OMNIOUS privacy policy

Omnious Co., Ltd. (hereinafter referred to as "Company") endeavors to comply with the "Telecommunications Confidentiality Protection Act", the "Telecommunications Business Act", the "Information and Communications Network Utilization and Information Protection Act", and the "Personal Information Protection Act" Are doing. The company will establish a privacy policy to inform you of how and for what purpose the company uses personalinformation provided by users and what measures are taken to protect the rights of users.

1. Purpose of collecting and using personal information

Personal information is information about a surviving individual that includes information that can identify a user of the service, including information that can be easily combined with other information, even if that information alonedoes not identify a particular individual. The personal information collected by the company is used for the following purposes.

A. Performance of contracts regarding the provision of services

OMNIOUS processes the images and product information entered by the userto help create an AI service that provides users with better product search, recommendation and analysis. As a result, the recognition results, tag modifications, and searches of the images you enter are used to improve theAI algorithms that handle your searches, recommendations, and analysis.

Membership Managemen

It is used to convey complaints and notices such as identity verification, personal identification, prevention of unauthorized use and unauthorized use, confirmation of duplicate subscription, record keeping for dispute settlement, and complaint handling.

C. Provision of goods

It is used for billing, billing and settlement.

D. Development of new services, provision and marketing of related information, and use in advertising

It is used to develop new services, provide customized services, provide event and advertisement information, provide opportunities for participation,and verify the validity of services.

2. Items of Personal Information Collected and Methods of Collection

A. Items of personal information collected

(1) The Company collects the personal information of the members by presenting the necessary items when registering the membership to the members who agree to the "Terms of Use" at the time of user registration, and collects the personal information of the members, and uses the service of the service Gather the information in ”as follows.

- Account Information: mail Address, Password

- Basic Information: Name, mobile phone number, company phone number, company and department name, job title

- Optional Information: Settings for marketing e-mail, and settings for application service.

- Additional Information: Information on the “Application Form”

(2) The following information may be generated and collected in the process of using the service.

- User status information, user identification ID, IP address, cookie, access log, date and time of visit, service usage record, bad usage record

(3) If payment is inevitably necessary for payment in the course of using the paid service, payment related information may be collected

- Credit card payments: card name, card number, etc.

- Bank account transfer: bank name, account number, etc.

- Mobile phone payment: subscriber name, mobile phone number, payment approval number, etc.

B. How personal information is collected

The company collects personal information in the following ways.

- Collect personal information such as e-mail with the consent of members

- Collection through voluntary provision of members and users while using the service

3. Sharing and Provision of Personal Information

The Company shall use the personal information of users within the scope as stated in the "Purpose of collection and use of personal information", and shall not use the user's personal information beyond the scope without the prior consent of the user or in principle disclose the user's personal information to the outside. However, in the following cases, you can use and provide personal information with caution.

A. If the users have agreed to the disclosure in advance: Prior to the collection or provision of the information, they will be informed and asked forconsent of the business partner and how and when they will be protected / managed. We do not collect information or share it with business partners.

B. We share users’ information to our business partners if users have agreed. It is used for authentication of the users, billing and payment

C. In accordance with the provisions of the law or for the purpose of investigation, according to the procedures and methods prescribed by the law

D. After completing the non-identification measures and adequacy evaluation in accordance with the `` Personal Information Non-Identification Measures Guidelines '' jointly announced by the Ministry of State Coordination Office, the Ministry of Government Administration and Home Affairs, the Korea Communications Commission, the Korea Finance Commission, the Ministry of Science and ICT and the Ministry of Health and Welfare on June 30, 2016. If determined to be non-identifying information

4. Retention and Use Period of Personal Information

Your personal information will be retained for as long as you use the service. In principle, when the purpose of collecting and using personal information isachieved, the company's relevant system will be deleted and destroyed without delay. However, the following information will be kept for the specified period for the following reasons.

A. Reasons for information retention by company internal policy

fraudulent / bad usage record

- Reason for preservation: prevention of illegal / bad use and rejoining of illegal / bad user

- Retention period: 1 year

Service usage record

- Reason for Preservation: Improved AI image recognition, search, and recommendation algorithm

- Retention period: 5 years

B. Reasons for Information Retention According to Related Laws

If it is necessary to preserve the information under the relevant laws, such asthe Consumer Protection Act in the Commercial Law, Electronic Commerce, etc., the Company keeps the member information for a certain period of time. In this case, the Company uses the information kept only for the purpose of keeping it, and the retention period is as follows.

Member Information Retention

- Reason for retention: Prevention of confusion in service use, dispute resolution, and cooperation at the request of the investigating agency

- Retention period: 1 year

Records of contracts or withdrawals

- Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc.

- Retention period: 5 years

Record of payment and supply of goods, etc.

- Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc.

- Retention period: 5 years

Records of consumer complaints or disputes

- Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc.

- Retention period: 3 years

Record of visit

- Reason for preservation: Protection of Communications Secrets Act

- Retention period: 3 months

C. Processing of Inactive Accounts

In accordance with Article 29 (2) of the Act on the Promotion of Information and Communication Network Use and Article 16 of the Enforcement Decree of the Act, the Company shall promote the use of the Information and Communication Network in connection with the processing of personal information of dormant users who have not used the "OMNIOUS " site for oneyear. Comply with other laws related to data protection. However, if the retention period is notified in advance and the retention period has not elapsed, and if consent is obtained individually, the retention period will be retained for the agreed period.

5. Reading, Correction and Deletion of Personal Information

Members can view, modify or change their personal information at any time through the "member login" on the company's "OMNIOUS" site. In addition, you may request to modify or change the above personal information individually by email or by phone.

6. Destruction procedure and method of personal information

In principle, the user's personal information is destroyed without delay when the purpose of collecting and using the personal information is achieved. Thecompany's personal information destruction procedures and methods are as follows.

A. Destruction procedure

- The information entered by the user for membership registration is transferred to a separate DB (separate documents in case of paper) after thepurpose is achieved (according to the retention and use period) according to the internal policy and other relevant laws and regulations. It is stored for a period of time and then destroyed.

- The personal information will not be used for any purpose other than retention unless required by law.

- Exit and delete apps no longer use camera, voice, and audio activity permissions.

- We will not collect or process any information that can identify you using your camera, voice, and audio activity rights.

B. Digging method

- Personal information printed on paper is shredded or destroyed by incineration.

- Personal information stored in the form of electronic files will be deleted using a technical method that cannot reproduce the record.

7. Technical / Administrative Protection of Personal Information

The Company takes the following technical and managerial measures to ensure safety so that personal information is not lost, stolen, leaked, tampered with or damaged in the handling of users' personal information.

A. Countermeasures against hacking

The Company is doing its best to prevent member's personal information from being leaked or damaged by hacking or computer viruses. In order to prevent the loss of personal information, we back up the data from time to time, and use the latest antivirus program to prevent users' personal information or data from being leaked or damaged, and to securely transmit personal information on the network through encrypted communication. Doing. In addition, we use intrusion prevention system to control unauthorized access from the outside, and we try to equip all possible technical devices to secure security systematically.

B. Minimization and training of handling staff

The company's personal information-related employees are limited to the person in charge, and a separate password is given to them to update them regularly. We always emphasize the compliance with the OMNIOUS privacy policy through the occasional training of the person in charge.

8. Use and Use of Cookies

The Company uses 'cookies' to store and find information about users. A cookie is a small amount of information that a website sends to your computer's web browser. Cookies identify your computer but do not personally identify you. You also have the choice of cookies, and you can change your web browser's settings to accept all cookies, send you notifications when cookies are installed, or reject all cookies.

You have the option to install cookies. As a result, you can set options in yourweb browser to allow all cookies, check each time a cookie is stored, or refuse to store all cookies. However, if you refuse to store cookies, some services that require login may be difficult to use. Here's how to specify whether cookies are allowed (in Internet Explorer): ① Select [Internet Options] from the [Tools] menu. ② Click the [Personal Information Tab]. ③ Youcan set the [Personal information handling level].

9. Special rules for children under 14

The company obtains the consent of the legal representative when collectingpersonal information of children under 14 years old. Legal representatives of children under the age of 14 may request to view, correct, or withdraw their consent, and the Company will take the necessary measures without delay.

10. Business transfer, merger, etc.

If the company's rights or obligations are transferred due to business transferor merger, we will inform the user and member of the facts and the name of the person who inherited the obligation through the individual e-mail or notice on the website for more than 30 days.

11. Rights of Users and Legal Representatives and How to Exercise Them

The Company processes personal information that has been terminated or deleted at the request of a user or a legal representative as described in "Period of Retention and Use of Personal Information Collected by the Company," and shall not be viewed or used for any other purpose.

12. Contact Information of Personal Information Manager

You can report any privacy complaints arising from the use of the Company's services to the personal information manager or the department in charge. The company will promptly and fully respond to the report of users.

Name: Jae Young Jeon / Position: CEO

Phone: 02-543-7762

Mail: support@omnious.com

If you need to report or consult about other personal information infringement, please contact the following organizations.

Personal Information Infringement Report Center (https://privacy.kisa.or.kr / 118)

Supreme Prosecutors' Office Advanced Crime Investigation Division (http://www.spo.go.kr / 1301)

National Police Agency Cyber Terror Response Center (www.ctrc.go.kr / 02-392-0330)

13. Duty of notification

If there are any additions, deletions, or modifications to the current privacy policy, we will notify you via the "Notice" screen within the service at least seven days prior to the effective date.

14. Addendum

This Privacy Policy is effective from August 01, 2019.