Privacy policy
1. What Privacy Policy Means for Our Users
Realwith has made efforts to describe the current status of processing personal information within Realwith as detailed and easy as possible, while creating this Privacy Policy based on the Personal information protection Act.
This is because Realwith has adopted the “Plain Language Privacy Policy,” as its principle in writing Privacy Policy with concise and easy-to-understand terms.
Privacy Policy has the following important implications.
Privacy Policy provides transparent information in relation to the “life cycle of personal information,” such as the information collected by Realwith, how the collected information is used, with whom the information is shared when necessary, and when and how the information is destroyed once it fully serves its purpose.
Privacy Policy informs users, the information subjects, their rights regarding their personal information as well as the methods and procedures to exercise such rights. Guidelines are also provided for the rights that legal representatives (including parents, etc.) may exercise to protect the personal information of minors under the age of 14.
Where the privacy infringement takes place, Privacy Policy guides you who to contact and what kind of help you should expect in order to prevent further damage and restore the damage you have already sustained.
Above all, it defines the rights and duties of Realwith and users in relation to personal information and a means to guarantee the Right to Informational Self-determination among users.
2. Personal Information Collected
The personal information that Realwith collects from users at the time they sign up for membership is as follows.
When a user signs up for membership, his/her ID, password, name, date of birth, gender, and mobile phone number are collected as required fields. If the date of birth entered by the user shows that he/she is a minor under 14 years of age, the information (name, date of birth, gender, and duplication information (DI), mobile phone number) on his/her legal representative is additionally collected. Then, his/her email address is collected as optional field.
Personal information collected from users during their service use is as follows.
(1) Differences between required and optional items
Required items refer to information necessary to perform the essential functionalities of the service, while optional items refer to additional information collected to provide additional value to users, although they do not affect the service use itself. The ID and password collected at the time of membership subscription are information necessary for login, while the name, date of birth, and gender are used to classify users according to the operation of the membership service. Mobile phone numbers authenticated for subscription are collected to apply restrictions on use, etc. when users attempt to sign up for illegal purposes, such as posting illegal advertisements. Users are not subject to any restriction on their membership subscription or service use even through the optional items are not entered, and if necessary, users may enter such information afterwards at ‘Member Info’.
(2) Why the information of legal representatives are collected
When collecting personal information of a minor under the age of 14, a company is required to obtain consent from his/her legal representatives (guardian of the minor such as his/her parents) in accordance with the Personal Information Protection Act. Therefore, at the time of collecting personal information of a minor under the age of 14, Realwith obtains consent from his/her legal representative, during which the name, DI, and mobile phone number (only for mobile authentication) of the legal representative are collected. The information of the legal representative collected is destroyed at the time the minor turns an adult.
Your profile information (nickname, profile picture) can be set in your member information or individual services. When a nickname is not entered, the masked ID will be automatically entered as the nickname.
Additional personal information may be collected only from users who access individual services within Realwith, participate in an event, or register for a giveaway event. In addition, when collecting additional personal information, the users are provided with further guidance regarding the ‘collected items of personal information, purposes of collecting and using personal information, and the retention period of personal information’ at the time of collecting such personal information and are asked to provide their consent.
The IP address, cookies, service usage records, device information, and location information may be generated and collected during service use.
In addition, images or voice data may also be collected from any services using images and voice data.
To be specific, 1) information about users is generated in an automated manner and stored (collected) during their service use or 2) the unique device information of users is safely converted to prevent the original values from being identified and such converted information is then collected. Location information may be collected during the service use
The collected information may correspond to personal information or not, depending on whether it is linked to personal information.
Realwith collects personal information under the following methods.
If the user agrees to the collection of personal information and enters his/her personal information while signing up for membership during service use, such personal information will be collected.
Personal information of the user may be collected through websites, email, fax, phone, etc. during the consultation through the customer center.
Personal information may be collected in writing from offline events, seminars, and the like.
Personal information may be provided from outside companies or organizations partnered with Realwith, and in such cases, the partner is required to obtain consent from users to provide personal information under the Personal Information Protection Act before such information is provided to Realwith.
Generated information such as device information may be automatically generated and collected during the use of PC web or mobile web/app.
3. Use of Collected Personal Information
Personal information is used only to manage members of Realwith and all other related services (including mobile web/app), develop, provide, and improve services, and establish a safe Internet environment.
Personal information is used for member management, such as confirming members’ intention to subscribe, confirming the age, proceeding with obtaining consent from legal representatives, verifying the identity of users and their legal representatives, identifying users, and confirming their intention to unsubscribe.
In addition to the purpose of providing existing services (including advertisements) such as contents, personal information is used to discover new service elements and improve existing services such as demographic analysis, analysis of visits to services and usage records, building user-to-user relationships based on personal information and interests, and providing tailor-made services based on acquaintances and interests.
Personal information is used to protect users and operate services by means such as preventing and imposing sanctions against acts that interfere with the smooth operation of services, including measures restricting the use by members who breach the statutes and Realwith Terms of Service, preventing account theft and fraudulent transactions, sending out notices regarding a revision to the terms and conditions, preserving records for dispute mediation, and handling civil complaints.
Personal information is used for personal authentication, purchases and payments for charges, and deliveries of products and services for the provision of paid services.
Personal information is used for marketing and promotion purposes such as providing event information, opportunities for participation, and advertising information.
Personal information is used for service usage records and access frequency analysis, statistics on service use, service analysis, and providing tailor-made services and advertising according to statistics.
Personal information is used to establish a service environment that users feel safe to use in terms of security, privacy, and safety.
4. Provision & Entrustment of Personal Information
In principle, Realwith does not provide personal information to the outside without the consent of users.
Realwith does not provide personal information to the outside without prior consent from users. However, personal information is provided in limited circumstances if a user personally agrees to provide his/her personal information in order to use the service of an outside partner, if Realwith becomes obliged to submit personal information under the relevant laws and regulations, or if an urgent risk to life or safety of users is identified.
Realwith entrusts part of its work to the outside to provide convenient and better services.
Realwith entrusts part of its work necessary to provide services to outside companies, stipulates the matters necessary for the entrusted party to safely process personal information, and carries out management or supervision to ensure such safe processing, in accordance with the Personal Information Protection Act. If a user does not use the service related to the work entrusted to the entrusted party, his/her personal information will not be provided to the said entrusted party.
5. Destruction of Personal Information
Realwith strictly destroys personal information immediately after the user withdraws membership.
However, if the Company has obtained separate consent from users regarding the retention period of personal information or if the laws and regulations impose duties to retain information for a certain period, personal information may be stored safely during the designated period.
Realwith will obtain consent from users for the retention period of personal information at the time of their member or service subscription for the following purposes.
To prevent any fraudulent subscription and use
Mobile phone number or duplicate information (DI) of fraudulent users for subscription verification (legal representative’s DI for users aged 14 or under) : Stored for 6 months from the date of withdrawal
Mobile phone number of users withdrawn from membership (one-way encryption that cannot be decrypted (via hashing)) : Stored for 6 months from the date of withdrawal
Act on the Consumer Protection, in Electronic Commerce, Etc.
Records on the contract or subscription withdrawal, etc. : Stored for 5 years
Records on the payment and supply of goods, etc. : Stored for 5 years
Records on the consumer complaints or dispute settlement : Stored for 3 years
Framework Act on Electronic Documents and Transactions
Records on the distribution of electronic documents through authorized electronic addresses : Stored for 10 years
Protection of Communications Secrets Act
Login information : 3 months
Personal information that fully serve its purpose of collection and use, by means such as membership cancellation, service termination, and/or expiration of the retention period of personal information approved by the user, is destroyed to an irreversible state.
Information required to be retained under the statutes is also destroyed to an irreversible state without delay after the expiration of the relevant period.
Personal information stored in electronic form is securely deleted by technical means to prevent its recovery or restoration, while written information is shredded or incinerated.
Please note that Realwith separately stores and manages or deletes the personal information of members who have not used its service for at least one year in accordance with the Personal Information Validity Period Plan.
7. Actions Taken to Protect Personal Information
Realwith makes every effort to securely manage users' personal information and protects personal information beyond the degree required by the Personal Information protection Act.
Realwith has established and implemented an internal privacy management plan.
Realwith has established an internal personal information management plan, containing matters in relation to the composition and operation of the privacy organization, such as the designation of privacy personnel, and inspect whether the internal management plan is implemented effectively each year.
Actions are undertaken to control access to and restrict the right to access personal information.
In order to prevent illegal access to personal information, Realwith has established the standards for granting, modifying, and canceling access rights to the personal information processing system, and runs an intrusion prevention system and intrusion detection system. Employees that handle personal information are kept to a minimum and Intranet is completely cut off from external Internet for the work computers of employees that are permitted to download personal information from the personal information processing system, thereby reducing the risk of personal information leakage.
Personal information is being encrypted for safe storage and transmission.
In addition to the passwords, unique identifiable information, account numbers, and credit card numbers that are encrypted for storage as required by law, email addresses and mobile phone numbers are also encrypted and stored. Realwith also safely sends and receives personal information over the network via encrypted communication.
Actions are taken to store personal information access records and prevent any forgery and tampering.
The personal information handler stores and manages access records for the personal information processing system, periodically inspects access records to prevent any misuse, abuse, loss, forgery, and tampering of personal information, and safely stores the relevant access records so that they are not forged, stolen, or lost.
Realwith installs and renews security programs for personal information.
Realwith frequently backs up data to offset risk of any damage to personal information, and uses the latest antivirus software to prevent leakage or damage of users' personal information.
Realwith enforces physical actions to keep personal information safe.
In order to prevent leakage or damage of members' personal information caused by hacking or computer viruses, Realwith installs systems in areas with restricted access from the outside, and establishes and operates access control procedures.
Realwith operates a separate organization that only deals with the protection of personal information.
8. Chief Privacy Officer & Responsible Personnel
Realwith has designated the following persons as the Chief Privacy Officer and Personal Information Manager to remain responsible for responding to user inquiries regarding personal information and resolving any related complaints.
Chief Privacy Officer
Name : SangCheol Jeong
Affiliation : Realwith
Phone : 070-4066-1322
Email : sions@realwith.com
If you need to report or consult on other privacy infringements, please contact the following institutions.
Privacy Infringement Report Center (privacy.kisa.or.kr / Phone no. 118)
Cyber Crime Investigation Unit, Supreme Prosecutor’s Office (Supreme Prosecutor's Office / Phone no. 1301)
Cyber Bureau of Investigation, National Police Agency (National Police Agency / Phone no. 182)
9. Obligation to Notify Prior to Amendment
Users will be notified of any addition, deletion, and/or modification in this Privacy Policy through ‘Notice’ at least 7 days prior to the scheduled amendment.
However, if an important modification is made to the rights of users, such as the modification to the collected items of personal information and the purposes of their use, the notification will be sent at least 30 days prior to any such modification, and if necessary, Realwith may obtain users’ consent again.
Notification date : November 16, 2021
Effective date : December 16, 2021