SpaceONE Privacy Policy


Effective date: 2024-01-18

The translation below is provided for your convenience only. If there is any discrepancy between the translation in English and the original Korean text (including due to the delay in translation), the original Korean text takes precedence.

MEGAZONE CLOUD Corp.(hereinafter the ”Company”) collects, uses, and provides personal information based on the user's 'consent' for the SpaceONE service, and 'actively guarantees the rights of users (the right to self-determination of personal information)'.
The Company complies with the relevant laws and regulations of the Republic of Korea and personal information protection regulations and guidelines that must be observed by information and communication service providers.

Article 1 (Purposes of Processing of Personal Information)

The Company shall use collected personal information for the following purposes. Purposes for collecting and using Personal Information and shall not exceed the following scope. If the purpose of collection and use is changed, separate consent is required in accordance with Article 18 of the Personal Information Protection Act.

1. Purpose of Collecting and Using Personal Information
TypeProcessing Purpose
User ManagementUser Identification, Service Provision, Delivery of Notices
Demo request and sales inquiriesProviding Demos, Handling Product Descriptions and Purchase Inquiries, Customer Support and Grievance Resolution
Promotion and Marketing
(Including Subscriptions)
Introducing New Products, Event Notifications (via Email, Phone, or Text Alerts), Sending Newsletters and Managing Subscriptions, Confirming Participation in Events and Informing Winners

Article 2 (Types of Personal Information Collected)

The company collects and processes the following personal information. In cases where the user's personal information is collected, we will ensure to inform the user in advance and obtain their consent.

1. Types of Personal Information Collected through the SpaceONE Service Portal Website (spaceone.megazone.io)
PurposeInformation collectedCollected timeCollection methods
User ManagementRequiredEmail, NameAt the time of service use application and domain creation⋅ Collected at the time of the user's service application and contract, reflected in the creation of a domain and the creation of an administrator account ⋅ Collection of information modified by the user directly on their account via the console page
Demo request and sales inquiriesRequiredName, Email, Mobile Phone Number, Company name, CountryAt the time of registering a demo request within the service portal⋅ Information entered directly by the customer at the time of application registration
For newsletter subscription, marketing, advertising, and event utilizationRequiredEmailWhen consent for promotional and marketing utilization is given⋅ Collection of information entered by the customer upon registration, if they agree to the collection and use of personal information for promotional and marketing purposes
2. Types of Personal Information Collected through the SpaceONE Service Console
PurposeInformation collectedCollected timeCollection methods
Notification and GuidanceRequiredEmailWhen entering and modifying user information within the console⋅ Collection of information entered directly by the user on their account via the console page
OptionalMobile Phone Number
Providing notification servicesOptionalEmail, Mobile Phone NumberWhen user information is entered or modified within the console⋅ Collection of contact information entered directly by the user on the notification channel registration page or My Page
3. Information Automatically Collected During Service Use
PurposeInformation collectedCollected timeCollection methods
Automatically Generated InformationIP Address, Cookies, Service Usage Records, Visit Records, Misuse Records, etc.Automatically generated during service useCollected through automatic data collection devices
4. The company does not collect personal information from children under the age of 14.

Article 3 (Period of Processing and Retention of Personal Information)

The company processes and retains personal information within the period of retention and use of personal information as stipulated by law or as agreed upon by the user at the time of collection.

1. Retention and Usage Period of Personal Information for SpaceONE Service
PurposeDuration of Use (Retention Period)
Member Management and Service ApplicationUntil the end of the contract
Demo Requests and Implementation ConsultationsUntil the end of the demo period (2 weeks).
Promotion and Marketing (Including Subscription Applications)For 1 year from the date of collection
2. Preservation of Records as Required by Law for the Provision of Goods or Services
PurposeRelevant LawDuration of Use (Retention Period)
Records related to contracts or withdrawal of subscriptionsAct on the Consumer Protection in Electronic Commerce, Etc5 years
Records related to payment and supply of goods, etc5 years
Consumer complaint or dispute resolution records3 years
Records related to display and advertising6 months
Books and documents for all transactions as prescribed by tax lawsNational Tax Basic Law5 years
Records related to electronic financial transactionsElectronic Financial Transactions Act5 years
Records of visitsProtection of Communications Secrets Act3 months

Article 4 (Outsourcing of Personal Information Processing)

The company outsources part of its services to external vendors. In accordance with the Personal Information Protection Act, the company stipulates necessary measures to ensure that these outsourced vendors process personal information securely and conducts regular management and supervision.
Trustee CompanyContent of Outsourced Work
Amazon Web Services, Inc.Data storage and infrastructure management
MongoDB, Inc.Data storage and infrastructure management
Megazone(Corp)Providing notification services based on Megazone Message Service
StibeeNotice email sending, newsletter email sending, and subscription management.

Article 5 (Provision of Personal Information to Third Parties)

The company, as a principle, does not provide personal information without the user's consent.
However, personal information may be provided in cases where the user has consented to the provision of personal information for the use of services by external affiliate companies, in accordance with the Personal Information Protection Act and related laws, or under special provisions of the law, or when it is clearly necessary for the urgent protection of life or body of the user or a third party.

Article 6 (Transfer of Personal Information Overseas)

Company to which information will be transferredContact InformationPurpose of TransferItems Being TransferredCountry to Which Information is TransferredDate and Method of TransferDuration of Personal Information Use
Google LLC.Google LLC Privacy Team googlekrsupport@google.comEvent, Application, SurveyEmail, Mobile Phone NumberUnited StatesAt the time of consultation applicationUntil the end of the outsourced work

Article 7 (Destruction of Personal Information)

The company will promptly destroy personal information when it becomes unnecessary, such as upon the expiration of the personal information retention period or upon achieving the purpose of processing.

1. If the retention period of personal information consented to by the user has expired or the purpose of processing has been achieved, yet the information must continue to be retained under other laws, the company will transfer such personal information to a separate database (DB) or store it in a different location.

2. The procedure and method of personal information destruction are as follows:

1) Destruction Procedure: The personal information destruction procedure involves selecting personal information for which a reason for destruction has occurred, such as the expiration of the retention period or achievement of processing purpose, and then destroying it either by automatic deletion through the system or with the approval of the personal information protection officer.
2) Method of Destruction: Personal information recorded and stored in electronic file format is destroyed in a way that makes the records unrecoverable. Personal information recorded and stored on paper is shredded or incinerated for destruction.

Article 8 (Measures to Ensure the Security of Personal Information)

The company takes the following measures to ensure the security of personal information:

1. Administrative Measures: Establishment and implementation of an internal management plan, regular employee training, etc

2. Technical Measures: Management of access rights to personal information processing systems, measures to preserve connection records and prevent their forgery or alteration, installation of access control systems, encryption of personal information, installation of security programs, etc

3. Physical Measures: Access control for computer rooms, document storage rooms, etc

Article 9 (Installation, Operation, and Rejection of Personal Information Automatic Collection Devices)

① The company uses 'cookies' to store and periodically retrieve usage information in order to provide individualized customized services to users.

② Cookies are small pieces of information sent by the server (HTTP) used to operate websites to the user's computer browser, and they may be stored on the hard disk of users' PCs.

  • 1. Purpose of Using Cookies: Cookies are used to store and retrieve usage information to provide individualized customized services to users. This includes tracking user visits and usage patterns on various services and websites, popular search terms, and whether the connection is secure, all for the purpose of optimizing information provided to users.

  • 2. Installation/operation and rejection of cookies : Users may reject enabling cookies by clicking on Tools > Internet Option > Privacy Option, located on the top of the browser.

  • 3. How to specify whether or not to accept cookies
        1) Internet Explorer : Go to "Tools" > "Internet Options" > "Privacy" > "Advanced Privacy Settings" > Adjust the cookie level setting.
        2) Chrome : Go to "Settings" > "Privacy and Security" > "Clear Browsing Data" > Adjust the cookie level setting.
        3) Safari : Go to "Preferences" > "Privacy" tab > Adjust the cookie and website data level setting.
        4) Microsoft Edge : Go to "Settings" > "Cookies and Site Permissions" > "Manage and Delete Cookies and Site Data" > Adjust the cookie level setting.

4. Service Usage Statistics Analysis
The company uses Google Analytics, a log analysis tool provided by Google, for the purpose of analyzing service usage statistics. Through Google Analytics, behavioral information of our website users is collected, and in this case, only information that cannot identify individuals is collected. If you do not wish for this information processing to occur, you can refuse it through the guidance provided on the following page.

- How to Disable Google Analytics View

Article 10 (Personal Information Protection Manager and Department in Charge)

The company appoints a personal information protection manager and department in charge to oversee personal information processing and handle user complaints, damage relief, and related matters concerning personal information processing. The company takes the following measures to ensure the security of personal information.

1. Personal Information Protection Manager and Department in Charge
Personal information protection manager Personal information protection department
Name : Joowan Lee
Position : CEO
Contact number : 1644-2243
Department name : IRM
Contact number : 1644-2243
E-mail : irm@mz.co.kr

Article 11 (Rights and Obligations of Users and Legal Representatives and Methods of Exercising Them)

① Users can exercise the following rights related to personal information protection at any time by contacting the processing department listed within the relevant personal information disclosure request, as follows:
1. Request to access personal information
2. Request for correction if there are errors.
3. Request for deletion
4. Request for processing suspension

② If a user requests the correction or deletion of personal information due to errors, the company will not use or provide the personal information until the correction or deletion is completed.

③ The exercise of rights under paragraph 1 can be done through a legal representative of the user or a delegate. In this case, a power of attorney in accordance with the format of Annex No. 11 of the Enforcement Rules of the Personal Information Protection Act (No. 2020-7) must be submitted.

④ In cases where there is a special provision within the law, the request for access to personal information and the request for processing suspension may be refused in accordance with the law.

⑤ Requests for correction and deletion of personal information cannot be made if the personal information is explicitly designated as a collection target in other laws.

⑥ The company verifies whether the requester of access, correction, deletion, or processing suspension is the individual in question or their lawful representative when receiving such requests in accordance with the user's rights.

Article 12 (Department Responsible for Personal Information Access Requests and Related Matters)

In accordance with the Personal Information Protection Act, users can request access to personal information, correction, deletion, and processing suspension from the following department. The company will make efforts to promptly process the user's rights requests.

Department in charge of access request
Department Name : SpaceONE service team
Contact number : 1644-2243
E-mail : spaceone-support@megazone.com

Article 13 (Remedial Procedure for Infringement of Rights)

Personal Information
Infringement Report Center
Contact for Report on the breach of personal information and request for consultation
Websiteprivacy.kisa.or.kr
Phone118 without area code
Address(58324) 3F, 9 Jinheung-gil, Naju-si, Jeollanam-do
Personal Information
Dispute Mediation Committee
Contact for Application for dispute mediation and collective dispute mediation (civil mediation)
Websitewww.kopico.go.kr
Phone1833-6972 without area code
Address(03171) 12F, Government Complex-Seoul, 209, Sejong-daero, Jongno-gu, Seoul
Cyber Investigation Bureau of the Supreme Public Prosecutor's Office1301 without area code | www.spo.go.kr
Cyber Bureau of Investigation, National Police Agency182 without area code | http://ecrm.cyber.go.kr

Article 14 (Responsibility for Linked Websites)

The company may provide links to websites or materials of other companies for users. In this case, since the company does not have the authority to control external websites and materials, it cannot be responsible for or guarantee the usefulness of services or materials provided through external sites. Therefore, when clicking on links included by the company that lead to pages of other sites, please verify the reliability of those sites. The privacy policies of visited sites are unrelated to the company, so please review the policies of the newly visited site.

Article 15 (Changes to the Privacy Policy)

If there are any additions, deletions, or modifications to the contents of this privacy policy according to relevant laws and policies, the company will promptly notify users through the website. You can click the link below to view the previous version of the privacy policy.

This Privacy Policy takes effect from 2024.01.18.

View previous privacy policy v.1.1 (2022.07.01)
View previous privacy policy v.1.2 (2022.07.25)
View previous privacy policy v.1.3 (2022.08.26)
View previous privacy policy v.1.4 (2022.12.30)