Privacy Policy
GIANTSTEP is legally processing and safely managing personal information in compliance with the Personal Information Protection Act and related laws to protect the freedom and rights of the main agents of the information.
In accordance with Article 30 of the Personal Information Protection Act, GIANTSTEP establishes and discloses a Privacy Policy (the “Policy”) as follows to guide the main agent of the information to procedures and standards for processing personal information and to facilitate the processing of such grievances quickly and smoothly.
Key personal information processing indications (labeling)
Information Processed
Disposal
Privacy Officer
E-mail, password, country of the user, IP address, device name, MAC address;
Until withdrawal from the website
Seongho Choi
(GX Development HQ, CTO)
Table of Contents
Collection of personal information and its purpose
Collection of Personal Information of data subjects under the age of 14
Automatic collection devices of personal information
Additional processing of personal information
Provision of personal information to 3rd party
Destruction of personal information
Users’ and their legal representative’s rights, obligations, and methods of exercise
Safety measures for personal information
Responsible department of personal information
Remedy for infringement on the rights and interests of the data subject
Protection of personal information of foreign users
Obligations to notify before amendment
Collection of Personal Information and Its Purpose
The minimum information necessary to provide the service is collected as essential items, and additional information collected to provide specialized services is collected as optional items.
The information GIANTSTEP collects after the data subject's consent is as follows.
Classification
Individual membership
Company license membership
Purpose
Member management and identification Providing products or services To detect and deter unauthorized or fraudulent use of or abuse of the Service Forwarding of inquiries or complaints and notices Improvement of existing services and development of new services, establish a service environment for privacy
Making statistics on member’s service usage, to provide services and place advertisements based on statistical characteristics
Items
E-mail, password, country of the user, IP address, device name, MAC address
E-mail, ID, password of purchasing representative
Consulting through the customer center
Forwarding of inquiries or complaints
E-mail, name of the user, fax number, telephone number, agent information, and other supporting material
Marketing use
Marketing such as events and advertisements, customized recommendations through user interest, preference and propensity estimation
GIANTSTEP will collect personal information as follow.
In the process of signing up for membership and using the service, if the user agrees to collect personal information and enters the information directly, the personal information is collected.
During the consultation process through the customer center, users' personal information can be collected through web pages, e-mails, faxes, and phone calls.
Personal information can be collected in writing at offline events, seminars, etc.
Personal information can be provided from outside companies or organizations affiliated with GIANTSTEP. In this case, by the Personal Information Protection Act, the affiliate receives consent to provide personal information to the user and then provides it to GIANTSTEP.
Generated information, such as device information, can be automatically generated and collected during the use of the PC Web and mobile Web/app.
Collection of Personal Information of Data Subjects Under the Age of 14
GIANTSTEP does not allow children under the age of 14 to use the service.
GIANTSTEP does not allow children under the age of 14 to sign up for or use the service, and if it is confirmed that a child has signed up for the service using the personal information of their legal representative, the registration may be canceled, and the legal representative may request cancellation of the registration if such fact is confirmed.
If you are a parent or guardian and believe that your minor child has provided personal information to GIANTSTEP without your consent, please contact us at privacy@pretcoord.comand we will take steps to delete the personal information
Automatic Collection Devices of Personal Information
GIANTSTEP may collect collective and impersonal information through ‘cookies’.
‘Cookies’ are very small text files to be sent to the browser of the users by the sever used for operation of the websites of the GIANTSTEP and will be stored in hard-disks of the users’ computer or mobile device.
Purpose of using Cookies
To provide personalized and customized services, cookies that store users’ information and call them are used frequently. When a user visits the website, the website server reads the cookies stored on the user’s device to maintain the user’s preferences and provide customized services. Also, it is used to provide customized information such as optimized advertisements through records of users’ website visits and usage patterns.
Option to select ‘collecting cookies’
The users have an option for accepting or rejecting cookies. So, they may choose to either allow or reject cookies by setting option in web or mobile browser. Provided that, if the user rejects the installation of cookies, it may be difficult for that user to use the parts of services provided by GIANTSTEP.
▶ Allowing/rejecting cookies on web browser
Chrome : Settings > Privacy and security > Third-party cookies
Edge : Settings > Cookies and site permissions > Manage and delete cookies and site data
▶ Allowing/rejecting cookies on mobile browsersr
Chrome : Settings > Privacy and security > Third-party cookies
Safari : Settings > Safari > Block All Cookies
Samsung Internet : Settings > Sites and downloads > Site permissions > Cookies
Provision of Personal Information to 3rd Party
In principle, GIANTSTEP does not provide personal information to the third party without user permission.
Personal information is provided only when the user directly permitted to use the services of affiliates; and when the obligation to submit personal information to GIANTSTEP occurs under the relevant laws; when an urgent risk to the user’s life or safety is identified and is intended to resolve it.
Period for Retention and Use of Personal Information
GIANTSTEP processes and retains personal information within the retention and use period in accordance with 1) related laws and 2) the permission received from the users.
1. Membership and management of PRETCOORD : Until withdrawal from the website
2. Provision of goods or services : Until the completion of supply of goods or services and the completion of payment and settlement of charges
3. Management of non-user of PRETCOORD : According to the operation policy, GIANTSTEP separately stores or deletes the personal information of users who have not used the service for one year. And the personal information stored separately is destructed without delay after four years of storage.
Provided that, if it is required to retain the information by relevant laws and regulations, GIANTSTEP will retain member information for certain period as designated by relevant laws and regulations. The information to be retained as required by relevant laws and regulations are as follows.
Record regarding contract or withdrawal of subscription: 5 years (The Act on Consumer Protection in Electronic Commerce)
Record on payment and supply of goods: 5 years (The Act on Consumer Protection in Electronic Commerce)
Record on consumer complaint or dispute treatment: 3 years (The Act on Consumer Protection in Electronic Commerce)
Record on sign/advertisement: 6 months (The Act on Consumer Protection in Electronic Commerce)
Account books and supporting documents for all transactions prescribed by the tax law: 5 years (Framework Act on National Taxes)
Record on electronic financial transactions: 5 years (Electronic Financial Transactions Act)
Destruction of Personal Information
The procedures and methods of destruction personal information are as follows.
1. Destruction procedures
GIANTSTEP selects personal information that caused the reason for destruction and destruct the information with the approval of the information protection officer.
2. Destruction methods
GIANTSTEP destructs: hard copies of personal information by shredding with a Shredder or incinerating it; and delete personal information stored in the form of electric file by using technological method making that information not restored.
Users’ and Their Legal Representatives’ Rights, Obligations, and Methods of Exercise
Users and their legal representatives have the following rights regarding the processing of the users’ personal information.
Users and their legal representatives can inquire, modify, or delete their personal information at any time on the “member information page” and request access to the users’ personal information.
Users and their legal representatives can request the suspension of personal information processing at any time. In cases where there are special provisions in the law, GIANTSTEP can reject the users’ request for suspension of processing.
Users and their legal representatives can withdraw their permission to collect and use personal information at any time through "withdrawal from membership".
If a user or its representative requests correction of an error in their personal information, GIANTSTEP will not use or provide to a 3rd party until the correction is completed. In addition, if the wrong personal information has already been provided to a 3rd party, GIANTSTEP will notify the 3rd party of the correction processing result without delay.
The user’s personal information can be corrected directly by the user or its representative on the “member information page” or by contacting privacy@pretcoord.com to request correction. GIANTSTEP tries to respond to a legitimate request within 10 days when a user makes an email request. Additionally, GIANTSTEP will contact the user if additional information is needed to fulfill their request. If there is a legitimate reason GIANTSTEP may suspend the fulfillment of its obligation by notifying it to the user or its legal representative. GIANTSTEP shall fulfill its duty immediately after such reason has disappeared.
GIANTSTEP checks whether it is users or a legal representative who made request for perusal, correction, deletion, or suspension of processing.
Safety Measures for Personal Information
GIANTSTEP is taking the following managerial, technical, physical steps to ensure the stability of personal information.
Examples of managerial steps are detailed below.
GIANTSTEP provide regular training on the protection of users’ personal information to employees. Regular training and campaigns on privacy obligations and security are provided to all employees who process personal information
GIANTSTEP meets domestic and international certification standards for user information protection activities and systems. GIANTSTEP annually undergoes verification by independent review agencies to ensure that the information protection and privacy management systems meet the standards for domestic and international certification screening and provide opportunities for improvement.
Examples of technical measures are detailed below.
Encode the user’s personal information. The user's personal information is transmitted using an encrypted communication zone, and important information such as passwords is encrypted and stored.
GIANTSTEP is trying to protect against hacking or computer viruses. Install a system in the zone the external access to which is controlled so as to prevent leakage or damage of users' personal information by hacking or computer virus. A system that can detect and block intrusion by hackers is installed to monitor it 24 hours a day, and a vaccine program is installed to prevent the system from being infected with the latest malicious code or viruses. GIANTSTEP is also continuously researching new hacking/security technologies and applying them to the service.
GIANTSTEP is minimizing the number of people who have access to personal information. The minimum number of employees who process personal information is limited. GIANTSTEP also establish systematic standards for creating and changing passwords for personal information processing systems, and for access to them. And GIANTSTEP conducting continuous audits of it
Examples of physical measures are detailed below.
GIANTSTEP safely manages materials containing personal information GIANTSTEP establishes and operates access control procedures for separate physical locations where personal information is stored, such as information rooms and data storage rooms. Documents and data storage media containing personal information are stored in a safe location with a lock
Responsible Department of Personal Information
GIANTSTEP designates the following department and person in charge of personal information in order to protect personal information of customers and deal with complaints from customers. Users exercise their right including the right to access their personal information under Article 35 of the Personal Information Protection Act to the Department responsible for privacy protection and customer service
Director responsible for privacy protection
Name: Seungho Choi
Department: GX Development HQ
Title: CTO
Contacts: seongho.choi@giantstepcorp.com
Department responsible for privacy protection and customer service
Department : Security Team
Manager: Jamin Seo
Affiliation: Development HQ
Contacts : privacy@pretcoord.com
Remedy for Infringement on the Rights and Interests of the Data Subject
If you need to report or consult on other privacy infringements, you can contact the following institutions
Personal Information Dispute Mediation Committee (www.kopico.go.kr / 1833-6972)
Korea Internet & Security Agency (privacy.kisa.or.kr / 118)
Supreme Prosecutors’ Office (www.spo.go.kr / 1301)
Korean National Police Agency (police.go.kr / 182)
Protection of Personal Information of Foreign Users
GIANTSTEP provides global services, and all users’ personal information is stored and managed in the region of Korea. Therefore, the personal information of users who use the service in countries other than Korea and in that region is also stored and managed within Korea.
The users may exercise their right, as consumers or as main agents of the information, by laws and regulations or international conventions applicable to the country in which they reside. GIANTSTEP will handle the laws or conventions will be applied first, in the case of any conflict between the laws or international conventions and this Privacy Policy.
If a user is a child under applicable laws and international treaties, Giantstep may restrict the user's service registration and use, and the legal representative of the child may request deletion of the child's or legal representative's personal information that has been used.
The users may exercise these rights through a written request or email(Personal Information Protection Department/Contact: privacy@pretcoord.com. ). GIANTSTEP will act quickly if it receives a request related to the protection of the user’s personal information. However, there may be restrictions on the exercise of these users’ rights under national laws or international conventions.
Obligations to Notify Before Amendmen
GIANTSTEP may modify this Privacy Policy from time to time to reflect 1) relevant laws or 2) changes to the service. GIANTSTEP will post the latest version of the Privacy Policy here and notify users by making the last date of modification. If you continue to use the service after such modifications have been posted, you will be deemed to have agreed to those modifications.
GIANTSTEP will notify you by email and notice 30 days before the revision of the Privacy Policy, and you may receive user permission again if necessary.
The date of public announcement: 29 November 2024
The date of effective: 29 November 2024