top of page

Privacy Policy of Wave Company

The Company complies with the 「Information and Communications Network Act」 and the 「Personal Information Protection Act」 to protect users' personal data and ensures prompt and smooth handling of related matters by establishing and disclosing the following privacy policy.

 

Effective Date: June 1, 2024

1. Personal Information Collection 

  • Types of Personal Information Collected:

    • Mandatory Information: Includes device details (such as unique identifiers, model name, country code, carrier info, language settings, OS version, app version, IP address, manufacturer, location data), service usage records (such as version, settings, usage time and frequency, patterns), and application information (such as app name, URL, icons, wallpaper color, and operation modes through app manifest files).

    • Optional Information:  Includes your email, name, phone number, product purchase details, and inquiry history.  

 ※ Note: The Company does not collect sensitive information that may seriously infringe on users' privacy.

 

  •  Collection Methods

    • Mandatory data is automatically collected during service use.

    • Optional data is collected when users submit inquiries via email.

 

2. Purpose of Personal Information Collection and Use

   The Company processes personal data for the following purposes:

  • Service provision:

    • Providing optimized services and content to users.

    • Delivering device-specific settings based on the country and version.

    • Offering personalized customer support, handling complaints, and preserving records for dispute resolution.

    • Communicating notices to users.

  • Statistical analysis and service improvement: 

    • To enhance and improve our research and analysis that evaluate and enhance the Platform and business operations, develop new services and features, and maintain internal quality control and staff training

    • To gain a deeper understanding of how users interact with the Platform, products, and services, including consumer behavior and preferences.

  • Bug fixes:

    • To  analyze reported errors and identify and fix issues in the new version, while also implementing improvements

  • Marketing and advertising: 

    • To plan services and events that align with user interests

    • To provide information on events and advertisements, along with opportunities for participation

    • To conduct customer satisfaction surveys

    • To introduce new products or services

 

3. Retention and Usage Period

The company, in principle, destroys personal information without delay once the purpose of its collection and use is fulfilled. However, if it is necessary to retain the information according to legal requirements, the company will store it for a specified period as stipulated by relevant laws. In such cases, the information will be transferred to a separate database (DB) or stored in a different location.

 

  • Retention Item | Retention Period | Legal Basis:  

    • Records of contracts or withdrawal of offers |  5 years | Act on the Consumer Protection in Electronic Commerce

    • Records of payment and supply of goods  | 5 years | Act on the Consumer Protection in Electronic Commerce

    • Records of consumer complaints or dispute resolution | 3 years | Act on the Consumer Protection in Electronic Commerce

    • Records of credit information collection/processing/use | 3 years | Credit Information Use and Protection Act

    • Records of display/advertising | 6 months | Act on the Consumer Protection in Electronic Commerce

    • User log records, IP tracking, and other communication data | 3 months / 12 months | Communications Secret Protection Act


 

4. Provision of Personal Information to Third Parties

The Company does not, in principle, provide users' personal information to external parties. However, exceptions are made in the following cases:

  • When required by law or upon the request of investigative authorities in accordance with legal procedures.

  • When necessary for billing and settlement of paid services.

  • When provided in a processed form that does not identify individuals for statistical, academic, or market research purposes.

  • When the user has given prior consent.

 

5. Procedures and Methods for Destroying Personal Information

The procedures and methods for destroying personal information are as follows:

 

  • Destruction Procedure: Once the purpose of the personal information has been fulfilled, the data is moved to a separate database (or stored in a separate document for paper records) and retained for a certain period in accordance with internal policies and relevant laws. Afterward, it is destroyed. Personal information in the separate database is not used for any other purpose unless required by law.

 

  • Destruction Method: The Company deletes electronically stored personal information using technical methods that prevent recovery. Paper-based personal information is destroyed by shredding or incineration.


 

6. Rights of Users and Legal Representatives and How to Exercise Them

  • Users and legal representatives can request access, correction, deletion, suspension of processing, or withdrawal of consent regarding personal data at any time, including:

    • Personal information held by the Company.

    • Information on how the Company has used or shared personal information.

    • Consent history related to personal information collection and use.

    • Requests can be made via phone (070-4044-7331), email, or fax to the Company.

  • The company may refuse requests for access, correction, or deletion of personal information in the following cases:

    • If access is prohibited or restricted by law.

    • If granting access may harm the life or safety of another person, or unjustly infringe on another person's property or other interests.

  • The company processes personal data that has been requested for deletion or suspension by the user or their legal representative according to the retention periods outlined in "3. Retention and Usage Periods of Personal Information." Afterward, the data will not be accessible or used for any other purposes.

  • Users must input their personal information accurately and keep it up to date. They are responsible for any incidents resulting from incorrect data, and if false information or another person's data is used, access to services may be restricted.

  • Users have the right to protect their personal information, but they also have the duty to safeguard their own data and not infringe upon others' privacy. Users should take care to prevent their personal data from being leaked and ensure they do not damage or misuse others' information. Failure to fulfill these responsibilities, including violating the privacy or dignity of others, may result in penalties under the "Information and Communications Network Act."


 

7. Technical and Managerial Measures for Personal Information Protection

The Company implements the following technical and managerial measures to ensure the security of personal information from loss, theft, leakage, alteration, or damage:

  • Establishment and Implementation of Internal Management Plans

    • The Company establishes and implements internal management plans to securely process personal information.

    • Compliance with personal information protection measures is regularly monitored, and corrective actions are taken if any issues are identified.

  • Measures to Prevent Falsification and Tampering of Access Records

    • The Company stores and manages access records to the personal information processing system and uses security features to prevent tampering or falsification.

  • Encryption of Personal Information

    • Users' personal information is protected by passwords, and files are encrypted or locked when stored. Data transmission is encrypted, and sensitive information is protected with additional security measures.

  • Minimization and Training of Personnel Handling Personal Information

    • Access to personal data is restricted to necessary personnel, and regular security and privacy training is provided. All employees sign security agreements to prevent data leaks. Internal procedures ensure compliance with protection measures.

 

8. Personal Information Protection Officer and Customer Support Department

The Company has designated the following department and personnel to protect users' personal information and handle related complaints:

 

  • Customer Support Department

    • Department: Wave Company Customer Center  

    • Contact: 070-4044-7331, 02-481-8178 (FAX)  

    • Email: info@wavecompany.net

  •  Personal Information Protection Officer

    • Officer: Kim Daejun  

    • Department: Wave Company Customer Center  

    • Contact: 070-4044-7331, 02-481-8178 (FAX)  

    • Email: info@wavecompany.net


 

9. Remedies for Privacy Violations

Users can seek resolution for personal information violations by applying for dispute resolution or consultation with the following institutions:

  • Personal Information Dispute Mediation Committee: 1833-6972 (www.kopico.go.kr)

  • Personal Information Infringement Report Center: 118 (privacy.kisa.or.kr)

  • Supreme Prosecutors' Office: 1301 (www.spo.go.kr)

  • Cyber Bureau, National Police Agency: 182 (cyberbureau.police.go.kr)

bottom of page