Croady LLC (hereinafter referred to as “the Company”) will appropriately manage and operate personal information obtained in the provision of Croady services in accordance with the Act on the Protection of Personal Information (Act No. 57 of 2003, hereinafter referred to as the “Personal Information Protection Act”) and related laws and regulations, as well as guidelines formulated by the competent ministers, based on the following policies.
Article I. Information Obtained
In the course of conducting business activities, the Company obtains information about individuals or organizations, including but not limited to the following:
- 1. Name, organization name
- 2. Email address
- 3. Documents, messages, still images, and videos
- 4. Information related to users’ payment methods such as credit cards, bank accounts, and electronic money
- 5. IDs used by users
- 6. Identification information generated using cookies
- 7. User behavior history on the Company’s website, such as duration of stay, input history, contract history, and location information
Article II. Purpose of Use
The Company will use the obtained information of individuals or organizations only to the extent necessary to achieve the purposes listed below, limited to matters related to service contract applications, changes to user information, contract renewals, and cancellations, and other related matters.
- 1. To manage users’ usage history of the Company’s services
- 2. For the settlement of usage fees
- 3. To analyze users’ behavior history on the Company’s services and contribute to the maintenance and improvement of the Company’s services
- 4. To provide information about the Company’s services
- 5. To respond to inquiries from users
- 6. To address actions that violate the Company’s terms or laws
- 7. To provide, maintain, protect, and improve the Company’s services
- 8. To notify users of changes, discontinuation, termination, or cancellation of the Company’s services
- 9. To notify users of changes to the Company’s terms and conditions
Article III. Safety Management Measures
- The Company shall take necessary and appropriate measures to prevent the leakage, theft, loss, destruction, or damage of personal information handled by the Company, and to ensure the safety management of personal information.
- In the execution of this service, the Company shall limit access to personal information to the minimum number of employees necessary and take appropriate measures to prevent unauthorized persons from accessing personal information.
Article IV. Outsourcing the Handling of Personal Information
The Company may outsource all or part of the handling of personal or organizational information in credit-related operations, website operation, information processing and analysis, and other operations. In such cases, the Company shall select entities recognized as appropriately handling such information and conduct appropriate supervision.
Article V. Obligation to Notify in Case of Incidents
- If the Company becomes aware of any leakage, theft, loss, or damage of personal or organizational information, or any other incident or accident, the Company shall immediately announce the occurrence on its website, regardless of the cause of the incident or accident.
- If necessary, the Company shall promptly take emergency measures and then announce the report and countermeasures on its website without delay.
Article VI. Changes to the Privacy Policy
The Company may change the contents of this privacy policy as necessary. In such cases, the Company shall notify users of the effective date and content of the revised privacy policy on its website.
