Privacy policy
Owner Market (hereinafter the “Company”) complies with the personal information protection regulations under relevant laws such as the 「Personal Information Protection Act」, and is doing its best to protect the rights and interests of users by establishing a privacy policy in accordance with the Personal Information Protection Act. This privacy policy ‘collects, uses and provides personal information based on the user's consent’ for use and provision, and complies with the laws, regulations and guidelines of the Republic of Korea related to personal information protection.
The company discloses this privacy policy so that users can easily check it at any time.
Article 1 (Collection and Purpose of Personal Information)
The items of personal information collected by the Company and their respective purposes are as follows, and the Company collects only the minimum personal information necessary to use the service. In addition, the Company processes users' personal information only for the specified purpose, and does not use it for any purpose other than the specified purpose. If the stated purpose of use is changed, the Company will notify the users and take necessary measures, such as obtaining separate consent.
1. Items of personal information collected and purpose of use
Category | Collection items | Purpose of use | Collection method |
---|---|---|---|
Sign up and use of services | [Required] Nickname, email, password | Securing a smooth communication path such as delivery of notices, use of services and consultation, and prevention of illegal use | Sign up |
Profile | [Optional] Profile image, mobile number | User identification, prevention of illegal use, identity verification | Profile setting |
NFT information | [Required] Upload files (images, videos, etc.), attribute content | Create NFT | Create NFTs |
Information collected automatically | [Required] Access log, IP information, cookies, records of bad and illegal use | Identity verification and service usage statistics, prevention of illegal use, prevention of unauthorized use, provision of customized services | Collection via automatic collection device |
2. How to collect personal information
Category | Contents |
---|---|
Online | If you agree to the collection of personal information and directly enter information during the service membership registration and use process |
If you authenticate yourself for the purpose of sales or purchase | |
Emails collected during the customer inquiry process, etc. | |
Information via other automatic collection devices |
Article 2 (Period of Retention and Use of Personal Information)
The Company keeps and uses users' personal information as follows. The collection of personal information for other events, etc. shall be based on the agreed period of retention and use of personal information.
1. Period of retention and use of personal information
Category | Collection items | Purpose of use |
---|---|---|
Member information | Member identification and management, use and provision of services | Until membership withdrawal |
NFT information | Use and management of NFT services | Permanent (information recorded in the blockchain cannot be deleted) |
Wallet information | Identification and management of wallets, use and provision of services | Permanent (information recorded in the blockchain cannot be deleted) |
2. Preservation by law according to the provision of services
① In principle, users' personal information shall be destroyed without delay when the purpose of collecting and using personal information is achieved. However, according to the internal policy to prevent disputes due to illegal use of services, records of illegal use may be kept for one year.
Article 3 (Provision of Personal Information)
The Company does not provide personal information to third parties beyond the scope specified for the purpose of processing. However, it may be provided to a third party in the following cases.
① In the case of separate consent from the user
② In the case of special provisions in other laws
Article 4 (Destruction of Personal Information)
1. When personal information becomes unnecessary, such as when the period of retention and use of personal information has elapsed or the purpose of processing has been achieved, the Company shall destroy the personal information without delay.
2. If the personal information shall be kept in accordance with laws and regulations even though the period of retention and use of personal information agreed upon by the user has expired or the purpose of processing has been achieved, the personal information shall be moved to a separate database (DB) or stored in a different place.
3. The methods of destroying personal information are as follows.
① Personal information stored in the form of an electronic file shall be permanently deleted so that the record cannot be reproduced
② Personal information recorded and stored in paper documents shall be shredded with a shredder or incinerated
Article 5 (Technical and Administrative Protection Measures for Personal Information)
The Company prepares the following technical/administrative measures to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged while processing users' personal information.
1. Administrative measures
① Establishment and implementation of personal information internal management plan
② Minimization and education of employees handling personal information: The company is implementing measures to manage personal information by designating and limiting personnel handling personal information.
2. Technical and physical measures
① Management of access right to personal information processing system: The Company limits the access right to the system that processes personal information to a minimum number of people and take necessary measures to control access to personal information.
② Encryption of personal information: The Company uses encrypted communication (HTTPS) to safely transmit and receive user information.
③ Technical countermeasures against hacking: In order to prevent leakage and damage of personal information due to hacking or viruses, etc., the Company carries out periodic inspections, and monitors and blocks technically and physically, such as installation of the system in an area where access is controlled from outside.< br>
④ Physical measures: Control access to computer rooms, data rooms, etc.
Article 6 (Rights and Duties of Users and Legal Representatives and Method of Exercising them)
1. Users may exercise their rights to the company at any time, such as request for access, correction, deletion, and suspension of processing of personal information. However, as stipulated by related laws such as the Personal Information Protection Act, the exercise of rights by users such as request for access, correction, deletion, and suspension of processing of personal information may be restricted.
2. Users may exercise their rights through email, etc., and the Company will take action without delay.
3. The rights pursuant to Paragraph 1 may be exercised through the user's legal representative or an agent such as a person who has been delegated. In this case, a power of attorney entrusted with the rights of the user shall be submitted.
4. When requesting correction or deletion of personal information, the user may not request the deletion if the personal information is specified as a collection target in other laws.
5. Upon request for viewing, correction or deletion, or suspending processing according to the user's right to use, the Company shall check whether the person making the request, such as viewing, is the person or a legitimate agent.
6. Users may raise objections to the Company if they are dissatisfied with the refusal to exercise their rights, and the Company will take action without delay.
Article 7 (Matters concerning the Installation and Operation of Automatic Personal Information Collection Devices and the Rejection)
In order to provide the service convenience to users, the Company uses 'cookies' that store and retrieve usage information from time to time. A cookie is a small amount of information that a website sends to your computer browser (Internet Explorer, etc.).
1. Purpose of use of cookies
The Company stores the user's preferred settings through cookies to support a faster web environment for users, and uses them to improve services for convenient use. This makes it easier for users to use the service.
2. Installation, operation and rejection of cookies
Users have the option of installing cookies and may refuse to store or delete these cookies at any time.
3. How to refuse cookie settings
① Internet Explorer: Select Tools menu > Select Internet Options > Click Privacy tab > Advanced privacy settings > Cookie level settings
② Chrome: Select Settings menu > Select Show advanced settings > Privacy and security > Select content settings > Cookie level setting
③ Safari: Select Preferences menu > Select Privacy tab > Set cookie and website data level
④ FireFox: Select Tools menu > Select Preferences menu > Select Privacy and Security tab > Set Content Blocking
⑤ Opera: Select Tools menu > Select Settings menu > Select Privacy and Security tab > Set cookie level
Article 8 (Privacy Officer and Department in Charge)
1. In order to protect users' personal information and handle complaints related to personal information, the Company has designated the relevant department and privacy officer as follows.
[ CPO / DPO ]
- Name: Paul Cho
- Phone number: +82-70-4789-4987
- Email: [email protected]
2. Users may contact privacy officer and the department in charge for all privacy related complaints arising while using the Company's services. The Company will do its best to provide satisfactory answers to users' inquiries.
Article 9 (Remedy for Infringement of Rights and Interests)
For damage relief or consultation regarding personal information infringement, contact the following organizations.
Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
- Homepage : privacy.kisa.or.kr
- Tel: (without area code)118
Personal Information Dispute Mediation Committee
- Homepage : www.kopico.go.kr
- Tel: (without area code)1833-6972
Supreme Prosecutor’s Office Cyber Crime Investigation Team
- Homepage : www.spo.go.kr
- Tel: +82 02-3480-3573
National Police Agency Cyber Security Bureau
- Homepage : cyberbureau.police.go.kr
- Tel: (without area code)182
Article 10 (Liability for Linked Sites)
The Company may provide users with links connected to other external sites. In this case, since the Company does not have control over the external sites, it may not be held responsible for or guarantee the usefulness, truthfulness, and legality of the services or data provided by the user from the external sites, and the privacy policy of the linked external sites is irrelevant to the Company, so please check the policy of the relevant external sites.
Article 11 (Change of Privacy Policy)
In the event of additions, deletions, or modifications to the current privacy policy, the Company will notify you through the official website (or individual notice, such as email) at least 15 days before the revision. However, when there are important changes in user rights, such as collection and use of personal information and provision of personal information to a third party, the Company will notify you at least 30 days in advance.
Article 12 (Miscellaneous)
The Company complies with the General Data Protection Regulation of the European Union and the laws of each Member State.
When the Company provides services to users in the European Union, the following may apply.
1. Legal processing and purpose of personal information
The Company uses the collected personal information only for the purposes described in “Article 1 (Collection and Purpose of Personal Information)”, and informs users of the fact in advance and seeks consent. And in accordance with applicable laws such as GDPR, the Company processes users' personal information only in the case of one of the following.
① When the user consents to the processing of his/her personal information
② For the user’s conclusion and performance of the contract
③ For compliance with legal obligations
④ When processing is necessary for the significant benefit of users or other natural persons
⑤ For the pursuit of the Company's legitimate interests (except when the interests, rights or freedoms of users are more important than those interests)
2. Ensuring the Rights of Users in the European Union
In accordance with applicable laws such as GDPR, users may exercise the following rights, such as use, change, and deletion of their personal information. If you contact us for related requests in writing, by phone or by email through the customer center, we will take action without delay.
In addition, if you request correction of errors in personal information, we will not use or provide the personal information until the correction is completed.
① Right of access by the data subject
② Right to rectification
③ Right to erasure
④ Right to restriction of processing
⑤ Right to data portability
⑥ Right to object
⑦ Automated individual decision-making, including profiling
Supplementary provisions
This Privacy Policy is effective from October 01, 2022.