TeamSpot Inc. (hereinafter referred to as "Company") protects the personal information of users and processes it in compliance with relevant laws. This Privacy Policy is designed to inform users about how their personal information is collected, used, protected, and destroyed in connection with the PAPATONY service (hereinafter referred to as "Service") provided by the Company.
Table of Contents
1.
Collection and Use of Personal Information
2.
Third-Party Disclosure and Outsourcing / Overseas Transfer
3.
Retention and Destruction of Personal Information
4.
Security Measures for Personal Information
5.
Rights of the Information Subject and How to Exercise Them
6.
Personal Information Protection Officer and Grievance Handling Department
7.
Implementation and Changes of Privacy Policy
1. Collection and Use of Personal Information
1.1 Collected Items and Purpose
The Company collects the following personal information for service provision, operation, and contract execution.
Membership Registration and Identity Verification
•
Collected Items: Name, date of birth, gender, contact information (mobile phone number), email address, CI/DI (duplicate membership check information)
•
Purpose: Membership registration, identity verification, communication channel
Service Provision and Contract Execution
•
Collected Items: Passport information, ID copy, corporate information (business registration number, company name, etc.), account information (bank name, account number), transaction details
•
Purpose: Service provision, payment and settlement, contract execution
Customer Consultation and Complaint Handling
•
Collected Items: Consultation records, complaint details, customer contact information
•
Purpose: Responding to customer inquiries, problem-solving
1.2 Collection Method
•
Collected directly by users during membership registration and service usage process
•
Information provided through Channel Talk, email, consultation, etc.
•
Information collected during service contract execution and progress
1.3 Retention and Use Period
•
Retention Period: Retained until the purpose of providing services is achieved or until the period stipulated by relevant laws
•
Destruction Date: Information will be destroyed promptly after the retention period expires
2. Third-Party Disclosure and Outsourcing / Overseas Transfer
2.1 Third-Party Disclosure
The Company may provide personal information to third parties only if it has received the user's consent in accordance with relevant laws.
•
Disclosure Items: Minimum information necessary for service provision and contract execution
•
Disclosure Target: Payment processors, partners, etc.
2.2 Outsourcing
The Company may outsource some tasks to external organizations to facilitate service provision and will clearly define data protection measures in the outsourcing agreement.
•
Outsourcing Items: Payment processing, customer management system operation, etc.
•
Outsourcing Recipient: Detailed information will be provided to users when the outsourcing agreement is executed
2.3 Overseas Transfer
The Company may store or transfer personal information to overseas servers for service operation.
•
Transfer Countries: Locations of data centers (e.g., USA, EU)
•
Transferred Items: Information necessary for service operation and data storage
3. Retention and Destruction of Personal Information
3.1 Retention Period
•
Retained until the purpose of collection is fulfilled or as required by law
•
In exceptional cases, retention may be extended for resolving disputes or fulfilling legal obligations
3.2 Destruction Procedure and Method
•
Destruction Procedure: Information will be destroyed based on internal policies when the retention period expires
•
Destruction Method:
◦
Electronic Files: Permanently deleted in a way that is not recoverable
◦
Paper Documents: Shredded or burned
4. Security Measures for Personal Information
The Company takes the following measures to ensure the safety of personal information:
1.
Administrative Measures: Establishing internal management plans, regular staff training
2.
Technical Measures: Encrypting personal information, access control, operating intrusion detection systems
3.
Physical Measures: Limiting access to computer rooms and document storage rooms
5. Rights of the Information Subject and How to Exercise Them
Information subjects can exercise the following rights at any time:
1.
Request for personal information access
2.
Request for correction of errors
3.
Request for deletion or suspension of processing
4.
Request to withdraw consent
How to Exercise Rights
•
Access Methods: Written, email, customer service center
•
Processing Period: Processed within 10 days from receipt
6. Personal Information Protection Officer and Grievance Handling Department
The Company has designated a Personal Information Protection Officer to oversee privacy-related tasks and ensure prompt resolution of grievances.
•
Personal Information Protection Officer
◦
Name: Wonhong Min
◦
Position: Personal Information Protection Officer
◦
Email: mintony0922@gmail.com
◦
Contact: 010-7232-8001
•
Grievance Handling Department
◦
Department Name: Personal Information Protection Team
◦
Contact: 010-7232-8001
7. Implementation and Changes of Privacy Policy
This policy is effective from December 15, 2024.
In case of any changes, users will be notified at least 7 days in advance via service screens or email, and significant changes will be announced 30 days in advance.