eMUSICMARKET (‘Company’) is committed to ensuring that users’ privacy is protected by eMUSICMAREKT Privacy Policy (‘Privacy Policy’) pursuant to Privacy Protection Act of the Republic of Korea. The Privacy Policy of Company is disclosed on a website (www.eMUSICMARKET.com) containing below contents:
1. General rules
2. Personal information collection items
3. Personal information collection and objectives of use
4. Agreement of personal information collection
5. Personal information collection methods
6. Use of collected personal information and provision of personal information to the 3rd party
7. Treatment of collected personal information on consignment basis
8. Browsing and modification of personal information
9. Revocation of agreement on personal information collection, use, and provision
10. Period of possession and use of personal information
11. Procedures and method of personal information destruction
12. Notification
13. Countermeasure of personal information security
14. Link sites
15. Postings
16. Installation, operation, and rejection of automatic personal information collection system
17. Rights and obligation of users
18. Feedbacks and complaints
19. Personnel in charge of personal information management
20. Advertisement
21. Obligation of notification
1.General Rules
1.1 Personal information shall mean information about a living person including symbols, characters, voice, sounds, or video which identifies a specific individual. It includes a kind of information that cannot be used to identify a certain individual standalone but only by combined with other information.
1.2 Company will put its utmost efforts when treating its users’ personal information and comply with all required regulation related to personal information including Privacy Policy Act of the Republic of Korea.
1.3 Company will disclose purposes of collection, objectives of use, countermeasure of security of users’ personal information.
1.4 Company shall display Privacy Policy on the main web page of its website so that users can easily access to such information.
1.5 Privacy Policy defines necessary procedures for continuous development when there are changes in related regulations and statutes and Company’s internal operation policy. If Privacy Policy is modified or updated, Company shall disclose the changed portion of Privacy Policy along with the reason of change, and effective date on its website.
2. Personal information collection items
2.1 Company collects mandatory information that is required to provide a basic service to its customers and optional information that is required to provide customized service to its customers. Lack of optional information does not limit the use of service by customers.
2.2 Company does not collect sensitive information that may violate human rights including ethnicity, politics, hometown, and criminal records, health records, etc.
2.3 Company collects and uses personal information as below:
* Nonmember: no personal information is collected
Buyer:
- Name, id, passwords, address, phone number, e-mail address, nationality: to be used for identification, complaint process, protection of illegal use of data
- E-mail address: to be used for effective transaction process, identification, complaint process, notification of new service and announcements
- Company names, name of representative, business registration number, company phone number, company address: to be used for tax treatment and corporate member service provision
- Recipients name, address, phone number: to be used for shipping of gifts or giveaways.
- Paypal account information: to be used for transferring trading amount, settling outstanding balance, and provision of payment service
Seller:
- name, id, passwords, address, phone number, e-mail address, nationality: to be used for identification, complaints process, protection of illegal use of data
- E-mail address: to be used for effective transaction process, identification, complaint process, notification of new service and announcements
- Recipients name, address, phone number: to be used for shipping of gifts or giveaways.
- Paypal account information: to be used for transferring trading amount, settling outstanding balance, and provision of payment service.
Other optional information:
Birthday, marital status, job, hobby, interests, etc: to be used for provision of various beneficial information
Others
During utilizing the service and business process, below information may be created and collected automatically
-IP Address, visiting dates, service use log, billing records, connection log, cookies: protection of illegal use of data and unauthorized use of data, electronic transaction records log, etc.
3. Personal information collection and objectives of use
The objectives of personal information collection and use are as follow:
3.1 Membership Managment
- Identification of each member
- Protection of illegal and unauthorized use of data
- Confirm the intention of joining membership, and limit multiple memberships for each individual
- Provide customer service, receive feedbacks and complaints, and keep records in case of dispute conciliation
- Deliver notification
3.2 Service performance billing
- Provision of service between members
- Provision of contents, notification/delivery of gifts and giveaways
- Identification for transaction
- Billing, payments, collection of overdue balance
- Settling balance
3.3 Marketing and advertisement
- Provision of customized service
- New service development
- Demographical service provision and advertising
- Understand frequency of access to the website
- Statistics of use of service
- Deliver periodic release and notify new products or service
- Notify events and advertisements and operate website in which members can participate
- Survey
- Introduction of service and products
4. Agreement of personal information collection
Company provides procedure where users can click [I agree] or [I do not agree] button on a website about Privacy Policy or the terms and conditions of use. When a user clicks [I agree] button, it is deemed that the user agrees on the Privacy Policy or the terms and conditions of use.
5. Personal information collection methods
Company uses below methods to collect users’ personal information.
- From registration procedures for a eMUSICMARKET membership, a written form, fax, phone call, counseling, e-mail, events or giveaways
- From subcontractors
- From an automatic information collection tool such as Cookies in case when a user uses mobile phone or internet
6. Use of collected personal information and provision of personal information to the 3rd party
6.1 Company shall use users’ personal information only within a scope defined in clause 3 ‘Personal information collection and objectives of use’ hereunder. Company shall not use or provide the personal information to the 3rd party beyond the scope of use specified hereunder except:
6.1.1 Partners: For better service provision, upon a prior written or electronic notification of what items of personal information to be provided, to whom such information to be provided, why Company should share or provide the personal information with the partner, how such information to be secured, and how long such information to be provided, Company may provide such information to its partners, provided that Company shall not provide such information to partners if users does not agree with the provision of information. The prior written or electronic notice shall be given when there is modification or termination in partnership.
6.1.2 Merger or Acquisition: In case when Company is subject to the merger or acquisition or transfer its part or whole sales rights and required to succeed its rights and obligation, Company shall notify such event to users in order to guarantee users’ right.
6.2 Company shall not use or provide users’ personal information to 3rd parties beyond the scope notified to users except when approved by users or,
6.2.1 when it is technically and costly impossible to receive users’ approvals in case where the personal information is indispensable for service performance.
6.2.2 when the personal information is required for billing.
6.2.3 when the personal information is processed in a way that a specific individual cannot be identified. Such processed personal information may be provided to research organizations, survey, advertiser, partners, and 3rd parties.
6.2.4 when it is required to be provided pursuant to Protection of Communications Secrets Act, Framework Act on National Taxes, information protection related regulations, Real Name Financial Transactions Act, credit information use and protection related regulations, Framework Act on Telecommunications, the Local Tax law, Framework Act on Consumers, Bank of Korea Act, the Criminal Procedure Code, etc. Company, however, shall not provide users’ personal information unconditionally to administrative offices or investigative agencies even in case where a special regulation is to be applied. Company shall provide personal information only under the legitimate procedures, which includes confirmation process with a warrant or signed and sealed written form by a head of an organization.
6.3 When a transaction is concluded for the service provided by Company, for effective performance and communication, information about the source of sound and download records can be provided to the parties to the transaction within a reasonable scope.
6.4 Status of personal information provision
Personal information provision status can be modified at the commencement or termination of partnership. The status is posted on a list along with personal information provision and to be deleted as personal information is destroyed when the partnership is terminated.
7. Treatment of collected personal information on consignment basis
When Company entrusts managing, saving, editing, searching, and renewal tasks of users’ personal information to the 3rd party for better service and efficient performance of the service, Company shall notify its users of consignee, consignment period, the relationship between Company and consignee, and the scope of responsibility.
8. Reading and modification of personal information
8.1 Users may read and modify their registered personal information anytime. Users can read and modify personal information on ‘MYPAGE>My Info’ from the homepage after logging in. Users may contact personnel in charge of personal information management via e-mail or mail for further requests.
8.2 When a user requests Company to modify an error in his/her personal information, Company will not use or provide such personal information with an error until the modification is completed.
8.3 If incorrect personal information is already provided to 3rd party, Company shall notify such error and modified personal information to the 3rd party.
9. Revocation of agreement on personal information collection, use, and provision
9.1 Members may revoke agreement on personal information collection, use, and provision any time. Revoking agreement bares same effects as a request of membership termination because user revoked the intention of use of the service. Users may visit MYPAGE>My info and click ‘Withdraw Membership’ or send a written request or E-mail in order to revoke agreement on personal information collection, use, or provision. Users shall give careful consideration when making decision whether to withdraw their membership because all of users’ registered information will be destroyed after the membership withdrawal. Company will promptly notify after destroying personal information after processing such withdrawal procedure.
9.2 Company shall take reasonable measures to make revoking an agreement or withdrawing membership procedure easier than colleting personal information procedure.
9.3 To protect users from repeated rejoining membership for a purpose of obtaining financial benefits from events or giveaways held by Company, personal information of withdrawn members shall be destroyed after 1 month period elapsed.
10. Period of possession and use of personal information
10.1 Users’ personal information shall be retained and used during the period of eMUSICMARKET service provision. When a user withdraws his or her membership, his or her personal information will be destroyed so that it cannot be read or used in the future expect when related regulations or statutes require retaining such information.
10.2 Reason of personal information retention pursuant to related regulations or statutes
If users’ personal information is required to be retained pursuant to the related regulations or statutes, Company will retain the persona information for a certain period of time, provided that reading and use of such personal information is limited only for a purpose of requirements by the related regulations and statutes. The objectives and period of retention and items must be specified in advance.
10.2.1 Records of agreement or revocation
Retention Objectives: Section 6 in the Consumer Protection Act and Section 6 of its enforcement ordinance
Retention Period: 5 years
10.2.2 Records of payment, supply of goods and services
Retention Objectives: Section 6 in the Consumer Protection Act and Section 6 of its enforcement ordinance
Retention Period: 5 years
10.2.3 Records of processing complaints and dispute settlement
Retention Objectives: Section 6 in the Consumer Protection Act and Section 6 of its enforcement ordinance
Retention Period: 3 years
10.2.4 Records of identification confirmation
Retention Objectives: Section 44 Clause 5 in the Act on the Protection of Information and Communications and Section 29 of its enforcement ordinance
Retention Period: 6 months
10.2.5 Records of access
Retention Objectives: Section 15 Clause 2 in the Protection of Communications Secrets Act and Section 41 of its enforcement ordinance
Retention Period: 3 months
10.2.6 Records of illegal use
Retention Objectives: To protect illegal use of Company’s service pursuant to Company policy (Section 9 in the terms and conditions of use)
Retention Period: 12 months
10.3 Personal information may be retained for a period specified in Clause 10.2 hereunder if the retention period is not elapsed, Company sent prior notification to users, or users agree with retaining personal information by Company.
10.4 For transaction information retained by Company under the users’ approval, users may read and confirm the information any time upon requests.
11. Procedures and method of personal information destruction
Company shall destroy without delay when the objectives of use of collected personal information are achieved.
11.1 Personal data obtained from membership registration will be deleted and destroyed after a retention period specified in Clause 10 elapsed when the objectives of personal information collection is achieved or a user withdraw a membership. The electronic form of personal information that was collected from the membership registration process will be deleted immediately when a user withdraws a membership.
11.2 The method of destruction
Personal information printed on papers shall be shredded or treated with chemicals, and other personal information stored as an electronic format shall be deleted through technical methods which makes the information not restorable.
12. Notification
12.1 If Company desires to obtain agreement from users on utilizing users’ personal information beyond the agreed scope of use or provide the information to the 3rd parties, a prior written or electronic form of notification should be given by Company.
12.2 If Company entrusts collecting, storing, processing, using, providing, managing, and destroying tasks of users’ personal information to the 3rd party, it should notify such fact to users through Privacy Policy on a website.
12.3 If Company transfers its whole or part of its business rights or obligations due to merger or acquisition, a prior written or electronic form of notification must be given to each user and displayed on a website at least 30 days. However, if Company does not have users contact information without its mistakes, or it has reasonable reason not to deliver a prior written or electronic form of notification due to Act of God, Company shall advertise on at least 2 daily newspapers which is distributed on a area in which most users are residents at least 1 time.
13. Countermeasure of personal information security
Company prepares and implements technical and managerial countermeasures to secure users’ personal information.
13.1 Technical Countermeasures
Company prepares following technical countermeasures to protect users’ personal information from loss, robbery, disclosure, and falsification.
13.1.1 Users’ personal information is protected by passwords. Important data is secured by file lock function or encryption.
13.1.2 Company arranges a vaccine program so as to protect users’ personal information from computer viruses. The vaccine program is to be updated in a regular basis so that Company can protect users’ personal information from new computer viruses.
13.1.3 Company adopts a firewall which allows transferring users’ personal information via network in a safe way through encryption algorithm.
13.2 Managerial Countermeasures
13.2.1 Company limits the number of authorized personnel who access to users’ personal information to the minimum. The authorized personnel include:
-a person in charge of marketing tasks which requires to communicate with users directly
-a person in charge of personal information management tasks
-a person in charge of tasks which requires users’ personal information inevitably
13.2.2 Company trains and assures that its employees acknowledge how to handle users’ personal information in a secure way by defining the necessary procedures when accessing to users’ personal information. Company also hires a professional institution to provide its employees the latest version of security technology and obligations in personal information protection.
13.2.3 Company shall ensure that changing over of tasks related to personal information is to be implemented in secure conditions. The responsibilities in accidents related to personal information after joining or resigning Company are clearly defined.
13.2.4 Company appointed personnel in charge of access rights to users’ personal information and provide him or her an identification symbol (ID) and password, which are updated in a regular basis.
13.2.5 Company prepares an internal control system that protects information spills by employees and inspects compliance of personal information policy by having employees signed a written oath for personal information protection when hired.
13.2.6 Company shall require employees to sign a written oath of secrecy so as to avoid personal information from being damaged, violated, or disclosed.
13.2.7 Company adopts necessary procedures to confirm a user’s identification when collecting or providing payment information such as users’ Paypal accounts for the purpose of service contract execution or service provision.
13.2.8 Company shall notify immediately and put its utmost reasonable efforts to devise a countermeasure or indemnification when user’s personal information is lost, disclosed, falsified, or damaged caused by mistakes of Company’s employees or technical accidents.
14. Link sites
14.1 Company may provide users links or websites of other companies for reference. In this case, Company shall not guarantee or bear any responsibility in reliability of usefulness of materials or services obtained from such 3rd parties’ websites or links.
14.2 When a user visits the 3rd parties’ websites by clicking links provided in Company’s websites, Privacy Policy does not apply to such the 3rd parties’ websites.
15. Postings
15.1 Company put its utmost efforts to protect users’ postings from falsification, damage, and deletion except when
- the posting is a spam such as a chain letter, advertisement, links to other websites, etc.
- the posting defame other’s reputation by distributing false facts
- the posting violates other’s rights by releasing the identification of the others without approval or license of copyrights or intellectual property of the 3rd parties.
- the posting is not related to the theme of the bulletin.
15.1.1 Company may delete a part of or modify the posting where the other’s identification was released without approval so as to keep the ethical posting culture.
15.1.2 If a posting has a contents which fit to another bulletin, Company shall disclose the movement routes of such posting to avoid misunderstanding.
15.1.3 Company may delete postings after giving explicit warning in cases not specified above.
15.2 The ultimate rights and responsibility related to a posting lays on the publisher of the posting. Users shall take deliberate consideration when using the service because information voluntarily disclosed from postings is difficult to be protected.
16. Installation, operation, and rejection of automatic personal information collection system
Company may install or operate Cookies which search for and save users’ information time to time through internet service. Cookies are character string information that was first saved on a web browser and then sent to a server when it was requested by the server. When a user accesses to eMUSICMARKET website, the website reads Cookies from the users’ browser and finds supplement information which allows the user to utilize the service without inputting any additional information.
16.2 Users’ information collected by eMUSICMARKET cookies will be used for following purposes:
16.2.1 To provide differentiated information according to individual interests
16.2.2To understand users’ tastes and interests by analyzing access frequency or visiting hours
16.2.3 To provide customized service by studying each user’s most visit webpage
16.2.4 To inform a service provision period information when using pay-per-service.
16.2.5 To analyze users’ tendencies, and to use such information for service development.
16.3 Users may select whether to install Cookies or not. Users may accept all Cookies, have notification when Cookies are installed, or refuse to install Cookies at ‘Tool>Internet option>Personal Information>Advance’. However, not installing cookies may cause limited use of the service.
16.4 Cookies expire when a browser is closed or a user logs out.
17. Rights and obligation of users
Users shall have rights to have their personal information protected as well as obligations not to violate others’ rights.
Company shall not be responsible for any damages or losses caused by users’ negligence or general risks of using internet.
17.1 Users shall update their personal information to the latest in order to avoid any possible losses or damages. Users shall be liable for any problems caused by incorrect personal information.
17.2 If a user inputs false information which includes illegal use of others’ personal information, the user is subject to any legal punishment, and the user’s membership shall be withdrawn by force.
17.3 Users shall be responsible for and mange appropriately their own ID and passwords. Company recommends users to avoid using simple passwords that can be conjectured by others and to change the passwords in a regular basis.
17.4 If a user logs in eMUSICMARKET websites and is directed to other websites other than eMUSICMAREKT from the PC that is shared with others, the user shall make sure to log off from the website when closing in order to avoid information spill including ID or passwords.
17.5 Users must put their reasonable efforts not to damage others’ personal information including postings. Users who violate such obligation hereunder and damage other’s information, the users are subject to any legal punishment under the Privacy Protection Act.
17.6 Users shall comply with Privacy Protection Act of the Republic of Korea, Personal Information Protection Law, and other regulations related to the personal information.
18. Feedbacks and complaints
18.1 Company values users’ opinions, and users have right to receive sincere responses of any inquiries.
18.2 Company operates a customer service center for effective communication with users. Users can contact below information for any inquires.
18.2.1 Persona Information Customer Service Center
-Personnel in charge of Personal Information Treatment: Seung Gyun Chae
-Phone number: 82 (0) 2 -333-6467
-Fax number: 82 (0) 2 -333-6467
-Email address: scott@emusicmarket.com-> To be updated with Company account e-mail.
18.2.2 For Cyber inquires: Users can inquire to cyber customer service representatives from Contact/Information on Customer Service Menu in eMUSICMARKET.
18.3 Company will put utmost efforts to make reply to inquiries received via e-mail or fax within 24 hours.
19. Personnel in charge of personal information management
19.1 Company considers users’ personal information importantly and put its utmost efforts to avoid any damage, violation, or disclosure of users’ personal information. Nevertheless, when unexpected accidents caused by network risks such as hacking are occurred, Company shall not be responsible for any damages or losses from such accident or disputes over postings.
19.2 Company operates a customer service center for effective communication with users. Users can contact below information for any inquires related to personal information protection.
18.2.1 Persona Information Customer Service Center
-Personnel in charge of Personal Information Treatment: Seung Gyun Chae
-Phone number: 82 (0) 2 -333-6467
-Email address: scott@emusicmarket.com
20. Advertisement
20.1 Company shall not send any advertisement or commercial information under the explicit intention of refusal by users.
20.2 If a user agreed to receive information such as newsletter other than commercial information or advertisement, Company shall include below information on a title or contents of e-mail for users’ convenience:
20.2.1 E-mail title: Company may not use a word ‘advertisement’ for a title. The title shall contain a main point of e-mail content.
20.2.2 E-mail contents: Company shall include a name of issuer, e-mail address, or other contact information to which a user may request subscription cessation of such e-mail.
-Company shall describe how user can request to stop subscribing such e-mail in readable way.
20.3 When Company send commercial information in order to perform its marketing tasks such as sending new event information, Company shall include below information for a title to help users’ understanding:
20.3.1 E-mail title: Company may not use a word ‘advertisement’ for a title. The title shall contain a main point of e-mail content.
20.3.2 E-mail contents: Company shall include a name of issuer, e-mail address, or other contact information to which a user may request subscription cessation of such e-mail.
-Company shall describe how user can request to stop subscribing such e-mail in readable way.
21. Obligation of notification
This Privacy Policy is established on 3rd September, 2012. If a whole or part of the Privacy Policy is to be modified, added, or deleted due to changes in related regulations or security technologies, Company shall notify such information on a website at least 7 days prior.
