Vespexx Co., Ltd. (hereinafter referred to as "the Company") collects, uses, and provides personal information based on the user's consent and actively guarantees the user's rights (right to self-determination of personal information). To protect the freedom and rights of information subjects, the Company complies with the Personal Information Protection Act and relevant laws and regulations, processes personal information lawfully, and manages it safely. The Privacy Policy refers to the guidelines that the Company must adhere to protect users' valuable personal information, ensuring that users can safely use the service. the Company establishes and discloses the following privacy policy to protect users' personal information and to handle related complaints swiftly and smoothly. The Company will notify users of any changes to the privacy policy by posting a notice on the website (or via individual notice) detailing the reasons and content of the changes.
1. Items of Personal Information Processed and Collection Methods
① The Company collects and uses personal information at the time of member registration or during the service use process to provide stable service and operation.
② The items of personal information processed are as follows:
- Member Registration and Management: (Required) Email address, name (or nickname), date of birth, gender
- Service Provision and Operation: (Required) Message information (message transmission time, message content (including stickers, images, videos, voice files)), Schedule information (title, owner of the schedule, time, person to meet, memo), To-Do, Special Days, internal identifier / (optional) profile picture, phone number, purchase information,
- Customer Support Service: (Required) Inquiry history, email address, name (or nickname) / (Optional) Purchase information
※ Some account information (Apple ID, email address) may be collected when linking external platform (Apple) accounts.
※ Some account information (Google ID, email address) may be collected when linking external platform (Google) accounts.
※ During service use and provision, service usage records (visit date and time (access records), IP address, misuse records, payment records) and device information (mobile carrier, OS information, device type and model, language used, unique device identifier, advertising identifier, etc.), and cookies may be generated and collected. During customer support service provision, device information (OS information, device type and model), and service usage information may be generated and collected. Such collected information may or may not constitute personal information depending on whether it is linked to personal information.
③ Methods of collecting personal information are as follows:
- Collected from Apple to provide the service
- Collected from Google to provide the service
- Provided by partner companies
- Collected through voluntary provision by users during service use
2. Purpose of Processing Personal Information
The Company processes personal information for the following purposes. Personal information processed is not used for any purpose other than the following, and if the purpose of use changes, necessary measures will be taken, such as obtaining separate consent in accordance with relevant laws.
-
Member Registration and Management
- Identification and authentication of members for member-based services, prevention of fraudulent and unauthorized use, confirmation of registration intent, record retention for dispute resolution, handling complaints, and delivering notifications
- Account connection and inviting others through connection methods set by the user, such as Google and Apple social login
-
Service Provision and Operation
- Provision of Signaling services and invitation services for Signaling conversation partners
- Development of new services and use in marketing and advertising
- Provision of services and display of advertisements based on statistical characteristics
- Verification of service effectiveness
- Provision of event and advertising information and participation opportunities
- Analysis of access frequency and statistics on members' service usage
-
Customer Support Service
- Delivery of answers to inquiries
3. Retention and Processing Period of Personal Information
① The Company processes and retains personal information within the period of personal information retention and use consented to by the information subject or as required by law.
② The retention and processing period for each item of personal information is as follows:
1. Member Registration and Management: Until service withdrawal
However, in cases corresponding to the following reasons, until the end of the respective reason:
- If an investigation is ongoing due to a violation of relevant laws, until the end of the investigation
- If there are remaining obligations related to the use of the website, until the settlement of the obligations
- If there are records of misuse, for one year after service withdrawal (to prevent re-registration)
2. Service Provision and Operation / Customer Support Service: Until the completion of goods/service supply
However, in cases corresponding to the following reasons, until the end of the respective period:
- Records of transactions under the Act on Consumer Protection in Electronic Commerce:
- Records on display and advertisement: 6 months
- Records on consumer complaints or dispute resolution: 3 years
- Records on contracts or withdrawal of subscription, payment, and supply of goods: 5 years
4. Entrustment of Personal Information Processing
① To enhance service quality, the Company entrusts personal information processing tasks to overseas entities as follows:
- Trustee: Amazon Web Services
- Location of Trustee: Republic of Korea, United States
- Time and Method of Entrustment: Transferred to AWS Korea Region via encrypted communication at the time of collection
- Entrusted Personal Information Items: Email address, name (or nickname), date of birth, gender, message information (message transmission time, message content (including stickers, images, videos, voice files)), Schedule information (title, schedule owner, time, meeting person, memo), internal identifier, To-Do, Special Days, profile picture, menstrual cycle and period, menstrual start and end dates, mood, symptoms
- Entrusted Tasks: Operation and management of cloud servers
- Retention and Use Period of Personal Information: Until membership withdrawal or the termination of the cloud service contract
- Method and Procedure to Refuse Transfer of Personal Information: Users can refuse the transfer of personal information abroad by refusing to use the service. However, consent to the transfer of personal information abroad is essential for service use.
② Upon concluding an entrustment contract, the Company specifies the prohibition of personal information processing for purposes other than the performance of the entrusted tasks, technical and managerial protection measures, restriction of re-entrustment, management and supervision of the trustee, and liability for damages. The Company supervises the trustee to ensure that personal information is processed safely.
③ If the contents of the entrusted tasks or the trustee changes, the Company will disclose such changes promptly through this Privacy Policy.
5. Procedures and Methods for Destroying Personal Information
① In principle, the Company destroys personal information without delay when the retention period of personal information has expired or the purpose of processing has been achieved as specified in '3. Retention and Processing Period of Personal Information.'
② If personal information must be retained continuously due to other laws despite the expiration of the retention period consented to by the information subject or the achievement of the processing purpose, the relevant personal information is moved to a separate database or stored in a different location.
③ When destroying personal information, the Company destroys physical records by shredding or incinerating, and electronic records are deleted using technical methods that prevent the records from being restored.
6. Rights of Users and Legal Representatives and How to Exercise Them
① In accordance with relevant laws, users have the right to refuse, restrict, access, correct, delete, and transfer their personal information. If you have any questions about personal information-related tasks, please contact the person in charge of personal information protection by email, and the person in charge will verify your identity through reasonable methods. The Company will faithfully comply with users' rights in accordance with personal information protection laws.
- Users can directly access or correct their personal information by clicking on the "Settings - User Area" in the Signaling app. If you wish to delete your personal information, you can request deletion by disconnecting from the other party through the "Settings - User Information - Disconnect" menu in the Signaling app and then requesting deletion through "Settings - Withdraw Membership." However, if you request deletion of personal information via email, the person in charge will verify your identity through reasonable methods.
② The rights of users under this clause may be exercised through their legal representatives. In this case, the legal representative has all the rights of the user.
③ When a user's legal representative requests access, correction/deletion, or suspension of processing of personal information, the Company may request additional evidence, such as a power of attorney, to verify the legitimate authority.
④ The Company allows users and legal representatives to access the relevant personal information within 10 days of the request. If it is impossible to access the information within the period due to legitimate reasons, the Company will notify the user and may extend the period, providing access to the personal information without delay once the reasons no longer exist.
⑤ The Company takes corrective or deletion measures within 10 days for personal information requested by users and legal representatives, except in cases where other laws require specific procedures. If deletion is not possible due to reasons such as the information being required by other laws, the Company will notify the user or legal representative.
⑥ The Company immediately
takes measures to suspend the processing of personal information requested by users and legal representatives, except in cases where there are special provisions in the law or legal compliance obligations, and notifies the user of the results.
7. Measures to Ensure the Safety of Personal Information
The Company prepares and implements the following best administrative, technical, and physical protection measures to prevent users' personal information and pseudonymous information from being lost, stolen, leaked, altered, or damaged. However, it is challenging to guarantee the complete protection of all information. Providing personal information to the Company indicates that users have acknowledged and agreed to these difficulties.
-
Administrative Protection Measures
- Establishment and implementation of internal management plans, regular employee training, etc.
-
Technical Protection Measures
- Management of access rights to personal information processing systems, installation and operation of access control systems, encryption of personal information, installation, and operation of security programs, etc.
-
Physical Protection Measures
- Establishment of facilities for storing personal information, etc.
- Implementation and Compliance of the Privacy Policy
The Company checks the implementation of the privacy policy and compliance by the person in charge and strives to correct and rectify any issues promptly. However, the Company is not responsible for problems caused by the user's negligence or issues on the internet, such as hacking without the Company's fault, resulting in the leakage of personal information, including passwords.
8. Installation/Operation and Refusal of Automated Personal Information Collection Devices
The Company may automatically collect and use personal information for the purpose of analyzing service usage patterns.
-
Service Usage Pattern Analysis
- The Company uses Google Analytics and Amplitude, web analysis services provided by Google, to provide better services to users. Google Analytics collects behavioral information about users of the Company's website through cookies. However, only non-identifiable information that cannot identify individuals is collected.
9. Contact Information of the Personal Information Protection Officer and Relief Methods
① The Company has designated a person responsible for personal information protection to handle opinions and requests regarding personal information.
-
Personal Information Protection Officer
- Name: Mijin Son
- Email: vespexx@vespexx.com
-
Personal Information Protection Manager
- Name: Chanjoo Lee
- Email: cjlee@vespexx.com
② Users have the following rights:
- Request deletion of personal information within the service
- Restrict or refuse the use of personal information within the service
- Modify personal information
- Withdraw consent for the use of personal information
If you wish to exercise your rights, please contact us through the information on the preceding paragraph.
10. Disclosure and Enforcement of the Privacy Policy
① If the Company changes this privacy policy, it will specify the effective date and changes and notify the website at least 7 days before the effective date. However, if there are significant changes to the user's rights, it will notify 30 days in advance.
② This privacy policy is effective from December 18, 2024.
Last Modified Date : December 18, 2024