Wrapsody Privacy Policy

1. General Provisions

Personal information is defined as information that identifies an individual (including that which can be identified by combining it with other information, when it cannot identify an individual with the relevant information alone) with items that are included in the relevant information about an individual, such as their name and resident registration number.

Fasoo Co., Ltd (“the Company”) takes customer information protection first and closely observes all domestic legislation, including the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (“Information and Communications Network Act”) and Personal Information Protection Act.

The Company’s privacy policy provides information regarding the purposes and uses of the personal information provided by the customer and indicates the kinds of measures that are taken to protect the personal information through our privacy policy.

The Company reserves the right to change, amend or modify this Privacy Policy of Wrapsody Service (“the Services”) in accordance with applicable law, regulations, and policies, and, in such case, the Company discloses the privacy policy on the Company where the customer can find it with ease.

2. Items of Collected Personal Information and Methods of Collection

The company collects and processes the following personal information to provide basic services.

① Personal information to be collected

Information to be collected
Purpose of use
E-mail, name, service usage records, Service suspension records, Service termination records, IP information, access log, Paid plan subscription/ subscription history, billing/payment information and history
To secure communication channels to deliver service-related notifications, to confirm the customer’s intention, and to handle complaints.
To guide new services/products regarding Wrapsody service.
To use as basic data for checking service-related errors and handling complaints.

② Methods of collecting personal information

Information is collected through the Company's website and log analysis program.

3. Consent to Collection of Personal Information

The minimum personal information is collected when a user signs up for the Service or while the user uses the Services. In case of collecting personal information, the company informs the items to collect and purposes to a user in advance. If a customer who wants to use the service reads the Terms of Service and this Privacy Policy, enters the required items, and clicks the “Complete” button for sign-up or checks the “OK” or “I Agree” checkbox, it is assumed that the user consents to the processing of personal information.

4. Retention and Use Period of Personal Information

When a member withdraws or the purpose of collecting and using personal information is achieved, the personal information of the member is destroyed without delay. However, it is retained for a certain period of time if it is necessary for reasons such as the confirmation of the management obligations regarding transaction in accordance with the provisions of related laws and regulations such as the Commercial Act.

Grounds Act
Information to be retained.
Retention Period
Consumer Protection Act in Electronic Commerce
Records on contract or withdrawal of subscription
5 year
Consumer Protection Act in Electronic Commerce, Commercial Law, Basic National Tax Law, Income Tax Law, Corporate Tax Law, VAT Law
Records on payment and supply of goods, etc, commercial accounting books and statements of business, and documentary evidences
5 year
Consumer Protection Act in Electronic Commerce
Records of consumer complaints or disputes
3 year
Communication Secret Protection Act
Records of site visits
3 month

5. The Procedure and Methods to Dispose of Personal Information

Processes of disposal

Personal information entered by customers for service subscription is deleted or destroyed in accordance with the internal policy and information protection policy according to other related laws after the purpose of use is achieved for reasons such as termination of service. Generally, if there is no debt relationship, personal information collected when registering as a member and managed in the form of an electronic file is immediately deleted upon membership withdrawal.

Methods of disposal

A. Personal information in written documents: shredding, incineration, or chemical decomposition

B. Personal information in digital file forms: deleted by using technology that prevents the recovery of such records

6. The Rights of Members and Legal Representatives and How to Exercise the rights

Registered members and legal representatives can view or modify personal information of their own or children under the age of 14 at any time and may request termination of membership.

The personal information of a member of a child under the age of 14 can be viewed or modified by clicking Account Information. The subscription can be canceled (consent withdrawal) by clicking the “Withdrawal of Membership” and going through the identity verification process. Or the member can contact the person in charge of personal information management by writing, telephone, or email, the company will take action without delay.

If you request to correct an error in personal information, the personal information will not be used or provided to a third party until the correction is completed. If incorrect personal information has already been provided to a third party, we will notify the third party without delay.

The company handles the personal information that is withdrawn or deleted at the request of a member or legal representative as described in “4. Retention and Use Period of Personal Information” and processes it so that it cannot be viewed or used for other purposes.

Please enter your personal information accurately and up to date. Members are responsible for accidents caused by incorrect information entered by members, and you will lose your qualifications for membership if false information such as theft of other information is entered.

Members have an obligation not to infringe on other’s information along with the right to privacy. Be careful not to leak personal information of members, including passwords, and be careful not to damage other people’s personal information, including posts. If you damage other people’s information, you may be punished by the Act on Promotion of Information and Communication Network Utilization and Information Protection, etc.

7. Technical/organizational Management for the Protection of Personal Information

Technical measures

FASOO takes the following technical measures to secure the stability of the personal information of our customers, so that there is no loss, theft, leakage, external attack or damage to the information.

① The personal information of the customer is secured using passwords, and important data is protected with a special security function by encrypting or locking the file and the transmission data.
② The Company selects the security solution (SSL or SET) for the safe transmission of personal information, using an encrypted algorithm.
③ The Company is fully engaged in security matters by using a firewall system and a vulnerability analysis system on each server, to prevent external attacks such as hacking.

Organizational measures

① For the safe protection of personal information, we are operating major systems and facilities with certified information protection management systems by an objective certification body.
② The Company implemented required processes to access personal information and to manage and ensure the employees are aware of and follow the processes.
③ The Company shall minimize the number of persons authorized to access personal information on customers as follows.

a. Those who conduct direct marketing activities toward users
b. Those who manage personal information including Privacy Supervisor and Privacy Personnel
c. Those who are obligated to handle personal information due to business
④ The Company implemented required processes to access personal information and to manage and ensure the employees are aware of and follow the processes, and holds regular company training and outsourced training for employees who deal with personal information to acquire new security technology and methods of protecting personal information.
⑤ Transferring duties and responsibilities between people who handles personal information is performed thoroughly while security is maintained. We clarify where the responsibility lies for personal information accidents after employees leave the company or join the Company.
⑥ The computer room and data storage room are set as special protected areas to control access.
⑦ When processing a customer's personal information using a computer, a person with access to the personal information is designated and assigned an identification code (ID) and password, and the password is regularly updated.
⑧ The company prevents information leakage by employees in advance by requiring new employees to sign the Privacy Protection Pledge when hiring, and establishes and constantly implements internal procedures to audit the implementation of personal information processing policies and compliance with employees.
⑨ The company prevents the person who handled the customer's personal information from compromising, infringing, or divulging the personal information by requiring them to sign the Privacy Protection Pledge when they retire.
⑩ The Company check the customer's identity when collecting or providing payment information such as credit card numbers and bank settlement accounts for the purpose of signing service contracts and providing services.
⑪ The company is not responsible for accidents or events caused by a user's personal mistake or basic internet risk. Each member should appropriately manage own ID and password and be responsible for it for personal information protection. Also, it is recommended to avoid using an easy password that others might be able to guess and to change the password regularly.
⑫ When you want to stop using our service while you are logged in to our website on a shared PC, make sure that you have logged out and close the webpage before moving to another website. Otherwise, information such as e-mail and password can be easily leaked to others through the browser.
⑬ In other cases of personal information loss, disclosure, falsification and damage due to a mistake by an internal managing staff or a technological management accident, the Company will inform you instantly and look for appropriate response and compensation method.

8. Personal Information Management Officer

We value the Personal Information of our customers and try our best not to prevent member’s personal information from being damaged, infringed, or leaked. In the event of an infringement of a member’s personal information due to the Company’s fault, we notify the member in accordance with the procedures and methods prescribed by the relevant laws and regulations such as the Personal Information Protection Act and the Information and Communication Network Act and report to related organization. However, the Company is not responsible for information damage by unexpected accident caused by basic network threats such as hacking occurring despite technological security measures in place and disputes over posts written by visitor.

The Company appointed a Personal Information Manager and a relevant department as below, to protect the personal information of our customers and to take care of any complaints and inquiries related to this information.

Personal Information Manager
Personal Information Management Staff
Name
Young-gil Kim
TBD
Title
Managing Director
TBD
E-mail
wrapsodycloud@fasoo.com
Phone
82)2-300-9120

9. Obligation for Notification

The current privacy policy was revised on November 1, 2020. Should there be information to be added, deleted, and edited according to government policies or a change in the security technology, notification of this will be provided via the website at least seven days before the revision.

The privacy policy takes effect on November 1, 2020