Privacy Policy
Dunamu (hereinafter referred to as "the Company") has created and disclosed its privacy policy as described below (“Privacy Policy”) to protect the privacy of the User and address relevant issues in a prompt and seamless manner in accordance with Article 30 of the Personal Information Protection Act (PIPA).
tThe Company allows the User to access this Privacy Policy easily at any time by publishing it on the first landing page of the website.
This Privacy Policy is subject to change in accordance with relevant laws and the Company’s internal policy. In case of an amendment, the Company implements version control to ensure that amended provisions are easily distinguished.
- 1. Purposes of Collection and Use of Personal Information
- 2. Period of Managing and Retaining Personal Information
- 3. Provision of Personal Information to Third Parties
- 4. Outsourcing of Personal Information Management
- 5. Overseas Transfer of Personal Information
- 6. Rights of Users and Legal Representatives and How to Exercise the Right
- 7. Personal Information Items Managed
- 8. Procedures and Methods for the Destruction of Records Containing Personal Information
- 9. Measures to Ensure the Security of Personal Information
- 10. Cookies And Other Tracking Technologies
- 11. Management of Behavioral Information
- 12. Information on the Person in Charge of Personal Information Protection and the Customer Service Department
- 13. Dedicated Organization for Personal Information Access
- 14. Methods of Redressing Rights Violation
- 15. Responsibility of Links to Other Websites
- 16. Changes in Privacy Policy
1. Purposes of Collection and Use of Personal Information
The Company manages personal information collected for the following purposes:
Category | Purposes |
---|---|
Management of UDC program purchasers and registrants | - To manage UDC ticket purchases and handle changes/cancellations - To manage registration, change/cancellation of requested information, and to handle purchaser/registrant information. - To provide purchase/registration information and event details. - To issue and manage UDC Wallet for UDC On-Site Events participation. - To ensure the smooth operations of the UDC event |
Management and registration of Special Program | - To manage Special Program registration and handle changes/cancellations - To provide registration information - To ensure the smooth operation of the UDC event |
Management of UDC · D-CON speaker registrations | - To manage speaker registrations and handle changes/cancellations - To provide information about speaker registration and run relevant programs - To ensure the smooth operations of the UDC event and D-CON |
UDC Event Complaints | - Identification of the complainant and verification of the complaint - Contacting and notifying the complainant for fact-finding, notifying the outcome of the process, etc. |
Promotion of UDC events | - To provide various information such as events, promotions and benefits related to the UDC event |
UDC raffle | - To select winners and ship prizes and handle taxes and dues, where necessary. |
UDC Feedback Survey | - Survey event participation, survey participation verification and prize eligibility confirmation, prize distribution, and survey analysis and statistical reporting for the UDC event. |
2. Period of Managing and Retaining Personal Information
The company uses the collected personal information within the period of retention in accordance with laws and regulations or within the period of retention agreed when collecting personal information from users. Each period of use and retention of personal information is as follows
- (1) Period of Use and Retention of Personal Information for operating UDC(Upbit D Conference)
Type Retention Period Management of UDC program purchasers and registrants - Registered Information: to be disposed after the conference.
- UDC Wallet Address: 5 years from date of issuance. However, the date of refusal to receive, if you receive event and promotion notification emails.Management of Special Program registration To be disposed of safely after the conference Management of UDC · D-CON speaker registrations To be disposed of safely after the conference, except for registered speaker’s name(prefix), organization, position, photo and biography, which are to be disposed of upon the speaker’s withdrawal of consent UDC Event Complaints 3 years from date of receipt Promotion of UDC events Until refusal to receive UDC raffle To be disposed of safely after the event prize is provided. UDC Feedback Survey [Online Participants]
UDC registration number, mobile phone number- (2) Preservation by law in accordance with the provision of goods or services
- Notwithstanding Paragraph 1, The information may be retained for longer periods as required by law.
Type Legal Ground Retention Period Records related to withdrawal of contract or subscription The Act on Consumer Protection in Electronic Commerce, ETC. 5 years Record of payment and goods supply 5 years Records of consumer complaints or disputes 3 years User's Internet log record The Communication Confidentiality Protection Act More than 3 months Payment of taxes and dues, processing records for cash receipts Framework Act on National Taxes 5 years
3. Provision of Personal Information to Third Parties
The Company does not disclose the User’s information to third parties, unless such disclosure is required by law.
4. Outsourcing of Personal Information Management
- ① The Company entrusts personal information to external contractors to allow them to perform some of the tasks necessary for the provision of services. It supervises and monitors entrusted parties to ensure their compliance with relevant law.
- ② The Company entrusts the handling of personal information to external contractors as follows:
External Professional Contractor Task Amazon Web Services, Inc. Data storage and Service operation for service provision Futurewiz, Inc. UDC Infrastructure Maintenance UNIONE Communications Co.,Ltd. - Operation Agency of UDC Event
- Operator of UDC Promotions and Distributor of PrizesInfobank Inc. Message service on event information of the UDC BIZTALK Co., Ltd Send notification talk(Kakao) KG INICIS Co., Ltd Payment gateway Opensurvey Inc. Survey service platform usage
5. Overseas Transfer of Personal Information
The Company transfers personal information overseas as follows:
- (1) Overseas contractors to process personal information
- The company outsources the processing and storage of personal information to overseas companies through contractual agreements in accordance with Article 28-8 Paragraph 1 Subparagraph 3 of the Personal Information Protection Act. The company manages and supervises these contracts to ensure that the outsourced personal information is handled securely. Users may refuse the transfer of their personal information overseas by contacting customer service. However, refusal may result in the inability to participate in UDC related events or access information provided by UDC.
Entrusted contractors Purpose of entrustment Personal information to be entrusted Entrusted country, contact information Timing and method of entrustment Retention/use period Twilio Inc. Send information email Name, affiliation, phone number, email address USA,
[email protected]At the time of email communication and service use via a network 30 days after an email is sent PayPal Pte. Ltd. Payment Gateway Purchase and payment information Singapore,
[email protected]At the time of payment via a network Until the purpose of using the PayPal payment service is met
6. Rights of Users and Legal Representatives and How to Exercise the Right
- ① Users have the right to exercise their rights to access, correct, delete, request processing cessation, or withdraw consent regarding their personal information from the Company at any time. However, according to relevant laws such as Article 35, Paragraph 4 Article 37, Paragraph 2 and 3 of the Personal Information Protection Act, the exercise of these rights, including access, correction, deletion, request for processing cessation, and withdrawal of consent, may be restricted.
- ② The User can exercise their rights through means such as paper document, email, and fax in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the PIPA, in which case the Company shall take prompt action.
- ③ Users who are dissatisfied with the Company’s response to their request for access, correction, deletion, suspension of processing, or withdrawal of consent regarding their personal information may file an objection within 10 days of the action by the Company, using the method outlined in paragraph 2.
- ④ The User may exercise the rights stipulated in Paragraph 1 through an agent such as a legal representative or a person who has been delegated to act on the User’s behalf, in which case a power of attorney shall be submitted in accordance with Form 11 of the Appendix of the Public Notice on the Management of Personal Information.
- ⑤ A request to correct or delete personal information shall not be accommodated if such personal information must be collected in accordance with other laws.
- ⑥ When there is a request to access, correct, delete, suspend the management or withdraw of consent of personal information in accordance with the User’s rights, the Company shall verify if the requestor is the User or their authorized agent.
7. Personal Information Items Managed
- ① The Company processes the following personal information of the User with their consent in accordance with Article 15, Paragraph 1, Subparagraph 1 of the Personal Information Protection Act, when operating the Upbit D Conference (UDC) and providing relevant services:
- (1) Types of Personal Information Items
Type Personal Information Items To Be Managed Management of UDC ticket purchaser and registrants [Information on Onsite Registrants]
(Required) Name(Eng), mobile phone number, email address, affiliation(Eng), position, occupation, UDC Wallet address, payment information
(optional) Name(KOR), affiliation(Eng), and inflow channel
[Information on Online Registrants]
(Required) Name(Eng), mobile phone number, email address, affiliation(Eng), position, occupation
(optional) Name(KOR), affiliation(Eng), and inflow channel
[Information on Invited Registrants]
(Required) Name(Eng), mobile phone number, email address, affiliation(Eng), position, occupation, UDC Wallet address
(optional) Name(KOR), affiliation(Eng), and inflow channelManagement of Special Program registration [D-CON]
(Required) Name, mobile phone number, email address, affiliation, position
[Web3 Security Talk]
(Required) Name, mobile phone number, email address, affiliation, traffic source.
(Optional) Position, email address, Interest in UPSide Academy season 2Register and manage speaker's information [UDC]
(Required) Name, mobile phone number, email address, nationality, affiliation, position, biography, profile picture, emergency contact information (contact name, contact number)
(Optional) Preferred prefix
[D-CON]
(Required) Name, preferred prefix, mobile phone number, email address, affiliation(Kor/Eng), biography, profile picture
(Optional) emergency contact information (contact name, contact number)UDC Event Complaints - [Required] Email, inquiry
- [Optional] Mobile phone numberItems generated and processed during service use Device information (OS, model name, carrier, device identification number, language information), IP address, service records, cookies UDC raffle Nickname, mobile phone number
[If delivery is required] Address
[For paying taxes and the public utilitiesr' charge] Copy of identification, resident registration numberEvent and promotional information notification (Option) Email address ※ In principle, the company does not collect personal information if the user is under 14 years old.
- ② The Company may collect personal information and use it for the intended purpose of collection, in accordance with Article 15 (Collection and Use of Personal Information) of Personal Information Protection Act, where:
- 1. required by law or necessary to comply with legal obligations; or
- 2. necessary to enter into or perform a contract with the subject of information; or
- 3. deemed necessary for physical safety and property interests of the subject of information or a third person, as the subject of information or his/her legal representative cannot give prior consent because he/she is unable to express his/her intention or by reason of his/her unidentified address; or
- 4. necessary for a personal information manager to realize his/her legitimate interests, which explicitly take precedence over the rights of the subject of the information, provided that such information is substantially relevant to the personal information manager's legitimate interests and falls within the reasonable scope.
8. Procedures and Methods for the Destruction of Records Containing Personal Information
- ① The company shall destroy the information immediately after the purpose of collecting and using personal information is achieved.
- ② If personal information must be retained even after the retention period as agreed upon by the User expires or the purpose of management has been achieved, such personal information shall be transferred to a separate database or stored in another location.
- ③ Personal information shall be destroyed as follows:
- (1) The personal information stored in the form of electronic files shall be deleted using a technical method that prevents the data to be recovered.
- (2) the personal information printed on paper shall be shredded by a paper shredder or destroyed by incineration.
9. Measures to Ensure the Security of Personal Information
In accordance with Article 29 of the PIPA, the Company shall take managerial, technical, and physical measures which are necessary to ensure the security of personal information as stipulated in the following subparagraphs:
- (1) Managerial measures
- - Creation of internal management plans: The Company shall develop and implement internal plans to manage the personal information retained in a secure manner.
- - Minimum staff to manage personal information and their training: The Company shall keep the size of the staff responsible for managing personal information to a minimum required for the work and instill the importance of personal information in them by taking managerial measures including the training of the staff.
- - Operation of a dedicated organization for personal information protection: The Company shall monitor compliance with security measures for personal information in the personal information processing system by operation of a dedicated organization for personal information protection.
- (2) Technical measures
- - Control of access to the personal information management system: The Company shall take measures necessary to control access to personal information by granting, modifying, or revoking access to the personal information system. The Company shall use the intrusion prevention system to block unauthorized access to the personal information system from outside
- - Encryption of personal information: The Company shall use safe algorithms to encrypt personally identifiable information, bank account numbers, card numbers, and other personal information subject to encryption under the Personal Information Protection Act before storing and managing such information.
- - Technical measures against attacks such as hacking: The Company shall strive to prevent the User's personal information from being leaked or compromised due to hacking or computer viruses. It shall back up data on a continued basis in response to the potential leakage or compromise of the User's personal information and shall ensure personal information is transmitted securely on the network by leveraging encrypted communication etc.
- (3) Physical measures
- - The Company shall place its systems in a location which is not accessible by external entities to prevent the leakage or compromise of the User's personal information and shall create and implement access control procedures.
10. Cookies and Other Tracking Technologies
We may also collect specific information through the use of"cookies" and other tracking technologies.
Cookies refer to a small packet of information sent to the User's computer browser by the server which is used to manage the website (http).
- (1) Purpose of Using Cookies
- Cookies support more rapid web environments for users by storing users' preferred settings and are used for the improvement of services to allow for the more convenient use of Services. By doing so, cookies allow Users to use services more easily.
- (2) Installation, Operation and Rejection of Cookies
- Applicants / Users have an option to either install cookies, refuse to accept/store cookies or delete them at any time.
- (3) How to block the storage of Cookies
- Applicants / Users have an option to either install cookies, refuse to accept/store cookies or delete them at any time.
- - Microsoft Edge: Setting > Cookies and site permissions > Set-Cookie Level
- - Chrome: Select Settings Menu > Privacy and security > Cookies and other site data > Set-Cookie Level
- - Safari: Select Settings Menu > Click Advanced Ta > Turn on Block All Cookies.
11. Management of Behavioral Information
- ① Behavioral information means the User's online activity information which can help identify and analyze his/her interests, preferences and tendencies, such as history of website visits, purchases and searches.
- ② The Company processes behavioral information for product and service development, customer analysis and the provision of customized services tailored to the User's behaviors.
- (1) Behavioral information to be collected
- The User's activity information is collected, such as web service visits, usage records including searches/clicks, device information and IP addresses.
- (2) Method of collection
- Behavioral information is automatically generated and saved by Google Analytics when the User uses a service.
- (3) Purpose of collection
- Behavioral information is processed for the purpose of product and service development, statistical and customer analysis, service speed and quality improvement and the provision of customized services tailored to the User's behaviors.
- (4) Retention and use period
- Behavioral information is retained for up to 26 months, after which it will be deleted without delay.
- (5) How to exercise user control
- The User may decline the use of his/her behavioral information by changing browser settings, including through declining to give consent for cookies.
- e.g. Web browser: Tools > Internet Options > Privacy > Advanced > Block Cookies
- How to disable Google Analytics
- (6) How to file a user complaint
- Contact: +82-2-1588-5682(Customer Service)
- Email: [email protected]
12. Information on the Person in Charge of Personal Information Protection and the Customer Service Department
- ① In order to protect the personal information of the user and to deal with complaints related to personal information, the Company has designated the relevant department and the person in charge of personal information protection as follows.
- (1) Person in Charge of Personal information Protection
Position Name Team in Charge Contact / Email Person in Charge of Personal information Protection Jaeyong Jung Information Security Team (Dunamu Inc.) +82-2-1588-5682 (Customer Service)
[email protected]Personal information Protection Manager Taesung Park
- ② 2. The User may notify all personal information protection complaints that occur while using company's services to the person in charge of personal information protection or the relevant department. The company shall respond promptly to the users' complaints promptly.
13. Dedicated Organization for Personal Information Access
The User can make a request for accessing their personal information retained in accordance with Article 35 of the PIPA to the following team:
- ▶ Team responsible for receiving and processing requests for accessing personal information retained
- Team in charge: Operation Support Team
- Contact: +82-2-1588-5682(Customer Service)
- Email : [email protected]
14. Methods of Redressing Rights Violation
If you need to report or consult about other personal information infringement, please contact the following organizations.
- Privacy Infringement Reporting Center (privacy.kisa.or.kr / 118 without area code)
- Supreme Prosecutor's Office (www.spo.go.kr / 1301 without area code)
- National Police Agency (ecrm.cyber.go.kr / 182 without area code)
- Personal Information Dispute Resolution Committee (www.kopico.go.kr / +82-2-1833-6972)
15. Responsibility of Links to Other Websites
The website may, from time to time, contain links to and from the websites of our partner networks, advertisers and Affiliates. Please note that the Company has no control over the external websites, so the Company cannot guarantee or be held responsible for the usefulness, authenticity, and legality of the service or data provided to the User through the external sites. Also, the privacy policies of the linked external websites are not relevant to the Company, so please check their policies.
16. Changes in Privacy Policy
In the event that the Company makes changes to the Privacy Policy, the Company shall notify the dates of change and implementation and revised provisions on a continued basis and show provisions before and after such revisions for easy comparison by the User.
Enforcement Date of Personal Information Management Policy V2.8: November 04, 2024
You can find the previous version of Privacy Policy by clicking the link below.
Privacy Policy V.2.6 (September 02, 2024 ~ October 14, 2024)
Privacy Policy V2.5 (July 10, 2024 ~ September 01, 2024)
Privacy Policy V2.4 (June 10, 2024 ~ July 09, 2024)
Privacy Policy V2.3 (September 12, 2023 ~ June 09, 2024)
Privacy Policy V2.2 (July 27, 2023 ~ September 10, 2023)
Privacy Policy V2.1 (March 17, 2023 ~ July 26, 2023)
Privacy Policy V2.0 (August 12, 2022 ~ March 16, 2023)
Privacy Policy V1.9 (July 27, 2022 ~ August 11, 2022)
Privacy Policy V1.8 (May 18, 2022 ~ July 26, 2022)
Privacy Policy V1.7 (July 28, 2021 ~ May 17, 2022)
Privacy Policy V1.6 (July 1, 2021 ~ July 27, 2021)
Privacy Policy V1.5 (May 26, 2021 ~ June 30, 2021)
Privacy Policy V1.4 (Nov 27, 2020 ~ May 25, 2021)
Privacy Policy V1.3 (Nov 6, 2020 ~ Nov 26, 2020)
Privacy Policy V1.2 (May 22, 2019 ~ Nov 5, 2020)
Privacy Policy V1 (Apr 30, 2019 ~ May 21, 2019)