IDeAOcean

2024.01.26

In order to protect the personal information of the service users, IDeA Ocean Inc. (hereinafter referred to as “IDeAOcean” or the “Company”) complies with the privacy protection regulations under the relevant laws, such as the “Personal Information Protection Act”, and has the following Privacy Policy. When there is any revision to the Privacy Policy, IDeAOcean shall make relevant notification via email.

1. Purpose of Processing Personal Information

IDeAOcean processes personal information for the following purposes. The Company does not use processed personal information for any other purpose than the following, and if a purpose of use is to be changed, it shall seek prior consent.

Service : IDeAOcean Website

Purpose of Processing : Providing goods or services

2. Collecting, Processing, Use, and Retention Periods of Personal Information

IDeAOcean destroys personal information immediately when it fully serves its purpose. If it is necessary to retain personal information in accordance with the related laws and regulations, such information is retained for a certain period of time. The processing, use, and retention periods of personal information are as follows.

Personal Information Collected and Retained : First name, last name, email, phone number, company/institute

Retention Period : 1 year

3. Destruction of Personal Information

In principle, ABS180 shall destroy personal information without delay when the purpose of processing the personal information is achieved. The procedure, time, and method of destruction are as follows.

Procedure of destruction : The information entered by the user is transferred to a separate DB (separate documents in the case of data on paper) after achieving the purpose and is stored for a certain period of time or immediately destroyed according to the internal policy and other related statutes. Here, the personal information transferred to the DB shall not be used for any other purpose than what is required by the laws.

Time of destruction : Personal information of the user shall be destroyed within five days after the end date of the retention period or within five days after the date on which it is acknowledged that processing of such personal information is no longer necessary due to reasons such as fulfillment of the purpose of personal information processing, discontinuation of the service, closing of the business, etc.

Method of destruction : Information in the form of electronic files shall be destroyed by using a technical method that renders it impossible to reproduce the information.

4. Rights and Duties of Information Subject and Legal Representative and Methods of Exercising Them

As a personal information subject, the user can exercise the following rights.

The information subject may at any time exercise the right to access, correct, or delete his/her personal information or request discontinuance of personal information processing to IDeAOcean.

The user can exercise the rights under Paragraph 1 by documents, email, fax, etc. according to Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and IDeAOcean shall take actions accordingly without delay.

The information subject may exercise the rights under Paragraph 1 through his/her legal representative, trustee, or other authorized agents. In this case, the user shall submit a power of attorney produced on the form in Annex 11 of the Enforcement Rules of the Personal Information Protection Act.

The information subject’s right to request suspension of personal information access or processing may be limited pursuant to Article 35, Paragraph 4 and Article 37, Paragraph 2 of the Personal Information Protection Act.

Correction or deletion of personal information may not be requested if such personal information is specified to be subject to collection in other laws or regulations.

IDeAOcean performs verification of whether the requester of viewing, correcting or deleting personal information or suspending processing of such information is the information subject or his/her rightful agent.

5. Measures to Ensure Safety of Personal Information

Periodic self-audit : In order to ensure safety in handling personal information, the Company conducts self-audit on a regular basis (once a year).

Minimization and training of personnel handling personal information : The Company designates persons who handle personal information and minimizes such personnel size by limiting assignment of such tasks to managers only.

Establishment and implementation of internal management plan : The Company establishes and implements internal management plans for safe handling of personal information.

6. Privacy Officer

IDeAOcean designates privacy officers to be in charge of handling personal information, dealing with complaints of the information subject related to personal information processing, and providing damage relief.

The information subject can make inquiries to the privacy officers or the departments in charge regarding personal information protection, complaint handling, damage relief in using the service (or regarding business) of IDeAOcean. IDeAOcean shall respond to and handle inquiries from the information subject without delay.

Name : Jeonghyeock Kim

Relevant Department : Service Development

Email : kimwjd@ideaocean.ai

7. Remedies for Infringement on Rights of Information Subjects

The following are separate organizations from IDeAOcean, and if you are not satisfied with IDeAOcean's handling of privacy complaints, damage relief results, etc. or need further assistance, you can contact these organizations.

Personal Information Infringement Report Center (operated by the Korea Internet and Security Agency) : (without area code) 118 (privacy.kisa.or.kr)

Personal Information Dispute Mediation Committee : (without area code) 1833-6972 (www.kopico.go.kr)

Cyber Crime Investigation Team of the Supreme Prosecutors' Office: 02-3480-3573 (www.spo.go.kr)

National Police Agency Cyber Bureau: (without area code) 182 (http://cyberbureau.police.go.kr)

8. Change in Privacy Policy

This Privacy Policy shall start to be effective on the enforcement date, and in case there is any addition, deletion, or correction of provisions in accordance with the relevant statutes and policies, the Company shall notify the details seven days before implementation of the change.