Phaze (hereinafter referred to as "the Company") establishes and discloses the following privacy policy in accordance with Article 30 of the Personal Information Protection Act to protect the personal information of information subjects and to handle complaints promptly and efficiently.
Article 1 (Purpose of Processing Personal Information)
The Company processes personal information for the following purposes. Personal information will not be used for purposes other than those specified, and if the purpose of use is changed, necessary measures, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act, will be implemented.
Submission of Website Inquiry Forms
Personal information is processed to confirm the intention to provide detailed service guidance, identify/authenticate individuals, maintain/manage inquiries, prevent misuse of services, confirm the consent of legal guardians when processing personal information of children under 14 years of age, issue various notices/notifications, and handle complaints.
Service Provision
Personal information is processed for service provision, sending contracts/invoices, providing content, and offering personalized services.
Handling Complaints
Personal information is processed to verify the identity of complainants, confirm complaints, conduct fact-finding investigations, and notify results.
Personal Information Processing by Phaze Site Administrator
Personal information is processed for the purpose of handling tasks related to personal information processing.
Article 2 (Period of Retention and Use of Personal Information)
① The Company retains and uses personal information within the period agreed upon by the information subject or within the period prescribed by law.
② The retention and use periods for each type of personal information are as follows:
A. Management of Contact Information for Service Provision: Until the termination of the business/organization contract.
However, in cases where an investigation is underway due to a violation of relevant laws, the retention period extends until the conclusion of the investigation.
B. Service Provision: Until the completion of service provision and payment/settlement.
However, in the following cases, the retention period extends until the conclusion of the specified reasons:
i. Records related to transactions such as display/advertising, contract contents, and fulfillment under the Act on Consumer Protection in Electronic Commerce:
Records of display/advertising: 6 months
Records of contract or withdrawal of offer, payment, and supply of goods: 5 years
Records of consumer complaints or dispute resolution: 3 years
ii. Communication confirmation data retention under the Protection of Communications Secrets Act:
Subscriber’s communication date and time, start/termination time, counterpart’s subscriber number, usage rate, and base station location tracking data: 1 year
Internet log records, access location tracking data: 3 months
Article 3 (Provision of Personal Information to Third Parties)
The Company processes personal information within the scope specified in Article 1 and provides personal information to third parties only in cases where the information subject’s consent is obtained, or in accordance with specific provisions of the law, such as Article 17 and Article 18 of the Personal Information Protection Act.
Article 4 (Rights and Obligations of Information Subjects and Legal Representatives)
① Information subjects can exercise rights such as requesting access to, correction/deletion of, or suspension of processing of their personal information at any time.
② The exercise of rights as described in the first clause can be made through a written request, email, or fax, and the Company will respond promptly.
③ The exercise of rights may also be made through a legal representative or an authorized agent, in which case a power of attorney must be submitted as prescribed by the Personal Information Processing Methods Notice.
④ Requests for access and suspension of processing may be restricted under Articles 35(4) and 37(2) of the Personal Information Protection Act.
⑤ Requests for correction and deletion cannot be made if other laws specify that the personal information must be collected.
⑥ When a request for access, correction, or deletion is made, the Company confirms whether the requesting party is the information subject or a legitimate representative.
Article 5 (Personal Information Items Processed)
The Company processes the following personal information items:
Service Provision Based on Inquiry Content
A. Required items: Name, company name, phone number, email
Automatically Collected Information During Internet Service Use
IP address, cookies, MAC address, service use records, visit records
Article 6 (Destruction of Personal Information)
① The Company promptly destroys personal information that is no longer necessary, such as when the retention period has expired or the purpose of processing has been achieved.
② If the retention period has expired or the purpose of processing has been achieved, but other laws require continued retention, the personal information will be transferred to a separate database (DB) or stored in a different location.
③ The procedures and methods for destroying personal information are as follows:
A. Destruction Procedure: Personal information identified for destruction is selected, and with the approval of the personal information protection officer, the Company destroys the personal information.
B. Destruction Method: Personal information recorded/stored in electronic file format is destroyed so that the records cannot be recovered, and paper records are shredded or incinerated.
Article 7 (Measures for Securing the Safety of Personal Information)
The Company takes the following measures to ensure the safety of personal information:
Administrative Measures: Establishment and implementation of an internal management plan, regular employee training, etc.
Technical Measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, and installation of security programs
Physical Measures: Access control to computer rooms and data storage rooms
Article 8 (Matters Concerning the Installation/Operation of Automatic Personal Information Collection Devices and Refusal Thereof)
① The Company uses cookies to provide personalized services to users by storing and retrieving usage information from time to time.
② Cookies are small amounts of information sent by the server (HTTP) used to operate websites to the user’s computer browser and may be stored on the user’s hard disk.
A. Purpose of Using Cookies: Cookies are used to optimize the information provided to users by identifying visit and usage patterns for each service and website visited by the user, popular search terms, and whether secure connections are made.
B. Installation/Operation of Cookies and Rejection: Users can refuse to store cookies through options in their web browser, such as Tools > Internet Options > Privacy.
C. Consequences of Refusal: Users may experience difficulties in using customized services if cookies are refused.
Article 9 (Personal Information Protection Officer)
① The Company has designated the following personal information protection officer to be responsible for overseeing the handling of personal information, processing complaints, and providing remedies for information subjects:
A. Personal Information Protection Officer
Name: Seongjun Kim
Position: Representative of Phaze
Contact: 02-3448-5666 / contact@phaze.co.kr
② Information subjects may contact the personal information protection officer or the department responsible for personal information with any inquiries, complaints, or requests for remedy. The Company will respond and handle inquiries without delay.
Article 10 (Request for Access to Personal Information)
Information subjects may request access to their personal information under Article 35 of the Personal Information Protection Act through the following department:
Department: Phaze Magazine Management Team
Person in Charge: Seongjun Kim
Contact: 02-3448-5666 / contact@phaze.co.kr
Article 11 (Remedies for Infringement of Rights)
Information subjects can seek resolution or consultation for privacy-related disputes by contacting the Personal Information Dispute Mediation Committee, Korea Internet & Security Agency, or other related organizations. For further information, please contact the following agencies:
Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)
Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)
Supreme Prosecutors' Office: 1301 (www.spo.go.kr)
Cyber Bureau of the National Police Agency: 182 (cyberbureau.police.go.kr)
Information subjects who believe that their rights or interests have been infringed upon by a public institution's decision or inaction under the Personal Information Protection Act may file an administrative appeal as prescribed by the Administrative Appeals Act.
For more information on administrative appeals, please visit the Central Administrative Appeals Committee website (www.simpan.go.kr).
Article 12 (Changes to the Privacy Policy)
This privacy policy is effective from November 1, 2023.