Privacy

VCNC Privacy Policy Revision

VCNC (Hereafter the “Company” or called as "Between") complies with privacy policies stipulated in relevant laws including Information Communication Network Promotion and Protection of Information Laws, Privacy Laws, Protection of Communications Secrets Act, Telecommunications Business Act which required to be observed by information communication service providers, and we take the security of your personal information very seriously by enacting a policy for handling personal information based on relevant laws.

The company informs how personal information is used for and in what way through the policy for handling personal information and informs you of what actions are taken to protect privacy. The company discloses the policy on the first page of our homepage (http://between.us/terms) for users to access this at any time.

The company will disclose any revisions and its details on the notice board of the homepage (or individual announcement) when the policy is revised. The company discloses any changes made for your easy identification by disclosing version numbers when the policy is changed.

This Privacy policy will be effective from MM DD 2014

1. Personal information collected and methods of collection

   1. Personal information collected

      The company collects the following personal information when you use the service of Between for the first time for subscribing to a membership (or subscribing for service), customer service and to provide services.

      • Essential: Email address, name (or nickname), date of birth, cell phone number, sex, cell phone information
      • Selective: Profile picture

      You can enter account information to connect to external services selected by you including Facebook accounts for service.

      Lastly, the following information can be automatically generated and collected while using service or while conducting businesses.

      • IP Address, date of access, service log, cookie, access log

   2. Methods of collecting personal information

      The company collects personal information in the following methods.

      • Collection while executing or using Between Program
      • Provided by partners
      • Collection through tools for collecting generated information (including cookie)
      • Collection through voluntary disclosure by user while using the service

2. Collection and use of personal information

   The company uses collected personal information for the following purposes.

   1. Provide Between Service

      Identification within Between service subscribed by you and connecting accounts set by you including emails, Facebook and for inviting others

   2. Membership management

      Providing member service only, identifying members, preventing disruptive members (members whose access is restricted according to the Article 18 of Terms of Use) from accessing the service and preventing unauthorized accesses, confirm intention to subscribe, record keeping for settle disputes, customer complaints including handling complaints, announcing notices

   3. Use for developing new service and marketing·advertisements

      Develop new service and provide customized service, provide service according to statistical features and advertisements, checking validity of service, provide opportunities to participate in promotions or provide advertisements, examining access frequency, statistics on service usage by members

3. Sharing and providing personal information

   The company uses personal information of users within the scope disclosed from "2. Collection and use of Personal Information” in principle, and the following information can be disclosed while using our service.

   • Name, profile photo will be disclosed to users connected to Between to identify each other while using Between Service. Date of birth, email address and cell phone number can be disclosed.
   • ‘Name, profile photo’ will be disclosed to identify a host depending on setting when a user invites others. If contact number is used for invitation then email or cell phone number will be disclosed to the other party because the invitation is sent by SMS, Kakao Talk, Line, Whatsapp, Twitter, Facebook or email.
   • If you connect your Facebook account then it will ask you whether you want to connect to Facebook or not. In this case, disclosure will be limited to Between that you have subscribed.

   Personal information will not be disclosed to third parties in principle nor used for purposes other than those stated in “2. Collection and use of Personal Information” without your consents in advance. However, the followings are excluded.

   • When you agree in advance
   • When you agree in advance to use service by third parties in partnership
     The company notifies of those receiving personal information, purposes of receiving personal information, personal information provided, period of keeping and using personal information, right to refuse to give consent and disadvantages for not giving consents to users through email or in writing when personal information is provided to third parties. Personal information provided to partners will be limited to essential information including name, profile photo and information on memorable days needed to provide service. We inform details of personal information provided for each service at the time of giving consent. The details of personal information provide can be added/changed while providing service, and if personal information needed to use service provided by partners is changed then we receive additional consent when using service.
   • When authorities request for information according to the provisions by statues or according to procedures and methods stipulated in law for the purpose of investigation

4. Commissioning of personal information

   The company commissions personal information as shown below to improve our service, and we stipulate necessary regulations to safely protect personal information when entering into an agency contract according to relevant laws. The company does not commission personal information to external parties without consents form users. If a need arises in the future, then we will notify the agent and businesses of the agent to users and we will seek consents in advance if needed.

   The company states obligations including prohibition of treating personal information other than purposes commissioned according to Privacy Protection Act, technical·administrative protections, restricting sub-commissioning, supervise·manage the agents, compensation for damages in writing such as the contract and supervise whether the agents are safely treating personal information.
   If there are changes in the business of an agent or the agents then we will disclose these through Privacy Policy without delay.

   The agents for treating personal information and business of agents for the company are as shown below.

   Agent	Business	Period of keeping and using personal information
   AWS	Managing infrastructure to provide service and analyze	When withdrawing from the membership or when the contract ends

5. Period of keeping and using personal information

   The company will keep and use personal information while service is provided from the day when you apply for a membership. Personal information will be destroyed without delay in principle when the account is deleted or when the goal for collecting and using personal information is achieved. However, The Company keeps membership information for a certain period required by relevant laws if it is necessary to keep information according to regulations of relevant laws. In this case, the information is used for purpose of keeping only and the period is as shown below.

   • Records on withdrawal from a contract or an agreement: 5 years
   • Records on payments and supply of goods: 5 years
   • Records on customer complaints and dispute resolutions: 3 years
   • Records on accesses: 3 months
   • Records on electronic transactions: 5 years
   • Records on identification: 6 months
   • ID, password, name in English, security questions on password, answers on security questions, name, resident registration number, address, cell phone number, email address, I-Pin, personal identification information, sex, school, work, self-introduction, nickname, banking information, credit card, date and time of accesses, access locations, records on illegal access, PC specifications, service records, legal representatives: 30 days
   • Records of illegal access: 1 year

6. Procedures and methods of destroying personal information

   Personal information will be destroyed without delay in principle when the account is destroyed or when the goal for collecting and using personal information is achieved. The procedures and methods of destroying personal information are as shown below.

   1. Procedures

      Information entered for subscription by users are kept for a certain period (refer to period for keeping and using) then destroyed once goals are achieved by transferring into a separate DB (separate filing cabinets for paper) according to the Privacy Protection based on internal regulations and relevant laws.

      The said personal information will not be used for purposes other than for keeping unless otherwise required by laws.

   2. Methods

      • Personal information printed on papers will be shredded or incinerated.
      • Personal information kept in electronic files will be deleted by technical methods that cannot be restored.

7. Rights, obligations of users and legal representatives and its exercises

   • You or legal representative can make inquiries or request to correct, delete, change or stop using personal information registered for self or child under the age of 14 at any time, and you can refuse to give a consent or request to cancel a membership (withdraw from a membership) if you do not agree with the company’s processing of personal information. However, in this case, a part of or all service may not be accessible.
   • You or legal representative can personally view, change or withdraw to view, change personal information for self or child under the age of 14 by accessing ‘Setting> Change membership information’ from the application to make changes, click “Support Page (https://between-support.vcnc.co.kr/)> Manage Account> Delete Account” from the Between Homepage after accessing “Setting> Disconnect” to cancel subscription (withdraw consent). If the above site cannot be accessible then contact Privacy Officer by email and we will take necessary actions.
   • We will not use or provide personal information until mistakes are corrected when a user request to correct mistakes in personal information. If wrong personal information has been provided to a third party then we will make corrections by notifying the changes to the third party without delay.
   • The company processes cancelled or deleted personal information as requested by users according to "5. Period of keeping and using personal information" and we make sure that the information is not viewed or used for other purposes.
   • The responsibility for accidents caused by inaccurate information entered by a user lies with the user. You have the obligation to prevent unforeseen accidents by accurately entering up to date personal information.
   • You have the obligation to protect yourself and not violate other person’s information as well as the right to be protected of personal information. You should take caution not to leak personal information and not to damage personal information of others including from bulletin boards. If you damage personal information of others or damage the dignity of others by failing to fulfill the above obligations then you can be punished by relevant laws.
   • The company does not collect personal information from minors in principle. When the company needs to collect personal information from minors for making payments for goods purchased then we seek consents from a legal representative in advance, and we will destroy personal information of minors at the time of concluding relevant businesses and we will strictly control personal information of minors while relevant businesses.

8. Installation/operation of devices to automatically collecting personal information and refusing this

   1. What are Cookies?

      • The Company uses ‘cookie’ to store and frequently retrieve user information to provide personalized and customized service.
      • Cookie is a very small text file sent to a browser used by a user through a server used to operate a website and saved at hard disk of the user’s computer. The website server reads the contents of cookie stored in the hard disk whenever the user visits the website used to maintain user environments and to provide customized service.
      • Cookie does not automatically/actively collect information for identifying individuals, and you can refuse to save or delete these cookies at any time.

   2. Purpose of using cookies

      • It helps you to conveniently access and use the website using information contained in cookies when you visit Between PCs or a Mobile website. It is also used to provide customized information such as optimized advertisements through records of website visits by users, types of usage.

   3. installing/operating and refusing cookies

      • You have a choice to install cookies. You can allow all cookies or check whenever a cookie is stored, or refuse storing of all cookies by setting options from a web browser.
        Example)
        For Internet Explorer: Tool menu from the web browser > Internet Option > Personal Information
      • However, if you refuse to store cookies then you may experience difficulties in using some part of service including areas requiring logins.

9. Technical/administrative protection of personal information

   The company takes the following technical/administrative plans for safety to prevent loss, theft, leakage, falsification of or damage to personal information when treating your personal information.

   1. Personal information encryption

      The company stores and manages personal information safely through encryption according to relevant laws and internal policies.

   2. Plans for hackings

      The company is trying its best to prevent leaking or damaging personal information from hacking or computer viruses.

      The company backs up personal information every 6 month in case of damages, prevents personal information from leaking or damaging through up-to-date security patches and firewalls, and safely transmits personal information in networks through encrypted communication.

      The company controls unauthorized external accesses through a firewall system, and tries its best to install all possible technical devices to systematically secure security.

      1. Minimizing the number of employees treating personal information and training

         The company only authorizes a responsible employee to treat personal information and assigned with a separate password which is updated regularly, and emphasizes compliance of VCNC Privacy Policy through regular training.

      2. Operation of an organization exclusive to protect personal information

         The company installed an in-house personal information protection organization to check for compliance of the Privacy Policy and compliance by the employee responsible and rectifies any problems immediately when problems are discovered.

      However, the company is not responsible for any problems caused by leakage of personal information including ID, password by user negligence or problems with the internet.

10. Officer responsible for privacy and contact details

    You can report any personal information related complaints to an officer responsible for privacy or a responsible department while using the service provided by the company.

    The company will quickly and satisfactorily respond to the reports by users.

    Officer responsible for Privacy	Officer responsible for personal information
    Name: Jae Wook Park Dept: VCNC Phone: 070-7728-8262 Position: CEO Email: privacy@vcnc.co.kr	Name: Young Mok Kim Dept: VCNC Phone: 070-7728-8262 Position: CTO Email: privacy@vcnc.co.kr

    Please make inquiries to the following organizations if you need to report or consult in regards to the violation of personal information.

    • KISA (http://www.118.or.kr / Toll free number 118)
    • Cyber Crime Investigation, the Supreme Prosecutors’ Office (http://www.spo.go.kr / 02-3480-2000)
    • Cyber Terror Response Center, the National Police Agency (http://www.ctrc.go.kr / 1566-0112)

11. Miscellaneous

    We inform you that the act of collecting personal information by websites linked to the Between service is not applicable with "Between Privacy Policy".

12. Obligation of disclosure

    The company will notify any addition, deletion and modification in the current Privacy Policy at the homepage, ‘Notice’ within the service or other easy to noticeable ways at least 7 days prior to any revision. However, the company will notify any major changes in user rights including collection and using of personal information, providing to third parties at least 30 days in advance.

Privacy Policy Version Number: v.2.0.

Date revised: 21 Aug 2014
Date enacted: 5 Oct 2011