Privacy Policy of Body Posture Assessment
Privacy Policy of Body posture assessment
Gymetaverse Company Limited (referred to as the "Company") complies with relevant laws, including the Personal Information Protection Act, and has established a policy for the processing of personal information and sensitive information in accordance with applicable laws to make every effort to protect personal information.
The privacy policy is disclosed through the initial screen of the service to allow users to easily access it at any time. It may change in accordance with relevant laws, guidelines, notifications, and changes in the Company's service policies. Please read the details carefully and proceed with the examination only if you agree.
1. Types and Purposes of Processed Personal Information
The Company collects and processes personal information and sensitive information for the following purposes: business operations, providing and improving products and services, informing users, developing effective advertising, and other purposes specified below.
To provide services to all users, the Company requires the following personal information, and this is collected based on the applicant's consent or legal requirements. The examinee has the right to refuse this consent, but if you refuse the collection and use agreement for essential items, there may be restrictions on service usage.
|
Period of Collection |
Items |
Purposes |
|
During the registration of examinee |
[Required] Name, Date of Birth, Email Address, Phone Number, Gender, Age, Duplicated Registration Confirmation Information (DI) [Additional Required Information for Minors] Legal Guardian’s Name, Legal Guardian’s Email Address, Legal Guardian’s Phone Number, Duplicate Registration Confirmation Information (DI) |
Confirmation of Intention to Join, Service Joining /Modification / Termination, Determining Service Eligibility (e.g. age verification), Confirmation of Duplicate Registrations, Notification of Notices, Operation of Spaces for examinee, Examinee Surveys, Personalized Service Provision, Provision and Notification of Advertising Information and Affiliate Services, Confirmation of Product Delivery Address and Contact Information |
|
During Examinee Measurement |
[Required] Examination Session, Initial examination date, examination result values, examination result images |
Personalized Service Provision |
|
When Participating in Contest Events and Promotion |
[Required] Name, Phone Number, Email Address, Residence, Bank Information (Bank Name, Account Holder’s Name, Account Number) |
Product delivery in case of winning an event or contest |
2. Processing and Retention Period of Personal Information
1. The company retains the personal information of the examinee from the date of their consent until the examinee requests the destruction of personal information. When an examinee requests the destruction of personal information, the company promptly destroys the information in accordance with Article 39-6 of the Personal Information Protection Act or stores it separately. However, information that needs to be retained under related laws is an exception.
ㆍ Retention and Use Period of Personal Information According to Relevant Laws:
1) Important documents and vouchers related to business and operations: Important documents - 10 years / Vouchers - 5 years (Commercial Law)
2) Ledger and documentary evidence related to transactions: 5 years (National Tax Basic Act, Corporate Tax Act, Value-Added Tax Act, etc.)
3) Log records, IP addresses, etc., necessary for providing communication fact confirmation materials: 3 months (Telecommunications Secrecy Protection Act)
4) Records related to display/advertising: 6 months (Act on Consumer Protection in Electronic Commerce, etc.)
5) Records related to contracts or withdrawal of subscriptions: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
6) Records related to payment and supply of goods, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.)
7) Records related to consumer complaints/dispute resolution: 3 years (Act on Consumer Protection in Electronic Commerce, etc.)
8) Records related to the collection/processing and use of credit information: 3 years (Credit Information Use and Protection Act)
9) Records related to self-verification: 6 months (Information and Communications Network Promotion and Information Protection Act)
3. Provision of Personal Information to Third Parties
1. The company processes the personal information of examinee only within the scope specified in Article 1 (Items and Purposes of Processed Personal Information of examinees). Personal information is provided to third parties only when there is consent from the information subject or when there are special provisions in the law.
2. The company provides personal information to third parties only within the scope agreed upon by users.
|
Connected Services |
LIVE4WELL Mobile App Service |
|
Recipient |
Gymetaverse Company Limited |
|
Transferring Personal Information |
Article 1 – [Required] Items to be Collected |
|
Country Being Transferred |
HKSAR |
|
Date and Time of Transfer |
Granted when the user agrees to the third-party provision of personal information |
|
Method |
Online Transmission |
|
Recipient |
Gymetaverse Company Limited |
|
Purpose of Use |
Integration of testing information with the mobile app service |
|
Transferring Personal Information |
Article 1 – [Required] Items to be Collected |
|
Country Being Transferred |
Republic of Korea |
|
Date and Time of Transfer |
Granted when the user agrees to the third-party provision of personal information |
|
Method |
Online Transmission |
|
Recipient |
exbodyCo.,Ltd. |
|
Purpose of Use |
Data analysis |
|
Transferring Personal Information |
Article 1 – [Required] Items to be Collected |
|
Country Being Transferred |
HKSAR |
|
Date and Time of Transfer |
Granted when the user agrees to the third-party provision of personal information |
|
Method |
Online Transmission |
|
Recipient |
Gymetaverse Company Limited |
|
Purpose of Use |
Integration of report information with the mobile app service |
|
Retention and Use Period |
Until the termination of service utilization |
3. The company, as a general principle, does not provide the personal information of examinee to third parties without their prior consent. In cases where it is necessary to share the personal information of examinees with other participants or third parties, the company informs the examinees of the recipient, purpose of provision, items of information provided, and the duration of use and retention, seeking their consent before providing the information. However, exceptions may apply in accordance with relevant laws.
(1) Cases of Third-Party Provision
a. When the examinee has given prior consent for the provision to a third party for the fulfillment of transactions and smooth service provision.
b. When there is a demand from investigative agencies in accordance with the procedures and methods specified by law for law enforcement or investigative purposes.
c. In cases of company division, merger, or transfer of business, and other legitimate reasons.
4. Entrustment of Handling Personal Information
The company may entrust the processing of personal information to other companies or entities to enhance its services. When entrusting the processing of personal information, the company manages and supervises to ensure the safe processing of examinee' personal information and restricts its use for purposes other than intended.
(1) The company will inform examinees in advance when outsourcing the processing of personal information.
(2) When outsourcing the processing of personal information, the company will clearly define and document through outsourcing contracts or other means the service provider's adherence to instructions related to personal information protection, confidentiality of personal information, prohibition of third-party provision, and responsibility in case of incidents.
5. Personal Information Disposal Procedures and Methods
When personal information becomes unnecessary due to the expiration of the retention period or the achievement of the purpose of collection and use, the company promptly disposes of such personal information.
Company’s Personal Information Disposal Procedures and Methods:
(1) Disposal Procedures
a. The company initiates the disposal of personal information with the approval of the person in charge of personal information protection.
b. Information provided by examinees for registration or service application is transferred to a separate database after the purpose is achieved and stored for a certain period (refer to the retention and use period). Afterward, it is disposed of according to internal policies and other relevant laws.
c. The collected personal information is not used for purposes other than the intended purpose unless required by relevant laws.
(2) Disposal Methods
a. Personal information stored in electronic file format is disposed of using technological methods that make it impossible to reproduce records.
b. Personal information printed on paper is shredded using a shredder for disposal.
6. Measures to Ensure the Security of Personal Information
The company has implemented the following measures to ensure the security of examinees’ personal information.
(1) Encryption of Personal Information
Personal information of examinees is protected by passwords, and critical data is further safeguarded through encryption of files and transmitted data or by using file locking features and other security functions.
(2) Technical Solutions against Hacking, etc.
To prevent the leakage or damage of personal information due to hacking, computer viruses, etc., the company installs security programs and regularly updates and checks them.
(3) Access Restrictions to Personal Information Processing Systems
Access to the company's personal information processing systems is restricted to a limited number of designated personnel. These personnel have separate passwords that are periodically changed.
(4) Training of Personnel Handling Personal Information
The company provides regular training to personnel handling personal information to acquire new security technologies and fulfill obligations related to personal information protection.
(5) Access Control for Unauthorized Individuals
The physical storage location of personal information within the personal information processing system is separated, and access control procedures are established and implemented.
7. Notification Obligation
(1) This privacy policy may be subject to changes as necessary, such as modifications due to changes in laws, government policies, or internal company policies. In the event of additions, deletions, or modifications to the content, the company will notify users through the LIVE4WELL website and in-app notification.
For all inquiries related to personal information protection, examinees can contact
Email : [email protected]
