'Bodit Inc.' (hereinafter referred to as 'Bodit') has the following policy to protect users' personal information and rights and interests in accordance with the Personal Information Protection Act and to smoothly handle users' complaints related to personal information. Bodit will notify you through website notices (or individual notices) when revising the personal information processing policy. ○ This policy will be effective from January 1, 2020.
1. Purpose of processing personal information
Bodit processes personal data for the following purposes: The processed personal information will not be used for purposes other than the following, and prior consent will be sought when the purpose of use is changed. go. Member registration and management Personal information is processed for the purpose of confirming membership intention, identification/certification by providing membership service, maintenance/management of membership, identification by implementing limited identification system, and prevention of illegal use of services.
2. Personal information file status
① Personal information file name: Bodit Privacy Policy - Personal information items: ID, name, phone number, phone number - Collection method: When you download the app and sign up for membership - Retention basis: Consent of information subject - Retention period: Renewed every 2 years until membership withdrawal - Relevant laws: Records on contract or subscription withdrawal: 5 years
3. Personal information processing and retention period
① Bodit processes and retains personal information within the period of retention and use of personal information according to the law or within the period of retention and use of personal information consented to when collecting personal information from the information subject. ② Each personal information processing and retention period is as follows. Personal information related to
4. Matters concerning the provision of personal information to third parties
① Bodit does not provide personal information to third parties without the member's consent.
5. Consignment of personal information processing
① Bodit does not entrust the processing of personal information.
6. Rights and obligations of information subjects and legal representatives and how to exercise them Users can exercise the following rights as personal information subjects.
① The information subject can exercise the right to view, correct, delete, or suspend processing of personal information at any time with respect to Bodit. ② The exercise of rights pursuant to Paragraph 1 can be done in writing or via e-mail in accordance with Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, and Bodit will take action without delay. ③ The exercise of rights pursuant to Paragraph 1 can be done through an agent, such as a legal representative of the information subject or a person who has been delegated. In this case, you must submit a power of attorney in accordance with Attachment No. 11 of the Enforcement Rules of the Personal Information Protection Act. ④ Request for viewing and suspension of processing of personal information may be restricted according to Article 35 Paragraph 5 and Article 37 Paragraph 2 of the Personal Information Protection Act. ⑤ Requests for correction and deletion of personal information cannot be requested if the personal information is specified as the subject of collection in other laws and regulations. ⑥ Bodit checks whether the person who made the request, such as request for access, correction or deletion, or suspension of processing according to the rights of the information subject, is the person or a legitimate agent.
7. Fill in the items of personal information to be processed
① Bodit handles the following personal information items.
8. Destruction of personal information
In principle, Bodit destroys the personal information without delay when the purpose of processing personal information is achieved. The procedure, deadline and method of destruction are as follows. - Destruction procedure The information entered by the user is transferred to a separate DB after the purpose is achieved (separate documents in the case of paper) and is stored for a certain period of time or immediately destroyed in accordance with internal policies and other related laws. At this time, the personal information transferred to the DB will not be used for any other purpose unless it is required by law.
- Expiration date If the personal information of the user has elapsed, within 10 days from the end of the retention period, when the personal information becomes unnecessary, such as the achievement of the purpose of processing personal information, the abolition of the service, or the termination of the business The personal information will be destroyed within 10 days from the date when the processing of is deemed unnecessary.
-Destruction method Immediate destruction of identification information by moving to a separate DB
9. Matters concerning the installation, operation and rejection of automatic personal information collection devices
Bodit does not use ‘cookies’ that store and frequently retrieve usage information of information subjects.
10. Changes to the Privacy Policy
This Privacy Policy is applied from the enforcement date, and if there is an addition, deletion, or correction of changes in accordance with laws and policies, it will be notified through notices 7 days prior to the implementation of the changes.
11. Measures to ensure the safety of personal information
Bodit takes the following technical/managerial and physical measures necessary to ensure safety.
1. Minimization and training of staff handling personal information We are implementing measures to manage personal information by designating employees who handle personal information and limiting them to those in charge.
2. Encryption of personal information The user's personal information is stored and managed with the password encrypted, so that only the user can know it, and for important data, separate security functions such as encrypting files and transmission data or using a file lock function are used.
3. Restriction of access to personal information We take necessary measures to control access to personal information by granting, changing, or canceling access rights to the database system that handles personal information, and we control unauthorized access from outside by using an intrusion prevention system.