DrawingMate (hereinafter referred to as the "App") complies with the relevant laws and regulations on personal information protection that information and communication service providers must comply with, including the Act on Promotion of Information and Communication Network Utilization and Information Protection, the Personal Information Protection Act, the Act on the Protection of Communications Secrets, the Telecommunications Business Act, and others. The Company is committed to protecting the rights of users by establishing this Privacy Policy in accordance with the relevant laws and regulations.
1. Items and Methods of Collecting Personal Information
a. Items of Personal Information Collected
The Company collects the following personal information when using the App service in order to provide smooth services:
Required: Encrypted device identifier and token for PUSH service, email used for login, password used for login.
Log Analysis: Visit time, service usage records, etc. through Google Analytics and Firebase.
b. Methods of Collecting Personal Information
The Company collects personal information through the following methods:
Collection during execution or use of the App program.
Provision from partner companies (Google Analytics, Firebase)
2. Purpose of Collecting and Using Personal Information
The Company uses the collected personal information for the following purposes:
a. Provision of App Service
Providing content to users, analyzing user activities and errors in the App used.
b. Development and Utilization of New Services, Marketing, and Advertising
Development of new services and provision of customized services, provision of services and placement of advertisements based on statistical characteristics, confirmation of service validity, providing opportunities to participate in events or providing promotional information, tracking access frequency, and statistics on user service usage.
3. Provision and Sharing of Personal Information
The Company, as a general rule, uses users' personal information within the scope notified in "2. Purpose of Collecting and Using Personal Information."
Except for the purposes mentioned above, the Company will not use it beyond the scope notified in "2. Purpose of Collecting and Using Personal Information" without the prior consent of the user, and, as a general rule, will not disclose the user's personal information to the outside. However, the following cases are exceptions:
When the user has consented in advance.
When required by law or when requested by investigative authorities according to the procedures and methods stipulated in the law for investigative purposes.
4. Retention and Use Period of Personal Information
The personal information specified in paragraph 1 is collected, and content is immediately deleted upon the user's request for deletion or withdrawal. However, if it is necessary to retain it according to the provisions of relevant laws and regulations, the Company shall store member information (including content) for the period stipulated in relevant laws and regulations.
5. Procedure and Method for Destruction of Personal Information
In principle, users' personal information is destroyed without delay once the purpose of collecting and using personal information is achieved. The Company's procedure and method for destroying personal information are as follows:
a. Destruction Procedure
Information entered by users to use the service is transferred to a separate DB (or a separate file cabinet in case of paper) after the time has elapsed, and is stored for a certain period according to internal policies and other relevant laws and regulations regarding information protection (refer to retention and use period) and then destroyed.
This personal information will not be used for any other purpose other than retention except in cases stipulated by law.
b. Destruction Method
Personal information printed on paper is destroyed by shredding or incineration.
Personal information stored in electronic file format is deleted using a technical method that cannot restore the record.
6. Rights of Users and Legal Representatives and How to Exercise Them
Users may view their registered personal information (including content) at any time, and if they do not agree to the Company's processing of personal information, they can refuse to use the service or request content deletion. However, in such cases, the Company will process the content after its own review to judge the timeliness of the content.
If you contact the personal information manager by email, we will take immediate action.
If a user requests correction of errors in personal information, the Company will not use or provide the personal information until the correction is completed. If the incorrect personal information has already been provided to a third party, we will notify the third party without delay of the correction processing result so that the correction can be made.
The Company processes personal information that has been deleted or terminated at the request of the user in accordance with the provisions of "4. Retention and Use Period of Personal Information," and it is processed so that it cannot be accessed or used for other purposes.
7. Technical and Administrative Measures for Personal Information Protection
The Company takes the following technical and administrative measures to ensure the security of personal information, preventing loss, theft, leakage, alteration, or damage of personal information when handling users' personal information.
a. Storage and Management of Personal Information
The Company stores and manages personal information safely in accordance with relevant laws and regulations or internal policies.
b. Measures Against Hacking, etc.
The Company makes every effort to prevent leakage or damage of members' personal information due to hacking, computer viruses, etc.
To prevent damage to personal information, the Company backs up data frequently and uses the latest antivirus programs to prevent leakage or damage to users' personal information or data, and uses encrypted communications, etc. to ensure secure transmission of personal information over the network.
The Company also uses intrusion prevention systems to control unauthorized access from the outside and is striving to equip itself with all possible technical devices to ensure system security.
c. Minimizing and Training of Handling Staff
The Company limits its personal information handling staff to those in charge and assigns a separate password to them, which is periodically renewed. The Company also emphasizes compliance with the Company's privacy policy through regular training for those in charge.
d. Operation of a Personal Information Protection Dedicated Organization
The Company also makes every effort to immediately correct any problems found by checking the implementation status of the privacy policy and compliance of those in charge through internal personal information protection dedicated organizations, etc.
However, the Company shall not be responsible for any problems that arise due to negligence on the part of the user or issues on the internet that lead to leakage of personal information.
8. Contact Information for Personal Information Manager and Those in Charge
You can report all personal information protection-related grievances that arise while using the Company's services to the personal information manager or the department in charge.
The Company will promptly provide sufficient answers to users' reports.
Contact Information for Personal Information Management
Email: msbae2010@gmail.com
If you need to report or consult about other personal information violations, please contact the following organizations:
Personal Information Violation Report Center (http://www.118.or.kr / 118 without area code)
Supreme Prosecutors' Office Cybercrime Investigation Unit (http://www.spo.go.kr / 02-3480-2000)
National Police Agency Cyber Terror Response Center (http://www.ctrc.go.kr / 1566-0112)
9. Others
Please be advised that this "Privacy Policy" does not apply to the collection of personal information by websites linked within the App service.
10. Notice Obligation
If there are any additions, deletions, or modifications to the current Privacy Policy, the Company will notify you through the Company's website, "Notice" within the service, or other easy-to-understand methods at least 7 days in advance of the revision. However, if there are major changes to user rights, such as the collection and use of personal information, provision to third parties, etc., the Company will notify you at least 30 days in advance.
Supplementary Provisions
This Privacy Policy shall come into effect on May 1, 2025.