Lablup Privacy Policy

Lablup Inc. (the “Company”) complies with the data privacy regulations under the Act on Promotion of Information and Communications Network Utilization and Information Protection, Personal Information Protection Act, Protection of Communications Secrets Act, Telecommunications Business Act, and relevant laws and regulations that apply to information and communications service providers. The Company is committed to protecting the interests of its users by establishing this Privacy Policy in accordance with relevant laws and regulations. This Privacy Policy applies to users of the services provided by the Company that reside outside of the Republic of Korea according to the terms below.

Article 1 Items of Personal Information Collected and Methods of Collection

Section 1 (Items of Personal Information Collected)

  1. The Company collects the following minimal information necessary for the purposes of membership registration, efficient user consultation, and the provision of various other services.
    1. Membership registration
      • Name, Email, Password
    2. Registration of payment method
      • Phone number, address, employer, date of birth (in the case of a legal entity, business registration number), credit card number and expiration date
  2. The following information may be automatically generated or collected during your use of the services or the provision of the services to you.
    • IP Address, Cookies, access log, date and time of visits, service use records and service use materials (program code, etc.), misuse records, and payment records

Section 2 (Methods of Collection)

  1. The Company collects user personal information according to the following methods.
    1. Collection through the homepage
    2. Collection through generated information collection tools
    3. Collection of personal information from third parties that the user has consented to be disclosed (however, this is limited to logging into the homepage through the third-party service)

Article 2 Purpose of Collection and Use of Personal Information

Section 3 (Performance of Contracts to Provide Services and Settlement of Payment for Services)

The Company collects user personal information for the purpose of providing contents; providing customized services; delivery of products, invoices or other materials; identification and authentication; settlement of purchases and payments; collection of payments; and other services.

Section 4 (Member Management)

The Company also collects user personal information for the purposes of membership management, including identification and authentication of users for the use of membership services and its authentication system, prevention of misuse by bad members and unauthorized persons, confirmation of membership, identification and authentication of legal representative, retention of records for dispute resolution, processing of complaints, and delivery of notices.

Section 5 (Development of New Services and Use for Marketing and Advertising)

The Company also collects user personal information for the purposes of development of new and customized services and for marketing and advertising, including providing new services and customized services, provision of services according to statistical characteristics and publication of advertisements, confirmation of service availability, provision of information regarding events and advertisements, determining access frequency, and statistics regarding members’ use of the services.

Article 3 Personal Information Provision and Entrustment of Processing

Section 6 (Provision of Personal Information)

The Company will use personal information within the scope set forth in Article 2 and will, in principal, not use or disclose to third parties such personal information outside of such scope without the prior consent of the user, except in any of the following cases.

  1. If the user gives prior consent
  2. If use or disclosure is required by law or requested by an investigative agency pursuant to the applicable legal procedures for the purposes of investigations

Section 7 (Entrustment of Personal Information Processing)

  1. To improve its services, the Company entrusts the processing of personal information as follows and the contract for such entrustment includes the necessary terms for the secure management of personal information.
  2. Below are the details of the entities entrusted with the processing of personal information and the processing work entrusted to such entities.
Entrusted EntitiesEntrusted WorkUse and Retention Period
PayPalPayment processingUntil termination of membership or the termination of the entrustment agreement

Article 4 Personal Information Retention and Use Period

In principle, personal information is destroyed without delay when the purpose of collecting and using personal information is achieved. However, certain personal information may be retained for the retention period stated below under the following circumstances.

Section 8 (Company Policy for Retention Personal Information)

Information RetainedReason for RetentionRetention Period
Record of misusePrevention of misuse1 year
Contents of questions/cooperation (if separate consent of user is obtained)Processing of user consultation6 months

Section 9 (Laws Requiring Information Retention)

Member information is retained if required to be retained under the Commercial Act, the Act on the Consumer Protection in Electronic Commerce, etc., or other relevant laws. The following are examples where relevant laws require the retention of information.

Information RetainedRelevant LawsRetention Period
Records regarding contracts or subscription withdrawalAct on the Consumer Protection in Electronic Commerce, Etc.5 years
Records regarding payment and supply of goods and servicesAct on the Consumer Protection in Electronic Commerce, Etc.5 years
Records regarding consumer complaints or dispute resolutionAct on the Consumer Protection in Electronic Commerce, Etc.3 years
Records regarding labeling and advertisingAct on the Consumer Protection in Electronic Commerce, Etc.6 months
Books and records for transactions as required by tax lawsFramework Act on National Taxes, Corporate Tax Act5 years
Records regarding electronic financial transactionsElectronic Financial Transactions Act5 years
Log-in recordsProtection of Communications Secrets Act3 months

Article 5 Destruction of Personal Information

In principle, personal information is destroyed without delay when the purpose of collecting and using personal information is achieved. The destruction procedure are methods are as follows.

Section 10 (Destruction Procedure)

  1. Once the purpose of retaining the user’s information is achieved, the information is transferred to a separate database (if on paper, then a separate filing cabinet) and will be retained for the period of time pursuant to Company policy and applicable law (see Article 4 Personal Information Retention and Use Period) and afterwards will be deleted.
  2. Unless otherwise required by applicable law, the personal information will not be used for any purpose other than the purpose such information is retained.

Section 11 (Destruction Method)

  1. Personal information recorded and stored on paper will be destroyed by shredding.
  2. Personal information stored in electronic file format will be destroyed by using technical methods so that such information cannot be restored.

Article 6 Rights of Users and Legal Representatives

Section 12 (Rights and Exercising of Rights)

  1. A user and its legal representative may request to view or edit his/her registered personal information or withdraw his/her membership at any time.
  2. A user can view or edit his/her registered personal information or withdraw his/her subscription (or consent) after undergoing the authentication procedures in the Company homepage.
  3. A user may exercise his/her rights by contacting the Company’s Chief Privacy Officer or Personal Information Manager through mail, phone, or email.
  4. If a user requests that erroneous personal information be corrected, the Company will not use or provide such information to third parties until such information is corrected. If incorrect personal information has already been provided to third parties, the Company will contact the third party immediately to correct such information.
  5. Processing membership termination or deletion of personal information as requested by a user or his/her legal representative will be done in accordance with Article 4 and will not be accessed or used for any other purpose.

Article 7 Installation/Operation and Refusal of Operation of Automatic Personal Information Collection Tools

Section 13 (Cookies)

  1. The Company uses cookies in order to provide customized services to its users.
  2. Cookies are small text files utilized by the website server which are sent to a user’s web browser when using the mobile Service, which is stored on a user’s computer hard drive. Afterwards, when a user visits the website, the server reads the cookies stored on his/her hard drive to maintain the user’s settings and are utilized to provide customized services to the user.
  3. Cookies are not personally identifiable information that is automatically/actively stored, and the user may at any time refuse the installation of cookies or delete such cookies.

Article 14 (Purpose of Cookies)

Cookies are used to determine visits and uses of the services and the website, popular search words, and the scale of users to provide users with optimized and customized information, including advertisements.

Article 15 (Installation/Operation of Cookies and Refusing Cookies)

  1. Users have the option to accept or reject the installation of cookies. Users can access the settings in their browser regarding the installation of cookies to accept all cookies, to obtain user confirmation each time a cookie is saved, or reject all cookies.
  2. However, the Company’s provision of services requiring the user to login may be limited if the user opts to reject cookies.

Article 8 Technical and Managerial Measures to Protect Personal Information

The Company takes strong technical and managerial measures to secure user personal information and prevent such information from being lost, stolen, leaked, falsified, or damaged, as follows.

Section 16 (Planning and Implementation of Internal Management)

The Company established and implements a plan for the internal management of personal information for the secure processing of personal information.

Section 17 (Password Encryption)

Member passwords are encrypted, stored and maintained and only members that know their password can confirm or modify their personal information.

Section 18 (Hacking Prevention)

The Company uses best efforts to prevent the leakage or loss of its members’ personal information due to hacking or computer viruses. In case of loss of personal information, the Company stores back up data and uses the latest vaccine programs to prevent the leakage or loss of personal information. The Company also utilizes encrypted communication channels for the secure transfer of personal information. The Company also utilizes firewalls that will prevent unauthorized access and is committed to using all technological equipment possible for the security of its systems.

Section 19 (Retention of Access Records and Other Countermeasures to Infringement)

The Company uses best efforts to prevent infringement of personal information. In order to prevent infringement of personal information, the Company stores and manages access records for a period of at least 6 months that includes technical measures to make the record immutable and to prevent fraudulent entries.

Section 20 (Minimizing and Training Employees Handling Personal Information)

The Company keeps employees that handle personal information to a minimum and provides them with separate passwords that are renewed on a regular basis. The Company continuously emphasizes compliance with the Privacy Policy in its regular training of such employees.

Section 21 (Operation of a Personal Information Protection)

The Company operates a Personal Information Protection Department that checks whether the Company and its employees are in compliance with this Privacy Policy and upon discovering any issues seeks to resolve such issues immediately. However, if the Company fulfilled all its personal information protection obligations, the Company shall not be liable for any losses arising from a user’s negligence, incidents not under the Company’s control, or any other event not resulting from the Company’s fault.

Article 9 Miscellaneous

Section 22 (Chief Privacy Officer and Personal Information Manager)

You can refer any questions, complaints, or requests for relief regarding personal information to the Chief Privacy Officer or Personal Information Protection Department. The Company will use best efforts to swiftly provide a satisfactory response.

TitleChief Privacy OfficerTitlePersonal Information Manager
NameJeongkyu ShinNameJungseung Yang
CompanyLablup Inc.CompanyLablup Inc.
Phone(82) 070-8200-2587Phone(82) 070-8200-2587
Emailcontact@lablup.comEmailjsyang@lablup.com

Section 23 (Exceptions)

Please note that this Privacy Policy does not apply to the collection of personal information by websites with their links provided in the Company’s internet service.

Section 24 (Notice Obligation)

Any additions, deletions, or revisions to this Privacy Policy will be notified to users at least 7 days in advance on the Company’s homepage. However, any changes that substantially affect user rights under this Privacy Policy, such as the use and collection of personal information or provision of personal information to third parties, will be notified to users at least 30 days in advance.

Addendum

This Privacy Policy will be effective as of AUG. 16th, 2019.

We're here for you!

Complete the form and we'll be in touch soon

Contact Us

Headquarter & HPC Lab

Namyoung Bldg. 4F/5F, 34, Seolleung-ro 100-gil, Gangnam-gu, Seoul, Republic of Korea

© Lablup Inc. All rights reserved.