SpaceONE Service Privacy Policy
Dec 27, 2024
MEGAZONE CLOUD Corp.(hereinafter the "company") collects and uses personal information for providing the SpaceONE service based on the consent of users. The Company complies with all relevant Korea laws and privacy protection regulations that apply to telecommunications service providers and establishes its own privacy protection policies in accordance with the relevant laws to better protect the rights and interests of users.
Article 1 (Purpose of Processing of Personal Information)
The company processes users' personal data for the following purposes. The personal data being processed will not be used for any purposes other than the ones stated below. If the purpose of use is changed, the company will take the necessary measures, such as obtaining separate consent.
1. Purpose of Collecting and Using Personal Information
Article 2 (Personal Information to be Collected)
The company collects and uses personal data to the minimum extent necessary for the provision of services.
1. Personal information collected in SpaceONE service portal website(spaceone.megazone.io)
2. Personal information collected in SpaceONE service console
3. Information automatically collected during service use
4. The Company does not collect the personal information of the children under the age of 14 who require the consent of a legal representative.
Article 3 (Retention and Usage Period of Personal Information)
In principle, users' personal information is retained until three months after the contract ends. However, when it is necessary to retain it for the following reasons, the personal information is kept for a certain period set below.
1. Reasons for personal information retention due to service internal policies
2. Reasons for personal information retention due to applicable laws and regulations
Article 4 (Outsourcing of Personal Data Processing)
The company outsources certain tasks related to service provision to external vendors. In accordance with the Personal Information Protection Act, the company establishes necessary provisions to ensure that the outsourced vendors process personal data securely and conducts regular management and supervision.
Article 5 (Provision of Personal Information to third-party)
The company does not provide personal data without the user's consent in principle. However, personal data may be provided in the following cases: when the user has consented to the provision of personal data for the use of services by external affiliates, in accordance with the Personal Information Protection Act and related laws, or when required by special provisions in law, or when it is deemed necessary for the urgent protection of the life or body of the user or a third party.
Article 6 (Transfer of Personal Data Overseas)
If you refuse the overseas transfer, you can proceed with account deletion through the SpaceONE Service Operations Team (1644-2243/spaceone-support@megazone.com).
Article 7 (Personal Information Destruction)
The company will promptly destroy personal data when it is no longer needed due to the expiration of the retention period, achievement of the processing purpose, or other reasons.
1. If the retention period for personal data agreed upon by the user has expired or the processing purpose has been achieved, but the personal data must be retained in accordance with other laws or regulations, the data will be transferred to a separate database (DB) or stored in another location.
2. The procedure and method for the destruction of personal data are as follows:
1) Destruction Procedure: When the retention period for personal data has expired, the processing purpose has been achieved, or another reason for destruction arises, the relevant personal data will be selected and destroyed after approval from the Personal Data Protection Officer or through automatic deletion in the system.
2) Destruction Method: Personal data stored in electronic files will be destroyed in a manner that makes it impossible to recover the records. Personal data stored on paper will be shredded or incinerated for destruction.
Article 8 (Measures to Ensure Safety of Personal Information)
The Company takes the following measures to ensure the safety of personal information.
1. Managerial measures : establishment and implementation of internal management plans, regular employee training, etc.
2. Technical measures : control on the access to the personal information processing system, etc., installation of an access prohibition system, encryption of personally identifiable information and installation of antivirus software
3. Physical measures : prohibition on the access to the computer room, data storage room, etc.
Article 9 (Installation, Operation, and Rejection of Automatic Collecting Device of Personal Information)
① The Company uses "cookies" that save and frequently retrieve Customer information to provide personalized and customized services.
② Cookies are small text files sent to the Customer's browser by the server(http) that hosts the Company website, and they are stored in the hard disk of the Customer's computer.
1. Purpose of Cookies : The cookies are used to provide optimized information to users by identifying patterns in relation to their use of the website and its services, use of secure connections, etc.
2. Installation/operation and rejection of cookies : Users may reject enabling cookies by clicking on Tools > Internet Option > Privacy Option, located on the top of the browser. Users who reject enabling cookies may have difficulties using tailored services.
3. How to specify whether or not to accept cookies
1) Chrome: Settings menu at the top right side of the web browser > Show Advanced Settings at the bottom of the screen > Content Settings in Privacy > Cookies
2) Safari: choose Safari > Preferences, click Privacy, then manage cookies and website data
3) Microsoft Edge : Settings menu > Click Site permissions > Cookies and site data
4. The Company utilizes Google Analytics, a service provided by Google LLC. (“Google”), to analyze visitors’ use of the website. Information generated via Google Analytics is subject to the privacy policy of Google, and is transferred to and retained in Google’s servers located in the US. Google, on behalf of the Company, processes the information to evaluate user activity within the website. It generates reports on such activity and provides other services in relation to use of the Internet. While users may reject the collection of cookies for the aforementioned purpose by changing their browser settings, in such a case, they may not be able to fully utilize the functions provided by the website. Users may opt-out of having information on their site activity (such as IP addresses) collected and processed by installing the following browser add-on from tools.google.com/dlpage/gaoptout.
- For more information on Google’s privacy policy, please visit here.
Article 10 (Personal Information Protection Manager)
The company is responsible for overseeing all tasks related to personal data processing and has designated a Personal Data Protection Officer to handle user complaints and provide remedies related to personal data processing. The company has taken the following measures to ensure the security of personal data:
1. Personal Data Protection Officer and Responsible Department
Article 11 (Rights and Duties of Users and Legal Representatives, and How to Exercise Them)
① Users may exercise the following rights related to personal data protection at any time by submitting a request to the relevant department listed below for personal data access, correction, deletion, or suspension of processing:
1. Request for access to personal data
2. Request for correction in case of errors
3. Request for deletion
4. Request for suspension of processing
② If a user requests correction or deletion of personal data due to errors, the company will not use or provide the personal data until the correction or deletion is completed.
③ The rights listed in paragraph 1 may also be exercised through a legal representative or an authorized agent. In such cases, a power of attorney in the form specified in Appendix 11 of the Personal Data Processing Guidelines (Notice No. 2020-7) must be submitted.
④ If there are special provisions in law, requests for access to personal data and suspension of processing may be denied in accordance with such provisions.
⑤ If personal data is specified as a target for collection under other laws or regulations, requests for deletion of that data may not be granted.
⑥ The company will verify whether the individual making a request for access, correction, deletion, or suspension of processing is the user or an authorized representative.
Article 12 (Department Responsible for Personal Data Access Requests and Related Matters)
Users may request access to, correction, deletion, or suspension of processing of their personal data in accordance with the Personal Information Protection Act by contacting the department listed below. The company will make efforts to promptly process users' exercise of their rights.
Article 13 (Remedies for Infringement of User Rights)
If you need to report or consult regarding a privacy breach, please contact the following organizations.
Article 14 (Links to Third Party Site)
The company may provide links to other companies' websites or materials. In this case, the company does not have control over external sites and materials, and therefore cannot be held responsible for or guarantee the usefulness of the services or materials provided through those external sites. Therefore, when you click on a link included by the company and are redirected to another site, please verify the reliability of that site. The Privacy Policy of the site you visit is unrelated to the company, so we recommend that you review the policy of the newly visited site.
Article 15 (Obligation to Notify Prior to Amendment)
The Privacy Policy will be updated without delay through the website in case of any additions, deletions, or corrections due to changes in applicable laws and policies. You can check the previous version of the Privacy Policy by clicking the link below.
This Privacy Policy v.1.6 takes effect from 2024.12.27.
View previous personal information processing policy v.1.1 (2022.07.01).
View previous personal information processing policy v.1.2 (2022.07.25).
View previous personal information processing policy v.1.3 (2022.08.26).
View previous personal information processing policy v.1.4 (2022.12.30).
View previous personal information processing policy v.1.5 (2024.01.18).
