Meta Mafia Privacy Policy

Article.1 Purpose

  1. MetaMAFI Ltd. (hereinafter referred to as the 'Company') values the personal information of the members in providing the Meta MAFIA service to the members, and is doing its best to effectively manage and safely protect the personal information of the members.
  2. The company informs you of what purpose and method the personal information you provide is being used and what measures are being taken to protect your personal information.
  3. This personal information processing policy may change according to changes in laws or guidelines related to personal information protection and changes in company policies, so members are advised to check it frequently when visiting the service.
  4. This privacy policy applies to the Meta MAFIA service (hereinafter referred to as the ‘Service’).

Article.2 Personal information

  1. The company prepares consent procedures for the collection and use of service terms and conditions and personal information when a member signs up, and if he/she selects consent, he/she is deemed to have consented to the collection and use of personal information.
  2. The company collects the minimum amount of personal information necessary for smooth service provision, and collects the following personal information for service provision and contract execution, such as membership registration, consultation, and service application.
    • (1) Join the Meta MAFIA platform
      • - Items: Email address, password, mobile phone number, profile information (nickname, profile picture)
  3. The company may automatically generate and collect service use records, access logs, cookies, access IP information, payment records, terminal information (service version, OS, OS version, device model name), etc. during the service use process.
  4. The company collects personal information in the following ways.
    • (1) Membership registration, service inquiry, event application, etc.
    • (2) Collection through generated information collection tools
  5. The company may collect and use the following terminal access rights with prior notice and consent from users in the process of providing mobile App services. Users may not agree to the collection for optional access rights, and even if they do not agree, they may receive services other than the corresponding function. The access right can be changed through the settings in the terminal.
    • (1) Android
      • [Essential]
      • -Storage space: used for photo/video/voice storage
      • [Select]
      • - Contacts / Address Book: Used to invite and add friends
      • - Microphone: Used for recording and sending voice messages/videos
      • - Camera: Used for taking and sending photos/videos, setting profile pictures and chat room backgrounds
    • (2) iOS
      • [Select]
      • - Contacts / Address Book: Used to invite and add friends
      • - Microphone: Used for recording and sending voice messages/videos
      • - Camera: Used to send and save photos/videos, set profile photos and chat room backgrounds
      • - Photo: used for sending and saving photos/videos, setting profile photos and chat room backgrounds

Article.3 Purpose of using personal information

The company uses the collected personal information for the following purposes.

  1. Provide automatic friend addition and automatic friend registration function
    • (1) Provide automatic friend addition and registration functions by collecting and using the member's phone number and the name and phone number of a third party stored in the member's terminal address book
  2. Fulfillment of the contract for the provision of services
    • (1) Provision of content
  3. Member management
    • (1) Prevention of fraudulent use and unauthorized use of bad members due to membership service use, confirmation of overlapping subscriptions, confirmation of intention to join, preservation of records for dispute mediation, handling of civil complaints such as complaints, delivery of notices
  4. Use for marketing and advertising
    • (1) Development of new services and provision of customized services, provision of services and advertisements according to statistical characteristics, confirmation of service effectiveness, identification of access frequency, provision of statistics on service use by members, information on events and advertisements, and opportunities to participate

Article.4 Non-Purpose Use of Personal Information

  1. The company may entrust the operation of personal information to an external professional company to improve the service, and when entrusted, to ensure the safety of consignment management, the service provider strictly follows the instructions related to personal information and protects personal information through consignment contracts, etc. Confidentiality, prohibition of provision to third parties, and liability in case of accidents are clearly stipulated, the contents of the contract are kept in writing, and the trustee is supervised to ensure that personal information is safely handled.
  2. The company currently does not entrust the personal information collected from users to a third party.
  3. If the contents of the entrusted business or the consignee are changed in the future, we will disclose it through this Privacy Policy without delay.

Article.5 Retention and use period of collected personal information

  1. If a member withdraws from membership or is subject to deletion of the member account due to false personal information, the collected personal information is completely deleted and is processed so that it cannot be used for any purpose.
  2. Members' personal information is destroyed without delay when the retention period that is notified to customers in advance and individually agreed to by customers has elapsed or the purpose of collection and use of personal information has been achieved. However, if it is necessary to preserve personal information according to company internal policy or related laws, personal information may be retained for the period specified below.
    • (1) In accordance with the Consumer Protection Act in Electronic Commerce, etc., the following items are destroyed after being stored for a certain period of time. (retention period in parentheses)
      • - Transaction entity identification information, contract or subscription withdrawal records, etc. (5 years)
      • - Transaction subject identification information, records on payment and supply of goods, etc. (5 years)
      • - Transaction subject identification information, records on consumer complaints or dispute handling, etc. (3 years)
      • - Transaction entity identification information, display/advertisement records, etc. (6 months)
    • (2) According to the Framework Act on National Taxes, books and supporting documents related to all transactions stipulated by the tax law are destroyed after being stored for 5 years.
    • (3) In accordance with the Electronic Financial Transactions Act, records on electronic financial transactions are destroyed after being stored for 5 years.
    • (4) In accordance with the Protection of Communications Secrets Act, service visit records are stored for 3 months and then destroyed.
    • (5) When collecting personal information of a child member, the legal representative information according to consent is stored and destroyed until the child reaches the age of 14 or older.
  3. The company notifies the user of the personal information of long-term non-users who have not used the company's service for 1 year in advance through e-mail or other means 30 days in advance and destroys the personal information based on the Personal Information Protection Act. However, if it is necessary to preserve it in accordance with the relevant laws and regulations, the user's personal information will be kept for a certain period of time as stipulated in the relevant laws and regulations.

Article.6 Personal information destruction procedure and method

  1. In principle, the company destroys the information without delay after the retention period has elapsed or the purpose of collecting and using personal information has been achieved. However, in accordance with the Terms of Service, personal information of dormant accounts that have not used the service for one year after signing up for membership is separately stored, and the separately stored personal information is destroyed after four years of storage. In addition, the company must notify members of dormant accounts at least 30 days before the expiration date, and the contents of the notification are as follows.
    • (1) The fact that personal information is destroyed or stored separately
    • (2) Date of destruction
    • (3) Items of personal information to be destroyed
  2. Destruction procedure
    • (1) In principle, the information entered by a member for membership registration is destroyed without delay when the purpose of collection and use of personal information is achieved, and is not used for any purpose other than retention unless otherwise required by law.
    • (2) However, personal information that must be preserved in accordance with relevant laws and regulations is stored separately in a separate DB. The personal information of users that are stored separately is not used for purposes other than those set forth in the law.
  3. Destruction method
    • (1) Printed personal information is shredded with a shredder or destroyed by incineration, and personal information stored in the form of electronic files is deleted using a technical method that cannot reproduce records.

Article.7 Rights and obligations of data subjects and legal representatives and how to exercise them

  1. Members can check, view, or modify their personal information (including legal representatives if they are members under the age of 14) at any time, and may request termination of membership or suspension of processing of personal information. However, in such cases, some or all of the services may be restricted.
  2. Members can directly view and modify their personal information through [Edit Profile] on My Page in the service. In addition, the member may cancel the use contract at any time through the [Withdraw Membership] item in the personal information protection of My Page, and in case of termination, all personal information of the member will be deleted. However, if it falls under [Personal Information Processing Policy Article 6 Paragraph 2], it can be stored for a certain period of time in accordance with the relevant laws and regulations.
  3. If a member requests correction or deletion of his/her personal information, the company will take necessary measures without delay after confirming the identity of the member. In addition, if it falls under each of the subparagraphs of [Terms of Use, Article 17 Restrictions on Use], personal information such as member account deletion may be destroyed under the judgment of the person in charge of personal information protection.
  4. If you request correction of an error in personal information, the personal information will not be used or provided until the correction is completed. In addition, if wrong personal information has already been provided to a third party, the correction process result will be notified to the third party so that the correction can be made.
  5. The company handles personal information that has been canceled or deleted at the request of a member as specified in Article 6 of the personal information processing policy, and does not allow it to be viewed or used for any other purpose.
  6. The exercise of rights pursuant to Paragraph 1 can be done in writing or by e-mail through an agent such as the data subject or the legal representative of the information subject or a person who has been delegated.

Article.8 Technical and administrative measures for personal information protection

In handling personal information of members, the company is taking the following technical and managerial measures to ensure safety so that personal information is not lost, stolen, leaked, falsified or damaged.

  1. Technical measures
    • (1) The company is doing its best to prevent leakage or damage of members' personal information due to hacking or computer viruses. In preparation for damage to personal information, data is backed up from time to time, the latest vaccine program is used to prevent leakage or damage of personal information or data of users, and personal information is safely transmitted over the network through encrypted communication. are doing In addition, we use an intrusion prevention system to control unauthorized access from outside, and we strive to equip all possible technical devices to ensure systemic security.
  2. Administrative measures
    • (1) The company's personal information handling staff is limited to the person in charge, and a separate password is assigned for this purpose, which is regularly updated, and compliance with the personal information processing policy is always emphasized through regular training for the person in charge.
    • (2) The company has a person in charge of personal information protection to always check the implementation of the personal information processing policy, and if problems are found, we strive to correct them immediately. However, the company does not take any responsibility for problems caused by leakage of personal information due to the user's negligence or problems on the Internet.

Article.9 Matters concerning the installation / Operation and rejection of automatic personal information collection devices

The company installs/operates cookies to support a faster web environment for users, and users can reject them. A cookie is a small amount of string information sent by the website server to the user's computer browser (Internet Explorer, Safari, Chrome, Firefox, etc.). Cookies identify the member's computer, but do not personally identify the member.

  1. Operation of cookies
    • (1) Provision of differentiated information according to individual interests
    • (2) Analyze members and non-members' access frequency or stay time to identify members' tastes and areas of interest and use them for target marketing
    • (3) Tracking the traces of the content you browsed with interest to provide personalized service the next time you access
    • (4) Analyze customers' habits and use them as a measure for service reorganization, etc.
  2. Choices about cookies
    By adjusting your web browser, you can accept all cookies, send a notification when a cookie is installed, or reject all cookies. However, if you refuse to save cookies, you cannot use some services that require login. Here's how to specify whether or not to allow cookie installation (for Internet Explorer).
    • (1) Select [Internet Options] from the [Tools] menu.
    • (2) Click [Personal information tab].
    • (3) Set “Allow All Cookies - Low - Medium - Medium High - High - Block All Cookies” in [Personal Information Settings].
  3. Cookies expire when you close your browser or log out.

Article.10 Remedy for Infringement of Rights and Interests

The company operates a customer counseling center where members can raise their opinions and complaints related to personal information protection to facilitate communication and resolution. In the case of Korea, if a dispute arises between a member and the company regarding personal information protection and consultation on personal information infringement is required, you can contact the Personal Information Infringement Report Center of the Korea Internet & Security Agency or the Cyber Security Bureau of the National Police Agency.

Personal Information Infringement Reporting Center http://privacy.kisa.or.kr 118
Personal Information Dispute Mediation Committee http://www.kopico.go.kr 1833-6972
Supreme Prosecutor's Office Cyber Investigation Division http://www.spo.go.kr 1303
National Police Agency Cyber Security Bureau http://cyber.go.kr 182

Article.11 Personal Information Protection Officer, etc.

The company appoints a person in charge of personal information protection, and the department in charge is doing its best to protect members' valuable personal information. In addition, the following personal information complaint handling department is in charge of personal information access requests. If a member wishes to raise an inquiry, opinion, or complaint related to personal information to the service, please contact us at the contact information below or by e-mail. We will respond quickly and sincerely.

Head of Personal Information Protection Department
Name Kim Doo-Shik
Email kk@metamafi.com
Department in charge of personal information protection
Department Strategic Planning Office
Email kk@metamafi.com

Article.12 Duty of Disclosure

If the company changes this privacy policy, the reason for the change and the effective date will be specified and notified through the service's notice and the current privacy policy.

Addendum

Effective Date: December 14, 2022