting the App.
- ▶ Block / allow advertising identifiers on Mobile phones
-
※ (Android) Settings > Privacy > Advertising > Reset Advertising ID or Delete Advertising ID
※ (iPhone) Settings > Privacy > Tracking > Allow apps to request tracking Off
Article 5 [Procedure and Method of Disposing Personal Information]
In principle, the Company will destroy personal information immediately when the purpose of collection and use of such information is attained. The procedure and method of destruction of the personal information of the Company are as follows:
- ① Destruction Procedure
-
- 1)Following the membership registration, your personal information will be retained by the Company and used for the provision of the services during the service period pursuant to the internal policy of the Company. However, in the case of membership withdrawal, after the purpose is achieved, it is transferred to a separate DB (separate filing cabinet in case of paper) and destroyed after being stored for a certain period of time according to internal policy and information protection reasons according to the related law (refer to the retention and usage period). However, if you delete your ID or request to cancel your membership, the information provided by you for membership subscription, etc. will be transmitted to a separate DB(a separate document box in the case of a paper form) after the purpose of collection is achieved and retained for a certain period of time and destroyed pursuant to the internal policies and other applicable laws and regulations (please see the section on retention and use period).
- 2)After transmission to a separate DB, the personal information will not be used for other purposes unless required by applicable laws.
- ② Method of Destruction
-
- 1)The Company destroys personal information stored in electronic file form by using technical methods that render such information irrecoverable.
- 2)Personal information printed on paper will be destroyed by shredding or incineration.
Article 6 [Provision and Sharing Personal Information with Third Parties]
The Company will use the personal information of the users within the scope as notified in “2. Purpose of Collection and Use of Personal Information,” and will not use the personal information of the users beyond the scope without prior consent from the users or disclose it to outside in principle. However, there are exceptions in the following cases:
- ① Exceptions
-
- 1)If the users have given consent to disclosure in advance.
- 2)When required under the applicable laws and regulations, or requested by investigative authorities for investigative purposes in accordance with the procedures and methods set forth in laws and regulations.
- ② GOM Lab’s provision of personal information to third parties is as follows.
-
provision of personal information to third parties Recipient Purpose of Use Issue Information Personal information retention and use of period Kakao Inc. Identification verification for issuing Talk Student ID Name, Date of Birth, Mobile Phone Number Until the purpose of use is achieved
Article 7 [Outsourcing of Personal Information Processing]
The Company outsources the processing of personal information as follows to improve its services, and ensures to include certain necessary provisions in the outsourcing agreements to ensure safe management of personal information in accordance with the applicable laws and regulations. The Company's personal information processing agencies and the outsourced services are as follows:
Outsourcee | Outsourced Service | Retention and Usage Period of Personal Information |
---|---|---|
Danal Co., Ltd | Korean Won Payment Agency (Credit/Debit card, Mobile Phone, Virtual Account) | Upon withdrawal from membership or until the termination of outsourcing agreement |
Kakao Pay Co., Ltd | Korean Won Payment Agency (Credit/Debit card, kakaopay Money) | |
Degica Co., Ltd. | Japan Yen Payment Agency (Credit card, Convenience store, Account transfer, Prepaid card) | |
PayPal Pte. Ltd. | US Dollar Payment Agency (Credit card) | |
LLC DBA FASTSPRING | US Dollar Payment Agency (Credit card) | |
The White Communication | customer counseling information | 5 years |
The Company entrusts personal information to overseas to provide users with the stable service provision and the latest technology, and stores personal information acquired or created from users (physical storage location: USA) on the AWS (Amazon Web Services Inc.). AWS only physically manages the server and cannot access the user's personal information.
Trustee | Previous Item | Previous Country | Previous Date and Method | Period of Retention and Use of Personal Information |
---|---|---|---|---|
AWS (Amazon Web Services Inc.) privacy@salesforce.com, privacyofficer@marketo.com +1-800-935-9935 |
Service usage records or collected personal information | United States (AWS Virginia region) | Transmission over the network at the time of service use | Until Service Change (Until the change of the cloud services currently used by the company) |
Article 8 [Rights of Users and Legal Representatives and Methods of Exercising]
- ①User may at any time request to inquire for or modify their registered personal information and to withdraw their membership.
- ②In order to view or modify a member's personal information, select "Edit” to modify or "Cancel Membership" to withdraw the membership. Or, users may contact the Personal Information Officer in writing, or via telephone or e-mail, and the Company will take necessary measures without delay.
- ③If you request for correction of any error in your personal information, the Company will not use or provide the personal information until the correction thereof is completed. Also, if any inaccurate personal information has been already provided to a third party, the Company will immediately notify the third party to make sure that the correction is made. Personal information terminated or deleted upon a user's request will be processed as set forth in “3. Retention and Use Period of Collected Personal Information” and will not be viewed or used for any other purposes.
- ④The rules for users under 14 years of age are as follows.
- ▶ For South Korean Users
-
-
1)When collecting personal information from users under the age of 14, GOM Lab collects the minimum amount of personal information to obtain consent from a legal representative.
□ Required Information : Name and email address of legal representative. -
2)When collecting personal information from users under the age of 14, GOM Lab may request minimum information such as email address of the legal representatives and confirm whether the legal representative has consented using the method below.
□ How to send an email that contains the consent and receive and email expressing consent from your legal representative.
-
1)When collecting personal information from users under the age of 14, GOM Lab collects the minimum amount of personal information to obtain consent from a legal representative.
- ▶ For Users in Other Countries(excluding South Korea)
-
- 1)If you are under 13 years of age, you cannot sign up for the service.
Article 9 [Installation/Operation and Refusal of Devices for Automatically Collecting Personal Information]
The Company uses cookies when providing services. Cookies are information that the server used for website operation sends to a user's computer browser, and are encrypted and stored on a user's computer hard disk.
The Company uses cookies for the following purposes:
- ① Purpose of Using Cookies
-
- 1)It is used to provide targeted marketing and personalized service by referring to the frequency and time of visits, areas of interest, and degree of event participation.
- ② Installation/Operation and Refusal of Cookies
-
- 1)Users can choose or reject the use of cookies.
- 2)However, please note that if you refuse to use cookies, there may be restrictions on using some services, and you are solely responsible for the outcome of this decision.
※ Configuration Method: On the top right of your web browser, go to Settings > More Tools > Privacy and Security > Cookies and Data on Other Sites
Article 10 [Technical and Managerial Protective Measures for Personal Information]
The Company establishes the following technical/managerial measures to secure safety and prevent any loss, theft, leakage, alteration, or damage of personal information when handling personal information of users:
- ① Password Encryption
- Users’ passwords may only identify their passwords in a one-way encrypted manner and thus confirmation and change of passwords may also be made only by users themselves who know what the passwords are.
- ② Preparation against Hacking Attempts, etc.
- The Company manages its system through firewall to prevent any leakage or damage of users' personal information due to hacking or computer viruses, etc., and regularly updates the up-to-date anti-virus programs to prevent leakage and damage of personal information.
- ③ Minimization of Employees Handling Personal Information and Training
- The Company's employees handling personal information are restricted to those in charge of processing personal information and are given a separate password to renew the authorized persons on a regular basis. Also, the Company use its efforts to comply with the Company's privacy policy by conducting occasional training on the responsible persons.
- ④ Cautions on Protecting Personal Information
- In principle, the Member's ID and password can be used only by the member self. The Company shall not be liable for any matters arising out of the leakage of personal information, such as IDs, passwords and resident registration numbers, caused from the member’s personal negligence or general risks arising from the Internet. We ask you to take extra care for security of your personal information to prevent any leakage of personal information through shared PCs.
Article 11 [Chief Privacy Officer and Manager]
The Company has appointed the department in charge of protecting users’ personal information and handling personal information-related complaints as well as the chief privacy officer.
- ▶ Chief Privacy Officer
-
- □Name: Kwangsub Kim
- □Position: Vice President
- □E-mail: gom.privacy@gomcorp.com
- ▶ Personal Information Protection Manager
-
- □Name: Jungha Cha
- □Position: Manager
- □E-mail: gom.privacy@gomcorp.com
If you need to report on personal information infringement or require further consultation, you may contact the following agencies:
- ①Personal Information Infringement Reporting Center (privacy.kisa.or.kr)
- ②Cyber Investigation Department of the Supreme Prosecutor’s Office (www.spo.go.kr)
- ③Cyber Safety Department of the National Police Agency (cyberbureau.police.go.kr)
Article 12 [Duty to Notify]
If there is any addition, deletion or modification of the current Privacy Policy, such addition, deletion or modification will be posted on the website notice from at least 7 days prior to such amendment.
Addendum
This Privacy Policy shall take into effect on May 8th, 2024.
GOM & Company Co., Ltd. (hereinafter the “Company”) complies with the Personal Information Protection Act and is committed to protecting the rights and interests of users so that users can receive services safely by establishing a privacy policy under relevant laws and regulations.
Through this Privacy Policy, the Company aims to inform you of the purpose and method of using the personal information provided by users and what measures are being taken to protect personal information.
Article 1 [Personal Information to be Collected and Method of Collection]
- ① Collected Items
-
-
1)In order to provide services at the time of initial membership registration, only the most essential and basic personal information is selectively collected according to the membership type.
- ▶ When registering as an Individual member
-
- □Mandatory Items: Email address, password, nickname, Country, age verification (over/under the age of 13)(South Korea – if under 14 years of age), date of birth, legal representatives’ name and email address
- □Optional Items: Contact Number
- ▶ When registering as a Business member
-
- □ Email address, password, nickname, Country, organization type, organization, manager name, age verification (over/under the age of 13), Contact Number
- □Optional Items: Company Registration Number
- ▶ Mandatory Items when registering with your Social Media account
-
- NAVER: Email Address, Profile Picture
- kakao: Email Address, Profile Picture
- Google: Email Address, Profile Picture
- Facebook: Email Address, Profile Picture
- LINE: Email Address, Profile Picture
- VK: Email Address, Profile Picture
-
2)The following information may be automatically generated and collected in the process of service usage or business processing:
- □Service use and suspension records, access logs, cookies, access IP information, payment records, PC device name, device type, and others
- □Mac Address, Disk Serial
- 3)Additional information may be collected only for the users using the other services with their email addresses or in the process of participating in an event. However, this shall apply only when the consent to additional collection of personal information is obtained.
-
1)In order to provide services at the time of initial membership registration, only the most essential and basic personal information is selectively collected according to the membership type.
- ② Method of Collection
-
The Company collects personal information as following methods:
- □Website membership registration, usage of paid/free service, written form, phone, fax, inquiry board, event participation, email, collection through generated information collection tools, and others
Article 2 [Purpose of Collection and Use of Personal Information]
- ①The Company collects users' personal information in order to ensure more safe and comfortable use of service based on trust and provide optimally customized services for users. Based on the personal information provided by the user, the Company is able to provide more useful information to the user at an optional level. The Company does not disclose the users' personal information without their prior consent, and is using the information collected as follows.
- ②Personal information registered by the user is used to facilitate the Company’s provision of services, such as performing what is agreed on service provision, payment for service provision, identity verification for membership services, identification, prevention of illegal use by unqualified members or unauthorized use, confirmation of age, handling of complaints and opinions, sending newsletters on service-related news, events, updates, etc. which are sent upon consent of the users.
- ③The Company may post advertisements, etc. in each service or menu based on the accurate personal information of the Users to provide various free services. The Company provides custom-based advertisements according to the type of users and does not to show or disclose users’ personal information to advertisers.
- ④The Company may use statistics on the use of services by the users and personal information, etc. registered by the users for marketing and advertising activities, such as development and specialization of new services (products), guidance on and solicitation of allied financial products (insurance, cards, etc.) and living convenience services, transmission of event announcement and other advertisement for profit-making purposes (telephone, mail, e-mail, text messages, etc.) and provision of services according to demographic characteristics.
Article 3 [Retention and Use Period of Collected Personal Information]
In principle, personal information will be destroyed when the purpose of collection or provision is achieved as below. However, the following information will be retained for the periods specified below.
-
①Records on Illegal Use
- □Grounds for retention: Prevention of illegal use
- □Retention period: 1 year
In addition, if it is required by the applicable laws and regulations to preserve such information, the Company shall retain the user information for a certain period prescribed by the applicable laws and regulations which is as follows:
- ②Records on contracts and withdrawal of offer, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- ③Records on payment and supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- ④Records on electronic financial transactions: 5 years (Electronic Financial Transactions Act)
- ⑤Records on consumer complaints and handling of disputes: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)
- ⑥Records on visit: 3 months (Protection of Communications Secrets Act)
Article 4 [Personal Information Collection Items of Mobile App Service, Purpose of Use and Processing Method]
Personal information may be collected in the process of using the mobile app service, and it is processed as follows.
-
①Personal information Category
- □Android advertisement ID
- □Installed Applications
-
②Purpose of personal information
- □In-App advertisement
- □User analysis for advertisement
-
③Method of Collecting Personal Information
- □Auto collection when the user runs the app
-
④Personal Information Retention Period
- □When the purpose is achieved and until the app is deleted
It is used only for user analysis and advertisement for in-app advertising and is completely anonymized. The information listed above is de-identified and may be provided to third parties for purposes of marketing targeting an unspecified population. When the purpose is achieved, personal information will be destroyed and the above category will not be used when deleting the App.
- ▶ Block / allow advertising identifiers on Mobile phones
-
※ (Android) Settings > Privacy > Advertising > Reset Advertising ID or Delete Advertising ID
※ (iPhone) Settings > Privacy > Tracking > Allow apps to request tracking Off
Article 5 [Procedure and Method of Disposing Personal Information]
In principle, the Company will destroy personal information immediately when the purpose of collection and use of such information is attained. The procedure and method of destruction of the personal information of the Company are as follows:
- ① Destruction Procedure
-
- 1)Following the membership registration, your personal information will be retained by the Company and used for the provision of the services during the service period pursuant to the internal policy of the Company. However, in the case of membership withdrawal, after the purpose is achieved, it is transferred to a separate DB (separate filing cabinet in case of paper) and destroyed after being stored for a certain period of time according to internal policy and information protection reasons according to the related law (refer to the retention and usage period). However, if you delete your ID or request to cancel your membership, the information provided by you for membership subscription, etc. will be transmitted to a separate DB(a separate document box in the case of a paper form) after the purpose of collection is achieved and retained for a certain period of time and destroyed pursuant to the internal policies and other applicable laws and regulations (please see the section on retention and use period).
- 2)After transmission to a separate DB, the personal information will not be used for other purposes unless required by applicable laws.
- ② Method of Destruction
-
- 1)The Company destroys personal information stored in electronic file form by using technical methods that render such information irrecoverable.
- 2)Personal information printed on paper will be destroyed by shredding or incineration.
Article 6 [Provision and Sharing Personal Information with Third Parties]
The Company will use the personal information of the users within the scope as notified in “2. Purpose of Collection and Use of Personal Information,” and will not use the personal information of the users beyond the scope without prior consent from the users or disclose it to outside in principle. However, there are exceptions in the following cases:
- ①If the users have given consent to disclosure in advance;
- ②When required under the applicable laws and regulations, or requested by investigative authorities for investigative purposes in accordance with the procedures and methods set forth in laws and regulations.
Article 7 [Outsourcing of Personal Information Processing]
The Company outsources the processing of personal information as follows to improve its services, and ensures to include certain necessary provisions in the outsourcing agreements to ensure safe management of personal information in accordance with the applicable laws and regulations. The Company's personal information processing agencies and the outsourced services are as follows:
Outsourcee | Outsourced Service | Retention and Usage Period of Personal Information |
---|---|---|
Danal Co., Ltd | Korean Won Payment Agency (Credit/Debit card, Mobile Phone, Virtual Account) | Upon withdrawal from membership or until the termination of outsourcing agreement |
Kakao Pay Co., Ltd | Korean Won Payment Agency (Credit/Debit card, kakaopay Money) | |
Degica Co., Ltd. | Japan Yen Payment Agency (Credit card, Convenience store, Account transfer, Prepaid card) | |
PayPal Pte. Ltd. | US Dollar Payment Agency (Credit card) | |
LLC DBA FASTSPRING | US Dollar Payment Agency (Credit card) | |
The White Communication | customer counseling information | 5 years |
The Company entrusts personal information to overseas to provide users with the stable service provision and the latest technology, and stores personal information acquired or created from users (physical storage location: USA) on the AWS (Amazon Web Services Inc.). AWS only physically manages the server and cannot access the user's personal information.
Trustee | Previous Item | Previous Country | Previous Date and Method | Period of Retention and Use of Personal Information |
---|---|---|---|---|
AWS (Amazon Web Services Inc.) privacy@salesforce.com, privacyofficer@marketo.com +1-800-935-9935 |
Service usage records or collected personal information | United States (AWS Virginia region) | Transmission over the network at the time of service use | Until Service Change (Until the change of the cloud services currently used by the company) |
Article 8 [Rights of Users and Legal Representatives and Methods of Exercising]
- ①User may at any time request to inquire for or modify their registered personal information and to withdraw their membership.
- ②In order to view or modify a member's personal information, select "Edit” to modify or "Cancel Membership" to withdraw the membership. Or, users may contact the Personal Information Officer in writing, or via telephone or e-mail, and the Company will take necessary measures without delay.
- ③If you request for correction of any error in your personal information, the Company will not use or provide the personal information until the correction thereof is completed. Also, if any inaccurate personal information has been already provided to a third party, the Company will immediately notify the third party to make sure that the correction is made. Personal information terminated or deleted upon a user's request will be processed as set forth in “3. Retention and Use Period of Collected Personal Information” and will not be viewed or used for any other purposes.
- ④The rules for users under 14 years of age are as follows.
- ▶ For South Korean Users
-
-
1)When collecting personal information from users under the age of 14, GOM Lab collects the minimum amount of personal information to obtain consent from a legal representative.
□ Required Information : Name and email address of legal representative. -
2)When collecting personal information from users under the age of 14, GOM Lab may request minimum information such as email address of the legal representatives and confirm whether the legal representative has consented using the method below.
□ How to send an email that contains the consent and receive and email expressing consent from your legal representative.
-
1)When collecting personal information from users under the age of 14, GOM Lab collects the minimum amount of personal information to obtain consent from a legal representative.
- ▶ For Users in Other Countries(excluding South Korea)
-
- 1)If you are under 13 years of age, you cannot sign up for the service.
Article 9 [Installation/Operation and Refusal of Devices for Automatically Collecting Personal Information]
The Company uses cookies when providing services. Cookies are information that the server used for website operation sends to a user's computer browser, and are encrypted and stored on a user's computer hard disk.
The Company uses cookies for the following purposes:
- ① Purpose of Using Cookies
-
- 1)It is used to provide targeted marketing and personalized service by referring to the frequency and time of visits, areas of interest, and degree of event participation.
- ② Installation/Operation and Refusal of Cookies
-
- 1)Users can choose or reject the use of cookies.
- 2)However, please note that if you refuse to use cookies, there may be restrictions on using some services, and you are solely responsible for the outcome of this decision.
※ Configuration Method: On the top right of your web browser, go to Settings > More Tools > Privacy and Security > Cookies and Data on Other Sites
Article 10 [Technical and Managerial Protective Measures for Personal Information]
The Company establishes the following technical/managerial measures to secure safety and prevent any loss, theft, leakage, alteration, or damage of personal information when handling personal information of users:
- ① Password Encryption
- Users’ passwords may only identify their passwords in a one-way encrypted manner and thus confirmation and change of passwords may also be made only by users themselves who know what the passwords are.
- ② Preparation against Hacking Attempts, etc.
- The Company manages its system through firewall to prevent any leakage or damage of users' personal information due to hacking or computer viruses, etc., and regularly updates the up-to-date anti-virus programs to prevent leakage and damage of personal information.
- ③ Minimization of Employees Handling Personal Information and Training
- The Company's employees handling personal information are restricted to those in charge of processing personal information and are given a separate password to renew the authorized persons on a regular basis. Also, the Company use its efforts to comply with the Company's privacy policy by conducting occasional training on the responsible persons.
- ④ Cautions on Protecting Personal Information
- In principle, the Member's ID and password can be used only by the member self. The Company shall not be liable for any matters arising out of the leakage of personal information, such as IDs, passwords and resident registration numbers, caused from the member’s personal negligence or general risks arising from the Internet. We ask you to take extra care for security of your personal information to prevent any leakage of personal information through shared PCs.
Article 11 [Chief Privacy Officer and Manager]
The Company has appointed the department in charge of protecting users’ personal information and handling personal information-related complaints as well as the chief privacy officer.
- ▶ Chief Privacy Officer
-
- □Name: Kwangsub Kim
- □Position: Vice President
- □E-mail: gom.privacy@gomcorp.com
- ▶ Personal Information Protection Manager
-
- □Name: Jungha Cha
- □Position: Manager
- □E-mail: gom.privacy@gomcorp.com
If you need to report on personal information infringement or require further consultation, you may contact the following agencies:
- ①Personal Information Infringement Reporting Center (privacy.kisa.or.kr)
- ②Cyber Investigation Department of the Supreme Prosecutor’s Office (www.spo.go.kr)
- ③Cyber Safety Department of the National Police Agency (cyberbureau.police.go.kr)
Article 12 [Duty to Notify]
If there is any addition, deletion or modification of the current Privacy Policy, such addition, deletion or modification will be posted on the website notice from at least 7 days prior to such amendment.
Addendum
This Privacy Policy shall take into effect on March 7th, 2024.
GOM & Company Co., Ltd. (hereinafter the “Company”) complies with the Personal Information Protection Act and is committed to protecting the rights and interests of users so that users can receive services safely by establishing a privacy policy under relevant laws and regulations.
Through this Privacy Policy, the Company aims to inform you of the purpose and method of using the personal information provided by users and what measures are being taken to protect personal information.
Article 1 [Personal Information to be Collected and Method of Collection]
- ① Collected Items
-
-
1)In order to provide services at the time of initial membership registration, only the most essential and basic personal information is selectively collected according to the membership type.
- ▶ When registering as an Individual member
-
- □Mandatory Items: Email address, password, nickname, Country, age verification (over/under the age of 13)(South Korea – if under 14 years of age), date of birth, legal representatives’ name and email address
- □Optional Items: Contact Number
- ▶ When registering as a Business member
-
- □Mandatory Items: Email address, password, nickname, Country, organization type, organization, manager name, age verification (over/under the age of 13)
- □Optional Items: Company Registration Number, Contact Number
- ▶ Mandatory Items when registering with your Social Media account
-
- NAVER: Email Address, Profile Picture
- kakao: Email Address, Profile Picture
- Google: Email Address, Profile Picture
- Facebook: Email Address, Profile Picture
- LINE: Email Address, Profile Picture
- VK: Email Address, Profile Picture
-
2)The following information may be automatically generated and collected in the process of service usage or business processing:
- □Service use and suspension records, access logs, cookies, access IP information, payment records, PC device name, device type, and others
- □Mac Address, Disk Serial
- 3)Additional information may be collected only for the users using the other services with their email addresses or in the process of participating in an event. However, this shall apply only when the consent to additional collection of personal information is obtained.
-
1)In order to provide services at the time of initial membership registration, only the most essential and basic personal information is selectively collected according to the membership type.
- ② Method of Collection
-
The Company collects personal information as following methods:
- □Website membership registration, usage of paid/free service, written form, phone, fax, inquiry board, event participation, email, collection through generated information collection tools, and others
Article 2 [Purpose of Collection and Use of Personal Information]
- ①he Company collects users' personal information in order to ensure more safe and comfortable use of service based on trust and provide optimally customized services for users. Based on the personal information provided by the user, the Company is able to provide more useful information to the user at an optional level. The Company does not disclose the users' personal information without their prior consent, and is using the information collected as follows.
- ②Personal information registered by the user is used to facilitate the Company’s provision of services, such as performing what is agreed on service provision, payment for service provision, identity verification for membership services, identification, prevention of illegal use by unqualified members or unauthorized use, confirmation of age, handling of complaints and opinions, sending newsletters on service-related news, events, updates, etc. which are sent upon consent of the users.
- ③The Company may post advertisements, etc. in each service or menu based on the accurate personal information of the Users to provide various free services. The Company provides custom-based advertisements according to the type of users and does not to show or disclose users’ personal information to advertisers.
- ④The Company may use statistics on the use of services by the users and personal information, etc. registered by the users for marketing and advertising activities, such as development and specialization of new services (products), guidance on and solicitation of allied financial products (insurance, cards, etc.) and living convenience services, transmission of event announcement and other advertisement for profit-making purposes (telephone, mail, e-mail, text messages, etc.) and provision of services according to demographic characteristics.
Article 3 [Retention and Use Period of Collected Personal Information]
In principle, personal information will be destroyed when the purpose of collection or provision is achieved as below. However, the following information will be retained for the periods specified below.
-
①Records on Illegal Use
- □Grounds for retention: Prevention of illegal use
- □Retention period: 1 year
In addition, if it is required by the applicable laws and regulations to preserve such information, the Company shall retain the user information for a certain period prescribed by the applicable laws and regulations which is as follows:
- ②Records on contracts and withdrawal of offer, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- ③Records on payment and supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
- ④Records on electronic financial transactions: 5 years (Electronic Financial Transactions Act)
- ⑤Records on consumer complaints and handling of disputes: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)
- ⑥Records on visit: 3 months (Protection of Communications Secrets Act)
Article 4 [Personal Information Collection Items of Mobile App Service, Purpose of Use and Processing Method]
Personal information may be collected in the process of using the mobile app service, and it is processed as follows.
-
①Personal information Category
- □Android advertisement ID
- □Installed Applications
-
①Purpose of personal information
- □In-App advertisement
- □User analysis for advertisement
-
①Method of Collecting Personal Information
- □Auto collection when the user runs the app
-
①Personal Information Retention Period
- □When the purpose is achieved and until the app is deleted
It is used only for user analysis and advertisement for in-app advertising and is completely anonymized. The information listed above is de-identified and may be provided to third parties for purposes of marketing targeting an unspecified population. When the purpose is achieved, personal information will be destroyed and the above category will not be used when deleting the App.
- ▶ Block / allow advertising identifiers on Mobile phones
-
※ (Android) Settings > Privacy > Advertising > Reset Advertising ID or Delete Advertising ID
※ (iPhone) Settings > Privacy > Tracking > Allow apps to request tracking Off
Article 5 [Procedure and Method of Disposing Personal Information]
In principle, the Company will destroy personal information immediately when the purpose of collection and use of such information is attained. The procedure and method of destruction of the personal information of the Company are as follows:
- ① Destruction Procedure
-
- 1)Following the membership registration, your personal information will be retained by the Company and used for the provision of the services during the service period pursuant to the internal policy of the Company. However, in the case of membership withdrawal, after the purpose is achieved, it is transferred to a separate DB (separate filing cabinet in case of paper) and destroyed after being stored for a certain period of time according to internal policy and information protection reasons according to the related law (refer to the retention and usage period). However, if you delete your ID or request to cancel your membership, the information provided by you for membership subscription, etc. will be transmitted to a separate DB(a separate document box in the case of a paper form) after the purpose of collection is achieved and retained for a certain period of time and destroyed pursuant to the internal policies and other applicable laws and regulations (please see the section on retention and use period).
- 2)After transmission to a separate DB, the personal information will not be used for other purposes unless required by applicable laws.
- ② Method of Destruction
-
- 1)The Company destroys personal information stored in electronic file form by using technical methods that render such information irrecoverable.
- 2)Personal information printed on paper will be destroyed by shredding or incineration.
Article 6 [Provision and Sharing Personal Information with Third Parties]
The Company will use the personal information of the users within the scope as notified in “2. Purpose of Collection and Use of Personal Information,” and will not use the personal information of the users beyond the scope without prior consent from the users or disclose it to outside in principle. However, there are exceptions in the following cases:
- ①If the users have given consent to disclosure in advance;
- ②When required under the applicable laws and regulations, or requested by investigative authorities for investigative purposes in accordance with the procedures and methods set forth in laws and regulations.
Article 7 [Outsourcing of Personal Information Processing]
The Company outsources the processing of personal information as follows to improve its services, and ensures to include certain necessary provisions in the outsourcing agreements to ensure safe management of personal information in accordance with the applicable laws and regulations. The Company's personal information processing agencies and the outsourced services are as follows:
Outsourcee | Outsourced Service | Retention and Usage Period of Personal Information |
---|---|---|
Danal Co., Ltd | Korean Won Payment Agency (Credit/Debit card, Mobile Phone, Virtual Account) | Upon withdrawal from membership or until the termination of outsourcing agreement |
Kakao Pay Co., Ltd | Korean Won Payment Agency (Credit/Debit card, kakaopay Money) | |
Degica Co., Ltd. | Japan Yen Payment Agency (Credit card, Convenience store, Account transfer, Prepaid card) | |
PayPal Pte. Ltd. | US Dollar Payment Agency (Credit card) | |
LLC DBA FASTSPRING | US Dollar Payment Agency (Credit card) | |
The White Communication | customer counseling information | 5 years |
The Company entrusts personal information to overseas to provide users with the stable service provision and the latest technology, and stores personal information acquired or created from users (physical storage location: USA) on the AWS (Amazon Web Services Inc.). AWS only physically manages the server and cannot access the user's personal information.
Trustee | Previous Item | Previous Country | Previous Date and Method | Period of Retention and Use of Personal Information |
---|---|---|---|---|
AWS (Amazon Web Services Inc.) privacy@salesforce.com, privacyofficer@marketo.com +1-800-935-9935 |
Service usage records or collected personal information | United States (AWS Virginia region) | Transmission over the network at the time of service use | Until Service Change (Until the change of the cloud services currently used by the company) |
Article 8 [Rights of Users and Legal Representatives and Methods of Exercising]
- ①User may at any time request to inquire for or modify their registered personal information and to withdraw their membership.
- ②In order to view or modify a member's personal information, select "Edit” to modify or "Cancel Membership" to withdraw the membership. Or, users may contact the Personal Information Officer in writing, or via telephone or e-mail, and the Company will take necessary measures without delay.
- ③If you request for correction of any error in your personal information, the Company will not use or provide the personal information until the correction thereof is completed. Also, if any inaccurate personal information has been already provided to a third party, the Company will immediately notify the third party to make sure that the correction is made. Personal information terminated or deleted upon a user's request will be processed as set forth in “3. Retention and Use Period of Collected Personal Information” and will not be viewed or used for any other purposes.
- ④The rules for users under 14 years of age are as follows.
- ▶ 한국 이용자의 경우
-
-
1)When collecting personal information from users under the age of 14, GOM Lab collects the minimum amount of personal information to obtain consent from a legal representative.
□ Required Information : Name and email address of legal representative. -
2)When collecting personal information from users under the age of 14, GOM Lab may request minimum information such as email address of the legal representatives and confirm whether the legal representative has consented using the method below.
□ How to send an email that contains the consent and receive and email expressing consent from your legal representative.
-
1)When collecting personal information from users under the age of 14, GOM Lab collects the minimum amount of personal information to obtain consent from a legal representative.
- ▶ For Users in Other Countries(excluding South Korea)
-
- 1)If you are under 13 years of age, you cannot sign up for the service.
Article 9 [Installation/Operation and Refusal of Devices for Automatically Collecting Personal Information]
The Company uses cookies when providing services. Cookies are information that the server used for website operation sends to a user's computer browser, and are encrypted and stored on a user's computer hard disk.
The Company uses cookies for the following purposes:
- ① Purpose of Using Cookies
-
- 1)It is used to provide targeted marketing and personalized service by referring to the frequency and time of visits, areas of interest, and degree of event participation.
- ② Installation/Operation and Refusal of Cookies
-
- 1)Users can choose or reject the use of cookies.
- 2)However, please note that if you refuse to use cookies, there may be restrictions on using some services, and you are solely responsible for the outcome of this decision.
※ Configuration Method: On the top right of your web browser, go to Settings > More Tools > Privacy and Security > Cookies and Data on Other Sites
Article 10 [Technical and Managerial Protective Measures for Personal Information]
The Company establishes the following technical/managerial measures to secure safety and prevent any loss, theft, leakage, alteration, or damage of personal information when handling personal information of users:
- ① Password Encryption
- Users’ passwords may only identify their passwords in a one-way encrypted manner and thus confirmation and change of passwords may also be made only by users themselves who know what the passwords are.
- ② Preparation against Hacking Attempts, etc.
- The Company manages its system through firewall to prevent any leakage or damage of users' personal information due to hacking or computer viruses, etc., and regularly updates the up-to-date anti-virus programs to prevent leakage and damage of personal information.
- ③ Minimization of Employees Handling Personal Information and Training
- The Company's employees handling personal information are restricted to those in charge of processing personal information and are given a separate password to renew the authorized persons on a regular basis. Also, the Company use its efforts to comply with the Company's privacy policy by conducting occasional training on the responsible persons.
- ④ Cautions on Protecting Personal Information
- In principle, the Member's ID and password can be used only by the member self. The Company shall not be liable for any matters arising out of the leakage of personal information, such as IDs, passwords and resident registration numbers, caused from the member’s personal negligence or general risks arising from the Internet. We ask you to take extra care for security of your personal information to prevent any leakage of personal information through shared PCs.
Article 11 [Chief Privacy Officer and Manager]
The Company has appointed the department in charge of protecting users’ personal information and handling personal information-related complaints as well as the chief privacy officer.
- ▶ Chief Privacy Officer
-
- □Name: Kwangsub Kim
- □Position: Vice President
- □Contact Number: 1668-2370
- □E-mail: gom.privacy@gomcorp.com
- ▶ Personal Information Protection Manager
-
- □Name: Jungha Cha
- □Position: Manager
- □Contact Number: 1668-2370
- □E-mail: gom.privacy@gomcorp.com
If you need to report on personal information infringement or require further consultation, you may contact the following agencies:
- ①Personal Information Infringement Reporting Center (privacy.kisa.or.kr / 118 without regional code)
- ②Cyber Investigation Department of the Supreme Prosecutor’s Office (www.spo.go.kr / 1301 without regional code)
- ③Cyber Safety Department of the National Police Agency (cyberbureau.police.go.kr / 182 without regional code)
Article 12 [Duty to Notify]
If there is any addition, deletion or modification of the current Privacy Policy, such addition, deletion or modification will be posted on the website notice from at least 7 days prior to such amendment.
Addendum
This Privacy Policy shall take into effect on January 2nd, 2024.
20230104
WHAT THIS PRIVACY POLICY COVERS
This policy covers how GOM & Company treats personal information that GOM & Company collects and receives.
The information we collet is personally identifiable like your name, address, email address, phone number, IP address or device information(unique identifiers, OS)and generally technical about your device such as OS, browser types or whether programs are installed. This is not otherwise publicly available.
This policy does not apply to the practices of companies that GOM & Company does not own or control, or to people that GOM & Company does not employ or manage.
COMMITMENT TO YOUR PRIVACY
This site is owned and operated by GOM & Company. Your privacy on the Internet is of the utmost importance to us. At GOM & Company, we want to make your experience online satisfying and safe.
Because we gather certain types of information about our users, we feel you should fully understand our policy and the terms and conditions surrounding the capture and use of that information. This privacy statement discloses what information we gather and how we use it.
INFORMATION GOM & Company GATHERS AND TRACKS
GOM & Company gathers two types of information about users
Information that users provide through optional, voluntary submissions.
Information GOM & Company gathers through aggregated tracking information derived mainly by tallying page views throughout our sites. This information allows us to better tailor our content to readers' needs and to help our advertisers and sponsors better understand the demographics of our audience. Because GOM & Company derives its revenue mainly from sponsorships and advertising, providing such aggregated demographic data is essential to keeping our service free to users. Under no circumstances does GOM & Company divulge any information about an individual user to a third party.
GOM & Company Gathers User Information In The Following Processes
The following information may be collected in process of using mobile app service.
*Personal information Category
-Android advertisement ID
-Installed Applications
*Purpose of personal information
-In-App advertisement
-User analysis for advertisement
*Method of Collecting Personal Information
-Auto collection when the user runs the app
*Personal Information Retention Period
-When the purpose is achieved and until the app is deleted
It is used only for user analysis and in-App advertisement which is completely anonymous.
The information will not be identified and used only for marketing purposes targeting unspecified 3rd party (Marketing: TDI Play Co., Ltd., location : 601-81-37139, customer center: +82-(0)70-5097-1656)
When the purpose is achieved, personal information will be destroyed and the above category will not be used when deleting the App.
* Block / allow advertising identifiers on smartphones
*(1) (Android) ① Settings → ② Privacy → ③ Advertising → ③ Reset Advertising ID or Delete Advertising ID*
*(2) (iPhone) ① Settings → ② Privacy → ③ Tracking → ④ Allow apps to request tracking Off*
※ Depending on the mobile OS version, menu and method might be slightly different
When a user views different webpages or downloads GOM software
When a user writes us an email
When a user buys paid services
Optional Voluntary Information
We offer the following free services, which require some type of voluntary submission of personal information by users
Newsletter
PRIVACY POLICY
Electronic newsletters policy (Dispatches)
We will offer a free electronic newsletter to users. GOM & Company gathers the email addresses of users who voluntarily subscribe. Users may remove themselves from this mailing list by following the link provided in every newsletter that points users to the subscription management page. Users can also subscribe to the newsletters at the time of registration.
Children
Consistent with the Federal Children's Online Privacy Protection Act of 1998 (COPPA), User who is under 13 years old cannot register for the GOMLab services.
Usage tracking
GOM & Company tracks user traffic patterns throughout all of our sites. However, we do not correlate this information with data about individual users. GOM & Company does break down overall usage statistics according to a user's domain name, browser type, and MIME type by reading this information from the browser string (information contained in every user's browser).
GOM & Company sometimes tracks and catalogs the search terms that users enter in our Search function, but this tracking is never associated with individual users. We use tracking information to determine which areas of our sites users like and don't like based on traffic to those areas. We do not track what individual users read, but rather how well each page performs overall. This helps us continue to build a better service for you.
Cookies
We may place a text file called a "cookie" in the browser files of your computer. The cookie itself does not contain Personal Information although it will enable us to relate your use of this site to information that you have specifically and knowingly provided. But the only personal information a cookie can contain is information you supply yourself. A cookie can't read data off your hard disk or read cookie files created by other sites. GOM & Company uses cookies to track user traffic patterns (as described above). Our advertising system delivers a one-time cookie to better track ad impressions and click rates.
You can refuse cookies by turning them off in your browser. If you've set your browser to warn you before accepting cookies, you will receive the warning message with each cookie. You do not need to have cookies turned on to use this site.
Advertisement
We may use third-party advertising companies to serve ads when you visit our website.
Commission for collected personal information
For carrying out services, GOM & Company commissions external professional companies (subcontractors) to process personal information as follows. This commissioned works for processing personal information are carried out by each subcontractor and service only if necessary for providing that service.
Name of subcontractors | Description of commissioned works (services) |
---|---|
PayPal Pte. Ltd. | US dollar payment agent (Credit card) |
Avangate B.V. | US dollar payment agent (Credit card) |
LLC DBA FASTSPRING | payment agent (Credit card, Debit card, PayPal) |
The company entrusts personal information to overseas to provide users with the stable service provision and the latest technology, and stores personal information acquired or created from users (physical storage location: USA) on the AWS (Amazon Web Services Inc.). AWS only physically manages the server and cannot access the user's personal information.
Trustee | Previous item | Previous Country | Previous Date and Method | Period of Retention and Use of Personal Information |
---|---|---|---|---|
AWS (Amazon Web Services Inc.) | Service usage records or collected personal information | United States (AWS Virginia region) | Transmission over the network at the time of service use | Until Service Change (Until the change of the cloud services currently used by the company) |
USE OF INFORMATION
GOM & Company uses any information voluntarily given by our users to enhance their experience in our network of sites, whether to provide interactive or personalized elements on the sites or to better prepare future content based on the interests of our users.
When we use tracking information to determine which areas of our sites users like and don't like based on traffic to those areas. We do not track what individual users read, but rather how well each page performs overall. This helps us continue to build a better service for you. We track search terms entered in Search function as one of many measures of what interests our users. But we don't track which terms a particular user enters.
GOM & Company creates aggregate reports on user demographics and traffic patterns for advertisers, sponsors and partners. This allows our advertisers to advertise more effectively, and allows our users to receive advertisements that are pertinent to their needs. Because we don't track the usage patterns of individual users, an advertiser or sponsor will never know that a specific user clicked their ad. We will not disclose any information about any individual user except to comply with applicable law or valid legal process or to protect the personal safety of our users or the public.
SHARING OF THE INFORMATION
GOM & Company uses the above-described information to tailor our content to suit your needs and help our advertisers better understand our audience's demographics. This is essential to keeping our service free. We will not share information about individual users with any third party, except to comply with applicable law or valid legal process or to protect the personal safety of our users or the public.
SECURITY
GOM & Company operates secure data networks protected by industry standard firewall and password protection systems. Our security and privacy policies are periodically reviewed and enhanced as necessary and only authorized individuals have access to the information provided by our customers.
YOUR CONSENT
By using this site, you consent to the collection and use of this information by GOM & Company. If we decide to change our privacy policy, we will post those changes on this page so that you are always aware of what information we collect, how we use it, and under what circumstances we disclose it.
DATA SUBJECT RIGHTS
Please note that you have the right to request access to and rectification or erasure of your personal data, or to restrict or to object to the processing of your personal data. In order to submit a request for accessing and/or deleting your information, please send an email with your request to the following address: info@gomcorp.com. Please note that we will process your request subject to verification of your identity
DPO (Data Protection Officer)
In order to protect customer's personal information and handle complaints regarding personal information, GOM Lab has designated Data Protection Officer as follows:
Personal data protection Officer
Name : Kwangsub Kim
Position : Director
Contact Number : 1688-2370
e-Mail : gom.privacy@gomcorp.com
Personal data protection Manager
Name : Cha Jeongha
Position : General Manager
Contact Number : 1688-2370
e-Mail : gom.privacy@gomcorp.com