1. What is Privacy Policy?

KBIDC Co., Ltd. (hereinafter "Company") ‘collects, uses, and provides personal information based on the user's consent’, and ‘actively guarantees the user’s right(the right of self-determination on personal information)’. The Company complies with the relevant laws, regulations and guidelines of the Republic of Korea that must be followed by the providers of information and communication services. "Personal Information Processing Policy" means the guidelines that the Company must follow in order to protect users’ valuable personal information so that users can safely use the service. This Personal Information Processing Policy applies to Starcro Services (hereinafter "Starcro" or "“the Services“).

2. Collection of Personal Information

The Company collects the minimum personal information required for service delivery. The Company collects the following minimum personal information for each service through the homepage, individual applications or programs when the user signs up for the Services or while the user uses the Services.

• [Starcro]
  • Compulsory Phone number, contact information saved in the device’s contacts such as contacts of smart phones, etc., (third party phone numbers and IDs , profile photo, IMEI (securely converting and using the information of the user's device to prevent it from checking the original value with regarding to the inherent information of the user’s device), e-mail, password, ID, profile photo, Starcro prover list.
• [Customer Center]
  • Compulsory Phone number, Starcro account, e-mail
• The Company may collect additional personal information to provide specialized services upon the user’s consent. What is compulsory information? : Information to perform the essential functions of the sServices What is optional information? : Additional information to provide more specialized services (Even if a user does not provide optional information, there is no limit to the use of the sServices.)
• This is how personal information is collected. When collecting personal information, the Company must notify the user in advance and seek consent, then collect personal information through the following methods.
• When a user agrees to provide personal information and enters information directly in the course of subscription or while the user uses the Services. Web page, e-mail, fax, telephone, etc. provided in the consulting process at the customer center Participation in online and /or offline events
• The following personal information will be collected by the Company while the user uses the Services. Information such as terminal information (OS, screen size, device ID), IP address, cookie, date and time of visit, unauthorized use record, and service use record can be automatically generated and collected while the user uses PC Web, mobile web and applications.

3. Use of Personal Information

Personal information is used for membership management, service provision and improvement, and new service development. At the time of signing up for the Services or using the Services, the Company collects the minimum personal information required to provide the Services through the homepage, individual applications or programs.

• Member identification/confirmation of the user’s will to sign up, confirmation of user identity and age, prevention of unauthorized use age
• In the case of collecting personal information of children under the age of 14, confirmation of consent of a legal representative
• Providing messages or mail transmissions between users(provers), friend(prover) registration, and friend(prover) recommendation function
• Providing activity information, user search, and registration functions to prover
• Providing analysis and service of demographic characteristics
• Developing new services, providing various services, processing inquiries or complaints, and delivering announcements
• Transfer of contents, delivery, or payment for paid services
• Preventing and sanctioning acts that interfere with the smooth operation of services (including the theft of accounts and illegal use)
• Use for event participation checking, marketing and advertising
• Voice command recognition and personalization service
• Statistics on service usage record, frequency of visit and service use, establishment of service environment for personal privacy, provision of customized
• service, utilization of service improvement

4. Providing Personal Information

The Company does not provide personal information to third parties unless we the Company has your consent or if demanded by applicable laws and regulations. The Company provides the following personal information in order to connecting with third parties. The Company does not provide personal information to third parties upon the user’s consent. However, personal information may be provided to third parties once the Company obtains the consent of the user within the range necessary for using the Services of external affiliates, etc.,

5. Destruction of Personal Information

Personal information will be destroyed without delay once the purpose of collection and use of perosnal information is achieved. The procedures and methods are as follows. In the case of personal information in electronic file formats, it is safely deleted so that it cannot be recovered or reproduced. In the case of personal information in records, printed material, and written documents, it is destroyed by shredding or incineration. However, the information to be destroyed after being stored according to internal policy is as follows.

• 1) The information below will be stored for a maximum of 1 year from the date of withdrawal and destroyed.
  • -. Storing encrypted Starcro account and e-mail address for sending notification e-mails and responding for CS inquiries.
  • -. Service fraud hrecord
• Furthermore, the Company also separates or deletes personal information of users who have not used the sServices for one year in accordance with the "Personal Information Expiration Period System", and the separated personal information will be destroyed without delay after being kept for four years.

6. Others

The Company protects your rights. At any time, the user may view or modify his/her personal information (through a legal representative for users under the age of 14), and may withdraw his/her consent or terminate his/her membership. More specifically, the user can click the "Account (membership) withdrawal" button on the in-service setting fuction of the Services in order to make changes or terminate the subscription(withdraw his/her consent). If the user contacts he Company by phone for the above matters, the user’s request will be performed without delay. If a user requests correction of errors in your personal information, the Company does not use or provide the personal information until the user’s correction s completed. In addition, the Company also provides a page to protect the users' rights according to the 'Online Personalized Advertising Personal Information Protection Guidelines'.

• Introduction of Online Personalized Advertisements and the Methods of Rejecting Personalized Advertisements
  • Cookies may be used to provide PC-based services. Cookies are used to support faster and more convenient use of of websites and to provide personalized services.
• What is a cookie?
  • A cookie is a small text file that the server which manages the website sends to the user's browser, and stored in the user's computer.
• Purpose of Cookie Usage
  • The Company uses cookies that store your information and retrieve it from time to time in order to provide personalized and customized services. When a user visits a website, the website server reads the contents of the cookies stored on the user's device, maintains the user's preferences, and provides customized services. Cookies help the user access and use the website conveniently according to the user’s preference. Furthermore, they are also used to provide customized information such as optimized advertisements through the user's visit history and usage patterns of the website.
• Refusal to Collect Cookies
  • Cookies do not store personally identifiable information such as names and phone numbers, and a user has an option of installing cookies. As a result, by setting an option on the web browser, a user may allow all cookies, or check whenever a cookie is saved, or refuse to save all cookies. However, if a user refuses to install cookies, the user may be inconvenient while using the web, and may have difficulties in using some services that require login.
• Example of Setting Cookies
  • 1) Internet Explorer Click “Tools” menu at the top of the web browser> Internet Options> Privacy> Settings
  • 2) Chrome Click “Settings” menu on the right side of the web browser> “Show advanced settings” at the bottom of the screen> “Content setting” button in the personal information> Cookies
• The Company complies with European Union General Data Protection Regulations and the laws of each Member Country. If the Company is providing the sServices to users in the European Union, the following may apply:
• [Purpose and Basis of Personal iInformation Processing]
  • The Company uses the personal information established for the purpose described in "3. Use of Personal Information", and informs the user of the fact in advance and requests consent. And in accordance with applicable laws such as GDPR, the Company may process the users’ personal information in any of the following cases.
• onsent of the personal information entity
  • For the conclusion and implementation of the contract with the personal information entity
  • To comply with legal obligations
  • When processing is necessary for the material benefit of the personal information entity
  • or the purpose of pursuing the legitimate interests of the Company (unless the interests, rights, and freedom of the personal information entities are more important than those of the Company)
• [Guarantee the Users’ Rights in the European Union]
  • The Company protects users’ personal information as informed in "Protecting Your Rights". In accordance with applicable laws such as GDPR, a user may request that his/her personal information be transferred to another administrator, and may request that his/her information be refused. Furthermore, a user has the right to file a complaint with tauthorities to protect your privacy.
  • In addition, the Company may use personal information to provide marketing services such as events and advertisements,upon the user’s consent in advance. If a user does not want to do so, the user may withdraw his/her consent at any time.
  • If a user has any of the above requests, the user may contact the Customer Center via written form, phone or e-mail.
  • If a user requests the correction of errors on personal information, the Company will not use or provide the personal information until the correction is completed.
• Any questions regarding privacy protection?
  • For any inquiries, complaints, advice, or any other information related to the privacy protection while using the service, please contact the person in charge of personal information protection and the relevant department. The Company will strive to listen to and give a quick and satisfactory answer to each user.
• Privacy Protection Officer (CPO, DPO) and Department
  • Director: Yoon-Ho Jung
  • Department: Privacy Protection Part
  • Contact: Customer Center [+82-1599-4152]
  • Moreover, if a user needs to file a report or have a consultation with regards to the infringement of personal information, the user may contact the following organizations for help.
• Personal Information Infringement Reporting Center
  • KISA
  • (Without Telephone Exchange Number) 118
  • http://privacy.kisa.or.kr
  • Supreme Prosecutors' Office Cyber Crime Division
  • 02-3480-3571
  • cybercid@spo.go.kr
  • National Police Agency Cyber Terror Response Center
  • (Without Telephone Exchange Number) 182
  • http://cyberbureau.police.go.kr
• Changes in Privacy Policy
  • The Company may modify privacy policy for purposes of reflecting changes in law or services. Changes in the Company’s privacy policy will be posted on Starcro and the modified privacy policy will take effect seven days after the posting.
  • However, the Company will notify users at least 30 days in advance, in case of any significant changes in the user's rights, such as changes in the items of personal information collected or the purpose of use.