Youseed Privacy and Data Policy

Danswer (hereinafter referred to as 'Danswer Company'), in accordance with Article 30 of the Personal Information Protection Act, establishes and discloses the following personal information processing policy to protect the personal information of data subjects and to handle related grievances swiftly and smoothly.

 

Article 1 (Purpose of Processing Personal Information)

The purpose of processing personal information files registered and disclosed by Danswer under Article 32 of the Personal Information Protection Act is as follows:

Personal Information File Name: YouSeed Personal Information Processing Policy
Purpose of Processing: System Operation
Method of Collection: Collection through information generation tools
Basis for Retention: Article 16, Section 2 of the Law
Retention Period: 3 years
Related Legislation: Records on display/advertising: 6 months, Records on contracts or subscription withdrawal: 5 years

 

Article 2 (Results of Personal Information Impact Assessment)

[Details not provided]

 

Article 3 (Provision of Personal Information to Third Parties)

Danswer processes personal information only within the scope specified in Article 1 (Purpose of Processing Personal Information) and provides personal information to third parties only in cases of consent from the data subject or special provisions of the law, in accordance with Articles 17 and 18 of the Personal Information Protection Act.

Danswer provides personal information to the following third parties:

Recipient: Google LLC
Purpose of Use by the Recipient: Name, Date of Birth, Gender, Login ID, Home Address, Mobile Phone Number, Email
Retention and Use Period by the Recipient: 5 years

 

Article 4 (Consignment of Personal Information Processing)

Danswer entrusts the following personal information processing tasks for smooth handling:
Entrusted Party (Trustee): Google LLC
Content of the Entrusted Work: Purchase and fee payment, development of new services (products), and provision of customized services
Duration of Entrustment: 5 years
Danswer supervises the trustee to ensure the safe processing of personal information, in accordance with Article 26 of the Personal Information Protection Act, and will announce any changes in the content of the consigned work or trustee through this personal information processing policy.

 

Article 5 (Procedure and Method for Destruction of Personal Information)

Danswer will immediately destroy personal information when its retention period has elapsed or the purpose of processing has been achieved.

If personal information needs to be preserved according to other laws despite the lapse of the retention period or achievement of the processing purpose, it will be transferred to a separate database (DB) or different storage location.

The procedure and method of destroying personal information are as follows:

Destruction Procedure: Danswer selects personal information that has reached the destruction cause and destroys it with the approval of Danswer's personal information protection officer.
Destruction Method: Personal information printed on paper is destroyed by shredding or incineration. Electronic file format information is destroyed using technical methods that cannot reproduce the record.

 

Article 6 (Rights and Obligations of the Data Subject and Legal Representatives)

Data subjects have the right to request access, correction, deletion, or suspension of processing of their personal information from Danswer at any time.
These rights can be exercised through written request, email, or fax in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act, and Danswer will respond promptly.
Rights outlined in Paragraph 1 can also be exercised through legal representatives or authorized agents of the data subject. In such cases, a power of attorney compliant with the format prescribed in “Notice on Personal Information Processing Method (No. 2020-7),” Attachment No. 11, must be submitted.
Requests for access and suspension of processing are subject to limitations under Article 35, Paragraph 4, and Article 37, Paragraph 2 of the Personal Information Protection Act.
Requests for correction and deletion of personal information are not applicable if the information is required for collection under other laws.
Danswer verifies the identity of the requester or their legal representative in cases of requests for access, correction, deletion, or suspension of processing.

 

Article 7 (Measures for Securing the Safety of Personal Information)

Danswer implements the following measures to ensure the security of personal information:

Establishment and enforcement of internal management plans for safe processing of personal information.
Minimization and training of staff handling personal information, designating them to manage the information securely.
Regular self-audits (quarterly) to ensure the safety of handling personal information.
Restriction of access to personal information by granting, altering, and deleting access rights to the database system and using intrusion prevention systems to control unauthorized access from outside.
Storage and management of access records to the personal information processing system for at least one year, or two years when processing sensitive or unique identifier information or for more than 50,000 data subjects, and using security functions to prevent alteration, theft, or loss of access records.
Control of unauthorized access by establishing and operating access control procedures for physical storage locations where personal information is stored.

 

Article 8 (Installation, Operation of Automatic Personal Information Collection Devices and Their Refusal)

Danswer uses 'cookies' to store and frequently retrieve usage information to provide individualized custom services to users.
Cookies are small pieces of information sent by the server (http) used to operate websites to the user's computer browser and may be stored on the hard disk of the user's PC.
a. Purpose of Cookie Usage: To provide optimized information to users by identifying each service and website visited, usage patterns, popular search terms, and secure connection status.
b. Installation, Operation, and Refusal of Cookies: Users can refuse to store cookies by setting options in the Internet options > Privacy menu at the top of the web browser.
c. Difficulties in using customized services may occur if cookies are refused.

 

Article 9 (Processing of Pseudonymized Information)

Danswer processes pseudonymized information for the following purposes:

[To be filled in as applicable]
[Other details regarding the processing and retention of pseudonymized information, provision to third parties, consignment, and safety measures can be written directly.]

 

Article 10 (Personal Information Protection Officer)

Danswer designates the following personal information protection officer to oversee all personal information processing activities, handle complaints and damage relief related to personal information processing:

Personal Information Protection Officer
Name: Hwang Ju-young
Position: Representative
Title: CEO
Contact: 01026539689, danswer.company@gmail.com
[Details of the Personal Information Protection Department to be filled in]
Data subjects can inquire with the personal information protection officer or department for all personal information protection-related inquiries, complaints, and damage relief that arise while using Danswer's services or business. Danswer will respond promptly to data subjects' inquiries.

 

Article 11 (Department for Accepting and Processing Requests for Access to Personal Information)

Data subjects can request access to personal information under Article 35 of the Personal Information Protection Act with the following department. Danswer strives to process requests for access to personal information swiftly:

[Details of the department, responsible personnel, and contact information to be filled in]

 

Article 12 (Remedies for Rights Infringement of Data Subjects)

Data subjects can apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee or the Personal Information Infringement Report Center of the Korea Internet & Security Agency for remedies against personal information infringement. For other personal information infringement reports and consultations, please contact the following institutions:

Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (http://www.kopico.go.kr)
Personal Information Infringement Report Center: (without area code) 118 (privacy.kisa.or.kr)
Supreme Prosecutors' Office: (without area code) 1301 (http://www.spo.go.kr)
National Police Agency: (without area code) 182 (ecrhttp://m.cyber.go.kr)
Administrative appeals can be filed in accordance with the Administrative Appeals Act if rights or interests are infringed due to a disposition or inaction by a head of a public institution under the provisions of Articles 35, 36, and 37 of the Personal Information Protection Act.

 

Article 13 (Operation and Management of Video Information Processing Equipment)

Danswer installs and operates video information processing equipment as follows:
[Details of the basis and purpose of installation, number of installations, locations, shooting range, management responsibility, and access rights, shooting time, storage period, storage location, processing method, method and place for verifying video information, and measures for requests to view personal video information to be filled in]

 

Article 14 (Changes to the Personal Information Processing Policy)

This personal information processing policy will be applied from August 17, 2023.
Previous versions of the personal information processing policy can be found below:
Example: Applied from XX.XX.XXXX to XX.XX.XXXX (Click)
Example: Applied from XX.XX.XXXX to XX.XX.XXXX (Click)
Example: Applied from XX.XX.XXXX to XX.XX.XXXX (Click)

 

Article 15 (Google API Services User Data Policy)

Danswer adheres to the Google API Services User Data Policy as outlined in the link below:
Google API Services User Data Policy 
Danswer follows the Limited Use section mentioned in the document:
"The use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements."