RSUPPORT fully comply with General Data Protection Regulation (GDPR). All our service providers are also GDPR compliant.
■ What information we obtain from Mobizen service;
■ How we use the information that we obtain;
■ When we share information with others; and
■ How you control our use and sharing of your information, ID
2. Information Obtained by Mobizen Service
The information we may collect when you use the Mobizen service is as follows:
■ When applying for product use: Email Address, Name, Profile Image
■ When using the service: OS Information, IP Address, Cookie, National Information, Local Information, Device Information
■ When paying for services: credit card information, bank account information, payment records
■ For technical support and other inquiries: e-mail, name, company name, phone number, ID
The above information is collected for the purposes of providing or improving Mobizen service.
■ What is Cookie?
- A cookie is a small text-only file sent to your browser by a server used in operating a website which you visit and saved in your computer’s hard drive. When you visit the website again, the server of that site will read the cookie saved in your hard drive and uses it to maintain your preferences and provide customized services. The cookie does not automatically/actively collect personally identifiable information, and you may refuse to save or delete such cookie.
■ Purpose of Using Cookies and Information Obtained
- We use the cookies for target marketing and provide you with personally customized services by analyzing frequency, number and time of your visit and understanding your preferences, field of interest, and level of your participation in various events.
- We only collect anonymous information generated by the cookies (such as demographic data) through the cookies and other similar technologies, and do not collect personally identifiable information. We do not combine such anonymous information with any personally identifiable information obtained through other ways.
■ Use of Other Similar Technologies
■ How to Reject the Collection of Cookies
- You have the right to election in respect of the installation of cookies. You may reject (opt-out) the automated collection of cookies by using one of the following methods; however, please note that if you elect to reject the collection of cookies, you may experience difficulties in using the services.
[How to Reject the Collection of Cookies in the Internet Explorer Browser]
① Select [Internet Options] from the [Tools] menu.
② On the [Privacy] tab, select [Advanced].
③ In [How to process cookies], click [Block].
[How to Reject the Collection of Cookies in the Chrome Browser]
① Select [Settings] from the More menu in the upper right corner.
② Select [Advanced] at the bottom.
③ In [Privacy & Security], select [Content Settings].
④ Select [Cookies] and turn [Allow sites to save and read cookie data] off.
[How to Block Google Analytics]
Install Browser Add-on: https://tools.google.com/dlpage/gaoptout
4. How RSUPPORT Uses the Personal Information It Obtains
We use information obtained from your use of Mobizen service for various purposes, including:
■ To provide Mobizen service you requested;
■ To analyze, review and improve Mobizen service we offer;
■ To protect and defend our rights and property, including by way of legal proceedings;
■ To comply with regulatory requirements; and
■ For internal record keeping.
The legal basis on which we will rely on to process your personal information will typically be one of the following:
■ Contract: where it is necessary to perform a contract with you
■ Legitimate interests: where it is necessary to pursue our or a third party’s legitimate interests (this includes where it is necessary for our business with public interest purposes or to exercise public authority granted to us, and where it is necessary to protect our or a third party’s material interests)
■ Consent: where you have consented to provide it. You have the right to withdraw your consent at any time
■ Legal obligation: where the processing is necessary for compliance with our legal obligations
5. Sharing of Personal Information
While we generally do not share personal information with third parties, please note that in the following circumstances, we may share personal information with the third parties:
■ Third parties when required by law: As required by court order or other government or law enforcement authorities in order to comply with legal process or law;
■ Third parties in connection with corporate transactions: In connection with a corporate event, such as a merger or sale of all or part of our business (including that of a division or subsidiary), where we may need to disclose information to a potential buyer and its professional advisors.
■ Third parties when it is necessary to protect our services: In order to protect and defend our rights and /public, including by way of legal action
■ Third parties when it is to protect any of our users’ personal safety or /public: In order to protect the safety or /public of our users or the public
We provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).
The payment processors we work with are:
Paddle is a subscription management service provided by "Paddle" (paddle.com).
Paddle is a payment service provided by "Paddle" (paddle.com). Your credit card information is stored by Paddle when you buy our subscription with your credit card.
PayPal is a payment service provided by PayPal Inc., which allows users to make online payments.
6. Transfer of Personal Information
7. Period of Retention of Users’ Personal Information
We will take reasonable measures to ensure that we only keep your personal information for as long as is necessary for us to provide you with Mobizen service or for the purpose for which it was collected or as required by applicable law. We apply criteria to determine the appropriate retention period for different categories of personal information you provide us with. For instance, we will keep information necessary to protect us in a legal claim, such as information relating to a contract, for the term of the contract and up to one year thereafter. After the expiration of such period, the relevant information will be deleted or anonymized. Where we have collected the personal information based on your consent and we have no other legal basis to continue with that processing, if you subsequently withdraw your consent, then we will delete your personal information. If you request for deletion of your personal information because it is no longer needed, or based on an objection to the processing or a claim that the processing is illegal, you have the right to request a restriction on the processing while we verify your request for deletion.
We are using the following efforts to protect the secrecy and maintain the security of your personal information.
■ Operation of Security Management System
- We take security measures in accordance with the date protection regulations.
- We have established and are implementing our internal management system designed to prevent data loss, ensure data integrity and regulate access to data.
- When our employee accesses any personal data he/she must use his/her ID and password to authenticate such access, and we have established and are in compliance with the regulations on password setting requirements (such as combination of characters and numbers and length of password), frequency of password change, and other management matters.
■ Internal Regulations for Information Security
- We have enacted and are implementing the information security policies and detailed guidelines for the protection of data /public
- We are carrying out security campaigns together with our annual information security training in order to improve knowledge of our officers and employees on information security.
- We are operating a separate division for managing information security and personal information, and annually amend our information protection policies and guidelines and carry them out in accordance with the annual plan, and have enacted and are implementing internal rules regarding information security.
■ Compliance with Security Standard Technology
- We have established and are implementing our internal management system based on the international/domestic information protection management system standards in order to protect our information /public.
- Sensitive personal information such as passwords are safely stored by using SHA-2 based SHA-256 cryptographic hash algorithm.
- We develop and review in compliance with safe development security guidelines, and have established and are applying countermeasures and precautionary measures with respect to relevant cyber security threats.
■ Full Maintenance of Information Security Audit System
- Security settings through account management, access control, system security settings, service & log management, and patch management to prepare the system against any outside security breach is compulsory.
- We comply with the laws and regulations relating to information security, and our internal information security policies and guidelines, and carry out internal security audit and verification activity once a year in order to confirm that effective functions are maintained.
- We also periodically detect and promptly resolve any potential security vulnerability issues through utilizing simulation hacking service of a third party security agency.
- In response to the annually released top 10 list of web vulnerabilities (OWASP TOP10), we eliminate related vulnerabilities and pay full attention to inspections through various inspection tools.
Notwithstanding the foregoing, we do not guarantee that no third party would interfere with the communication between you and RSUPPORT or that we would not be exposed to a security breach, due to the design methods of the Internet, continuous technological changes and any other factors that are beyond our control. We shall not be responsible for any leakage or exposure of personal information due to any transmission errors or unauthorized or unlawful action of a third party
9. Protection of Children’s Personal Information
Protecting the personal information of children is important to us. For that reason, none of our services are directed at or designed to attract anyone under the age of 16 or the age of majority in the relevant jurisdiction. We also do not knowingly collect or maintain personal information from users who are under the age of 16 or the age of majority in the relevant jurisdiction. Should we learn or be notified that we have collected information from users under the age of 16 or the age of majority in the relevant jurisdiction, we will promptly delete such personal information.
11. Accessing Your Information and Your Rights
Under the laws of each jurisdiction, you may have the right to request access to, rectification or deletion of, the personal information we hold about you or the right to object to or restrict certain types of processing of your personal information (or to withdraw your consent to our personal information processing), or to receive a machine-readable copy of your personal information. If permitted by law, a small fee for providing you with such service may be charged. Please note that we may decline to process your requests to the extent permitted by law if they are unreasonable or malicious, jeopardize the privacy of others, or are extremely impractical. For further information or to exercise any of these rights, please contact us at firstname.lastname@example.org.
12. Contact Information
RSUPPORT’s Data Protection Officer’s contact information is as follow:
RSUPPORT Co., Ltd.
Address: S-Tower, 10 Wiryeseong-daero, Songpa-gu, Seoul, Republic of Korea
Last updated Date: October 12, 2022