Privacy Policy

The corporation (hereinafter referred to as the 'company') complies with the privacy regulations that are required to be complied with by ICT service providers pursuant to the Act on Promotion of Information and Communication Network Utilization and Information Protection, the Privacy Act, the Telecommunications Secrets Protection Act, and the Telecommunications Business Act, and is committed to protecting users' rights and interests by setting personal information processing policies under the relevant statutes.

This Privacy Policy is applied to all related services including SHIFT service (hereinafter referred to as SHIFT) operated by the company and includes the following:

The meaning of the terms used in this Privacy Policy shall be as specified in the relevant statutes and the company's Terms of Use, and other matters shall be subject to general

1. Items of personal information collected and methods of collection

A. Items of personal information collected

Based on the information entered by the members, the company collects the following information for membership, SHIFT service provision, and smooth customer consultation.

1) Required items

• Member's ID (e-mail), password

• Personal information, names, mobile phone numbers/emails, hobbies, credentials, experience, etc., personal information, contact information, history, etc. of the members and their connections

• Generated information in service use process, such as usage behavior, frequency of use, and connection index

• Operating system and hardware environmental information, such as OS version and device information

• Basic contents and uploaded information of enterprises using corporate services

2) Selection

• Profile photo, history information, homepage address, and other profile information and SNS information entered by the member.

• When linked to an external service account, the account information received by the external service, service use information and other personal information agreed to be provided by the member.

3) The following information can be generated and collected automatically when using the service.

• IP Address, cookies, device information, visit date, service use record, bad use record, etc.

4) The following information can be collected when it is inevitable for payment to be made in the process of using paid services.

• Information required for payment, such as credit card information, mobile phone number, carrier information, etc.

B. How to collect personal information

The company collects personal information in the following ways:

1) Collects through voluntary service provision by the user while subscribing or using the service

2) In case a member logs in using the ID of Naver, Facebook, or Google according to the member's choice, the member's consent is obtained and collected by the company.

3) Business card information of another person acquired or held by the member

4) Provided by other affiliated external companies or organizations

5) Generated information, such as device information and service use records, is automatically collected during the service use process.

2. Purpose of collecting and using personal information

The company collects personal information such as users for the following purposes:

A. Member Management

Identification of members based on their service use, purpose of identification of members, verification of their intention to sign up, restriction of the number of subscriptions and subscriptions, secure a smooth communication path, response to customer inquiries, introduction of new information and notification, prevention of unauthorized use of bad members, preservation of records for identification and dispute settlement, complaints, etc.

B. Providing SHIFT Service Functions

Registering business card information of members and people, managing and sharing business card information, automatically updating profile information including business card information among members engaged in service relations, sending and receiving messages or writing postings for communication and exchange between people, and providing the service that can be used through the member's account, including recommendation and group connections, and other corporate family connections.

C. Charges are settled as a result of the implementation of the contract for service provision and the provision of paid services as needed.

Deliver notices such as revisions to the terms and conditions, purchase and payment for paid services, delivery of goods and services, etc.

D. Improve services and develop new services

Identify new service elements, including demographic analysis, analysis of service visits and utilization records, provision of customized services based on personal connections and interests, and formation of relationships among members based on personal information and interest, and use to improve existing services

E. Providing marketing and advertising information

Information on how to market new features, information on how to use them, opportunities to participate in various events, publishing advertising information, providing external statistical data on advertising responses, fulfilling the obligations stipulated in the statutes and compliance laws, and preventing wrongful use actions that could cause harm to users, etc.

3. Provide third party of personal information and entrust it to process

The company uses the members' personal information within the scope specified in "For the purpose of collecting and using personal information," and the following information can be disclosed in the service use process. In addition, it shall not be used or provided to any third party beyond its scope, except in cases where it is required for the purpose of the service or with the prior consent of the members or exceptional cases below.

A. Disclosure of personal information

During SHIFT service, the member's business card information and other information entered by the member may be disclosed among the connected members. In addition, if a member invites the other party, his or her name, profile picture, and some business card information may be disclosed to the invitees for identification.

B. Provide a third party of personal information

1) Information that the member agrees to provide

• information provided by both sides as business cards are delivered

• Information provided by the recommended person, group person, business family person, etc.

2) In case there is a special regulation in the statute

3) In case the investigation agency requests it according to the procedures and methods specified for investigation purposes

C. Subcontracting of personal information

The company consigns personal information as follows to improve the service, and stipulates necessary matters to ensure that the personal information can be safely managed when contracted on consignment in accordance with the relevant statutes. In the event of a change in the trustee, the company shall disclose it through this Privacy Policy without delay.

1) Amazon Web Service

Name of trustee company Amazon Web Service
Consignment work and purpose Data archiving and system operation
Country of transfer of personal information a foreign countries
Transferred personal information items All personal information collected in the course of service delivery
Personal information transfer date When to sign up for membership
Personal information transfer method Keeping personal information in the AWS cloud computing environment
Personal information retention, period of use Retention of members or storage until expiration of personal information.

2) Other external trustees

Name of trustee company consignment content Personal information retention and period of use
Nice Information Communication Co. payment system Upon withdrawal of a member or until termination of a consignment contract
udid Co. payment system Upon withdrawal of a member or until termination of a consignment contract

4. Personal information retention and period of use

In principle, the members' personal information shall be destroyed without delay when the purpose of collecting and using personal information is achieved. However, the following information shall be kept for the specified period for the following reasons:

A. Keeping information based on the company's internal policy

Objection use record kept: 1 year (prevent fraudulent use)

B. Information retention under relevant statutes

When it is necessary to retain information for a certain period in accordance with the provisions of the relevant statutes, such as the Commercial Act, the Act on Consumer Protection in Electronic Commerce, etc., the company retains the information it keeps for a certain period of time, and the retention period is as follows.

• Keeping records on contracts or withdrawal of subscriptions: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)

• Keeping records on payments and supply of goods: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)

• Keeping records on consumer complaints or dispute handling: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)

• Keeping records of identification: 6 months (Act on Promotion of Information Network Utilization and Information Protection, etc.)

• Keeping records on visits: 3 months (Telecommunications Secrets Protection Act)

5. Reading, modifying, deleting, and stealing personal information

The members may view, disclose, and/or modify their personal information at any time and request deletion and destruction..

A. Request for personal information to be accessed and corrected.

Members and legal representatives may view and modify the personal information of a registered principal or a child under the age of 14. The member or legal representative can access or modify registered personal information, such as accounts, by clicking the business card information registered in SHIFT service or by clicking the Settings menu to view or modify the registered personal information.

B. Deletion of personal information (membership)

If a member or legal representative of a child under the age of 14 wants to withdraw from the membership, he or she can sign in to the mobile application or website and withdraw directly through 'Settings-SHIFT Exit'. If it is difficult to withdraw directly, contact the person in charge of personal information management in writing, by phone, or by e-mail, and we will take action without delay.

C. The theft of personal information

If the company finds the person who registered or used SHIFT by stealing another person's mobile phone number, e-mail address, Facebook or other personal information, the company takes necessary actions such as suspension of service use or withdrawal of membership for the ID without delay.

6. Disposal of personal information

In principle, the members' personal information shall be destroyed without delay when the purpose of collecting and using personal information is achieved. The procedures and methods for destroying the company's personal information are as follows.

A. Destruction procedure.

The information entered by the member for joining the service is transferred to a separate DB or storage location after the purpose has been achieved and stored for a certain period of time (see the personal information retention and service period) according to the internal policy and other related statutes. Personal information stored separately above is not used for any purpose other than the specified purpose.

B. How to destroy

Personal information printed on paper is shredded with a shredder or destroyed through incineration. Personal information stored in electronic file form is deleted using a technical method that cannot play the recording.

7. Members' rights and responsibilities

Along with the right to protect personal information, the members also have a duty to protect themselves and not to violate other people's information. Please be careful not to leak the members' personal information including passwords and do not damage other people's personal information, including postings.

The user himself is responsible for accidents caused by inaccurate information entered by the member. The members are obliged to enter their personal information accurately in the latest state to prevent accidents.

If a member fails to fulfill the above responsibilities and damages another person's information and dignity, he or she can be punished under the relevant laws, such as the Act on Promotion of Information Network Utilization and Information Protection.

8. Technical/administrative protection measures for personal information

In handling the members' personal information, the company seeks the following technical and administrative measures to ensure safety in order to prevent personal information from being lost, stolen, leaked, tampered with or damaged.

A. Countermeasures against hacking, etc.

The company is doing its best to prevent personal information of the members from being leaked or damaged by hacking or computer viruses. The company prevents the leakage or damage of members' personal information or data and ensures safe transmission of personal information on the network through cryptographic communication. And we use the intrusion prevention system to control unauthorized access from the outside.

B. Minimize and train treatment staff

The staff handling personal information of the company is limited to the personnel in charge, and a separate password is assigned for this purpose to be updated regularly, and the company always emphasizes compliance with the company's privacy policy through frequent training for the staff.

C. Operation of the Personal Information Protection and Communications Organization

The company strives to check the performance of the company's personal information processing policy and compliance with the person in charge through the in-house personal information protection and communication apparatus so that problems can be corrected immediately and corrected immediately. However, the company shall not be held liable for any problems caused by personal information leakage due to reasons other than the member's own carelessness or the company's intentional or grave negligence.

9. Contact information protection manager and person in charge

You can report all complaints regarding personal information protection to the personal information protection manager or department in charge of the company's service. The company will respond promptly to the member's report.

Personal Information Protection Officer

• Name : Kim Jun-gang

• Affiliation : JeJeComms Co.

• Position : CEO

• Tel : 031-754-8713

• E-mail : jjsj@jejecomms.com

Person in charge of personal information management

• Name : Lee Ji-won

• Affiliation : JeJeComms Co.

• Position : Reseacher

• Tel : 031-754-8713

• E-mail : bck0208@jejecomms.com

If you need to report or discuss any other personal information violations, please contact the organization below.

Personal Information Violation Reporting Center (www.118.or.kr / 118)

Information Protection Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533~4)

High-tech Crime Investigation Division of the Supreme Prosecutors' Office (www.spo.go.kr / 02-3480-2000)

National Police Agency Cyber Terror Response Center (www.ctrc.go.kr / 02-392-0330)

10. and more

This SHIFT Privacy Policy is not applicable to other services such as websites linked to SHIFT service that collect personal information.

11. Commitment to the High Level

If the details of the current Privacy Policy are added, deleted, or modified, the information will be posted on the SHIFT website(https://shiftapp.net) at least seven days prior to the effective date, or 'Notifications' in the service. However, when a significant change in the user's rights occurs, the notification shall be made at least 30 days in advance, and the user may get the consent again if necessary.

Announcement date : 2019. 1. 29.

Execution date : 2019. 1. 29.

Top