2022/03/07

Privacy Policy (English)

Privacy Policy (English)

Thinking Studio101 Co. (hereinafter referred to as the company) takes the protection of its users’ privacy seriously and complies with the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. This how your personal information is used under our privacy policy, and what measures are taken for privacy protection.  The table of contents of this privacy policy is as follows.  1. Items of personal information to collect and the method thereof 2. Collection of personal information and intended purpose 3. Sharing and provision of personal information 4. Delegation of authority to handle personal information 5. Retention and use period of personal information 6. Procedures and method for disposal of personal information 7. Rights of a user and his or her legal representative, and method of exercising the rights 8. Issues related to the installation, operation and refusal of automatic personal information collection equipment 9. Measures for the protection of personal information in technical/administrative terms 10. Civil complaint service about personal information 11. Other 12. Notification obligation  1. Items of personal information to collect and the method thereof  (1) Items of personal information to collect ① The company collects the following personal information at the time of signing up or using the service to ensure seamless member registration, customer service and various services. – Required information: email address, mobile phone number – Optional information: date of birth, gender ② For services that lack separate consent procedures for the process in Paragraph 1 above, neither required information nor optional information is not collected. ③ The following information may be generated and collected in the process of service use or business handling. – Information of the user’s mobile phone terminal (model name, OS version, mobile firmware version, device identification number, etc.), IP address, cookie, the latest access location – Records at the time of using location-based services – Access time, service use record, faulty use record, etc. ④ When information is unavoidably required for the payment in the course of using free/paid service – Credit card information, wireless carrier information, purchase record and gift card number and/or other payment related information are collected  ⑤ When the user requests the restoration or refund of paid contents – Email address, purchase record and additional personal information such as the real name and family relations evidence to demonstrate that the purchase was made by a third party are collected.


(2) Personal information collection method: The company collects the personal information of users through the following methods. – Through the agreement procedures at the time of signing up for the service provided by the company – Via separate consent procedures for promotions and events – Automatically through platforms in partnership with the company with regard to the provision of services – When provided by the users in a voluntary manner or in response to the company’s request where necessary at the time of subscribing or using the service  2. Collection of personal information and intended purpose  (1) The company uses the personal information of users collected for the following purposes. 1) To secure communication channels to facilitate the delivery of notifications or the handling of customer complaints 2) To handle inquiries about the use of paid information, handle conflicts related to the implementation of contract requirements and obligations, and provide customer services 3) To introduce new services as well as new product launch event information 4) To provide other contents and authentication service (find my ID/Password, etc.)  3. Sharing and provision of personal information  (1) Except for cases with the user’s consent or provisions specified in the related laws and regulations, the company will never use the personal information of users beyond the scope of the intended use specified in the “Collection of personal information and intended purpose,” or provide such information to other companies, organizations or institutions. (2) When sharing or providing the personal information of users, for example when the provision of users’ personal information within a limited scope is necessary to provide various services to users through partnership with other service providers or business operators, users will be notified of who will receive or share users’ personal information, what the main business is, what items in the personal information will be provided or shared, for what purposes users’ personal information is to be provided or shared, etc. through a notice on the home page of the Thinking Studio101 website (http://www.buffstudio.com), a notice in the application or through a message to users at least 10 days prior to the implementation to obtain consent from users. (3) In the following cases, provision of a user’s personal information without consent from the applicable user is allowed pursuant to the related laws and regulations. 1) When such information is required to collect fees for the provision of service(s) 2) When the provision of a user’s personal information is necessary for statistics, academic or market research purposes, and the personal information provided is processed to ensure that the identification of the user is not possible


3) When there has been a request from related authorities for investigation purposes in accordance with related laws and regulations 4) When special provisions are specified in the Act on Real Name Financial Transactions and Confidentiality, the Use and Protection of Credit Information Act, the Electronic Communication Fundamental Law, the Telecommunications Business Act, the Local Tax Act, the Consumer Protection Act, the Bank of Korea Act and the Code of Criminal Procedures  4. Delegation of authority to handle personal information  The company may delegate the authority to control the personal information of users to ensure the implementation of service(s). In case of delegation, the company specifies requirements to ensure the safe control of the personal information of users in accordance with the related laws and regulations.  5. Retention and use period of personal information  (1) In principle, the company retains a user’s personal information from the member registration to the termination of membership. If the applicable user withdraws his or her membership or the intended purpose of the collection and use of personal information is achieved, the applicable personal information is disposed of immediately. However, the company will retain the user’s personal information for 3 months from the date on which the membership of the applicable user is terminated according to the terms and conditions as well as internal policy to prevent the illegal use of such information. After the aforementioned period, the personal information of the user is completely deleted. (2) If the personal information of a user must be retained pursuant to the provision(s) of Commercial Act or other related laws even if the purpose of its collection has been achieved, or if there is a reason for retaining such personal information according to the company’s internal policy or other related regulations, the company shall retain the personal information of the user for a certain period of time prescribed by related laws and regulations. In this case, the personal information retained will be used only for retention purposes, and the retention periods are as follows: – Records related to contract or cancellation of subscription (Reason for retention: Act on Consumer Protection in the Electronic Transactions, Etc., Retention period: 5 years) – Records on payments and supply of goods (Reason for retention: Act on Consumer Protection in the Electronic Transactions, Etc., Retention period: 5 years) – Records on handling of consumer complaints and conflicts (Reason for retention: Act on Consumer Protection in the Electronic Transactions, Etc., Retention period: 3 years) – Records on identification (Reason for retention: Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc., Retention period: 6 months) – Visiting records: access logs, service use records, etc. (Reason for retention: Protection of Communications Secrets Act, Retention period: 3 months)


(3) For personal information that is retained pursuant to Paragraph (2) above, if the subject of the applicable personal information requests the retrieval of his or her personal information, the company will provide an appropriate measure to enable such retrieval immediately.  6. Procedures and method for the disposal of personal information  When the purpose of the collection or use of personal information has been achieved, the company will in principle destroy the applicable information immediately. The method and procedures for destroying personal information are as follows. (1) Destruction procedures – The information of a member input by the member at the time of signing up will be destroyed after the purpose of its collection or use has been achieved after being retained for a certain period of time according to the reason(s) for information protection pursuant to the company’s internal policy or other related laws and regulations (refer to the periods of retention and/or use of personal information). – Personal information will not be used for purposes other than the intended purpose except in the cases specified in the laws and regulations. (2) Destruction method – Personal information saved in an electronic file format is deleted using a technical method that disables the recovery of the record. – Personal information output on paper shall be shredded or incinerated.  7. Rights of a user and his or her legal representative, and method of exercising the rights  (1) The rights can be exercised when the request is received through the platform in partnership with the company related to the provision of services, or when the request is submitted directly via the company’s website. (2) The user and his or her legal representative may retrieve or adjust his or her own personal information or that of an adolescent below the age of 14 years for which he or she is responsible, and may request the cancellation of the subscription at any time. (3) The adjustment of personal information of the user’s own personal information or that of an adolescent below the age of 14 years for which he or she is responsible can be performed on the email, while the cancellation of subscription (cancellation of consent) can be performed on the Thinking Studio101 email (thinkingstudio101@gmail.com) after the identification process. (4) Alternatively, the person in charge of privacy policy may be contacted via phone, email or through a written request to prompt a necessary action immediately. (5) If the user requests the correction of errors in the personal information, the applicable personal information will not be used or provided until the correction is completed. In addition, when incorrect personal information has already been provided to a third party, corrected information will be delivered to the third party without delay. (6) The company handles personal information that has been closed or deleted in response to the request from the user or his or her legal


개인정보 수집 약관

개인정보 수집 약관 띵킹스튜디오101(이하 “회사”라 함)은 통신비밀보호법, 전기통신사업법, 정보통신망 이용촉진 및 정보보호 등에 관한 법률 등 정보통신서비스제공자가 준수하여야 할 관련 법령상의 개인정보보호 규정을 준수하며, 관련 법령에 의거한 개인정...