Stone Build (hereinafter referred to as the "Company") complies with the 「Personal Information Protection Act」 and related laws to protect the freedom and rights of information subjects, process personal information lawfully, and manage it safely.
Therefore, in accordance with Article 30 of the 「Personal Information Protection Act」, we establish and disclose the following privacy policy to guide information subjects on the procedures and standards for processing personal information and to handle related grievances swiftly and smoothly.
① The company processes personal information of information subjects as follows.
| Service | Collection Purpose | Collected Items | Retention and Usage Period |
|---|---|---|---|
| Member Registration and Management | Purpose of Confirming Membership |
Required: Email, Nickname, Name |
Until membership withdrawal |
| Notification Service | Sending Mobile Push Notifications |
Required: Unique Device Information (Device ID) |
② The company does not use personal information for purposes other than those specified in Paragraph 1, and if the purpose of use changes, necessary measures such as obtaining separate consent will be implemented in accordance with Article 18 of the 「Personal Information Protection Act」.
③ The company processes and retains personal information within the period of retention and use agreed upon when collecting personal information from the information subject or as required by law.
④ Notwithstanding the personal information retention and usage period specified in Paragraph 1, the company may retain personal information until the following circumstances have ended in accordance with related laws.
1) During investigations or examinations for violations of related laws, until such investigations or examinations are concluded
2) Until the settlement of remaining rights and obligations arising from the use of the website
3) Records related to display, advertising, contract content, and performance transactions under the 「Act on Consumer Protection in Electronic Commerce, Etc.」
- Records on display and advertising: 6 months
- Records on contracts or withdrawal of offers, payments, and supply of goods, etc.: 5 years
- Records on consumer complaints or dispute resolutions: 3 years
① The company processes personal information within the scope specified for the purpose of processing personal information, and provides personal information to third parties only if it falls under Articles 17 and 18 of the 「Personal Information Protection Act」, such as with the consent of the information subject or by special provisions of the law.
② Currently, personal information is not provided to third parties.
③ The company may provide personal information to relevant agencies without the consent of the information subject in emergency situations such as disasters, infectious diseases, imminent life or body threats, and urgent property loss.
① The company promptly destroys personal information that has become unnecessary, such as after the retention period has expired or the processing purpose has been achieved.
② If personal information must continue to be preserved in accordance with other laws even after the retention period agreed upon by the information subject has expired or the processing purpose has been achieved, the information will be moved to a separate database (DB) or stored in a different location.
③ The procedures and methods for destroying personal information are as follows.
1) Destruction Procedure
The company selects the personal information to be destroyed and obtains approval from the company's personal information protection officer before destroying the personal information.
2) Destruction Method
Personal information recorded and stored in electronic file formats is destroyed so that records cannot be recovered, and personal information recorded and stored in paper documents is shredded or incinerated.
① Information subjects can exercise their rights to request access, correction, deletion, and suspension of processing of their personal information at any time.
※ Requests for access to information on children under the age of 14 must be made by their legal representatives, and minors aged 14 or older can exercise their rights themselves or through their legal representatives.
② The exercise of rights can be made through written, email, fax, etc., in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the 「Personal Information Protection Act」, and the company will take immediate action.
③ The exercise of rights can also be made through an agent such as a legal representative or a person who has been delegated. In this case, a power of attorney must be submitted in accordance with Form No. 11 of the 「Personal Information Processing Method Notice (No. 2020-7)」.
④ Requests for access and suspension of processing of personal information may be restricted in accordance with Articles 35(4) and 37(2) of the 「Personal Information Protection Act」.
⑤ Requests for correction and deletion of personal information cannot be requested if other laws specify that personal information must be collected.
⑥ The company verifies whether the person making the request for access, correction, deletion, or suspension of processing is the information subject themselves or a legitimate representative.
The company takes the following measures to ensure the security of personal information.
1) Administrative Measures: Establishment and implementation of an internal management plan, operation of a dedicated organization, regular employee training, regular security audits
2) Technical Measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of personal information, installation and updating of security programs
3) Physical Measures: Access control to computer rooms and data storage rooms
① The company collects only essential personal information such as email, nickname, name, and unique device number during the service usage process.
② Information subjects can inquire about matters related to behavioral information, exercise their right to refuse, and report damage through the contact information below.
☞ Personal Information Protection Department
Personal Information Protection Department: Information Security Team
Email: stonebuild.top@gmail.com
① The company designates the following personal information protection officer to take overall responsibility for personal information processing tasks and to handle complaints and damage relief related to personal information processing.
Personal Information Protection Officer: Director Park Ji-man
Personal Information Protection Department: Information Security Team
Email: stonebuild.top@gmail.com
② Information subjects can contact the personal information protection officer and department for all inquiries, complaints, and damage relief related to personal information protection arising from using the company's services. The company will respond and handle inquiries without delay.
① Information subjects can request access to personal information under Article 35 of the 「Personal Information Protection Act」 to the department below. The company will strive to promptly process requests for access to personal information.
☞ Personal Information Access Request Reception and Processing Department
Department: Information Security Team
Email: stonebuild.top@gmail.com
② Information subjects can seek dispute resolution or consultation by applying to the Personal Information Dispute Mediation Committee, Korea Internet & Security Agency's Personal Information Infringement Report Center, etc. for remedies for personal information infringement. For reporting or consulting on other personal information infringement matters, please contact the following institutions.
1) Personal Information Dispute Mediation Committee: (No area code) 1833-6972 (www.kopico.go.kr)
2) Personal Information Infringement Report Center: (No area code) 118 (privacy.kisa.or.kr)
3) Supreme Prosecutors' Office: (No area code) 1301 (www.spo.go.kr)
4) National Police Agency: (No area code) 182 (ecrm.cyber.go.kr)
③ The company strives to guarantee the right to self-determination of personal information and to provide counseling and relief for personal information infringement. If you need to report or consult, please contact the department mentioned in Paragraph 1.
④ If the rights or interests of the information subject are infringed by the disposition or omission of the head of a public institution as a result of a request under Articles 35, 36, and 37 of the 「Personal Information Protection Act」, the information subject may request an administrative appeal in accordance with the Administrative Appeals Act.
☞ Central Administrative Appeals Commission: (No area code) 110 (www.simpan.go.kr)
① This privacy policy is effective from the date of implementation, and if there are additions, deletions, or corrections due to changes in laws and policies, we will notify you through the notice as soon as possible.
② This privacy policy is effective from June 1, 2024.