2. Collection of Personal Information and Installation/Management of Automatic Collection of Personal Information
NeoLAB collects the minimum personal information to provide its service.
In addition, NeoLAB may collect and process additional information intended to provide better services; such additional information is not collected unless the users have provided their consent. However, in this case, there will be negative consequences on the services provided if the user has declined to give his or her personal information which is required at a minimum when using the services provided by NeoLAB.
The following minimum personal information is collected when the user signs up for the service or while the user uses the service.
2.1 Information that you may provide to NeoLAB
NeoLAB may collect user’s personal information under the following circumstances:
– Applying for a form for app registration or uploading information – Making contacts to customer service center
The user’s personal information collected by NeoLAB may contain the following information:
– Name – Email address
2.2 Information that is collected automatically
Through use of your NeoLAB application, the following information will be gathered automatically:
●Log Information:Like most mobile application publishers, we collect information mobile devices typically make available such as serial number of your smartpen, the date and time of access, the type and version of operating systems (e.g., iOS, Android) ● Usage Information:We collect information about your usage of our mobile application. For example, we collect information about the actions that you may take when using our mobile applications (e.g. smartpen’s monthly usage, online navigation records and the time and the status of the reply given by the server) ● Location Information:We may determine the approximate location of your device from your mac address. We collect and use this information to, for example, calculate how many people visit our mobile application from certain geographic regions.
2.3 Use of Google Analytics
To assess the usage situation of the service, Google Analytics may be used to gather information as follows:
● Usage of App event (including installation, deletion, update) ● Smartpen’s Mac Address ● Type of device and OS ● Location where App event takes place, gender, age, funnels
However, personal information is not gathered when using Google Analytics.
NeoLAB does not take responsibility for any damages caused by use of the Google Analytics service.
2.4 The Method of Personal Information Collection
The method of personal information collection is as follows.
When collecting personal information, NeoLAB informs the fact to the user in advance and asks for an agreement. Personal information is collected using the following method:
– The user agrees to the collection of personal information and enters relevant information while the user uses the service.
3. Use of Personal Information
Personal information is used for the following purposes.
– Fulfillment of a contract and provision of contents in relation to providing service – Confirmation of the user’s will to sign up
4. Access Right to Personal Information
In cases where access rights to user’s personal information are necessary in providing its services, NeoLAB informs the followings and gets consent from the user:
1) Necessary Access Rights
– Information and items of function which access rights are needed – The reason why the access rights are necessary
2) Optional Access Rights
– Information and items of function which access rights are needed – The reason why the access rights are necessary – The fact that the user may not give his or her consent being sought for permission to the access rights
NeoLAB does not reject the provision of its services to users when the user does not give consent for permission to access rights which are not necessary.
5. Provision of Personal Information
NeoLAB does not provide personal information to any third party without your consent or unless demanded by applicable laws. However, personal information may be provided to third parties in the course of entrusting some parts of the affairs required for service provision.
6. Retention Period of Personal Information and Destruction of Personal Information
The retention period of personal information is as follows:
1) Information to be retained by NeoLAB: Name, E-mail address 2) Retention period: Personal information described in 1) above will be retained until the user’s unregistration from the service.
Other personal information which are required to be retained by law and their respective provisions are as follows:
Records to be Retained
Records of contract or withdrawal of subscription
Act on the Consumer Protection in Electronic Commerce, etc.
Records of payment and supplying goods
Records of consumer’s complaint and the settlement dispute
Records of marks and advertisement
Books and supporting documents for all transactions specified by the Tax Act
Framework Act on National Taxes
Records of electronic financial transactions
Electronic Financial Transactions Act
Service visit records
Protection of Communications Secrets Act
The user’s personal information is to be destroyed immediately once the purpose of the collection and use of personal information is fulfilled. The procedure and method of destruction is as follows:
– Method of Destruction: Personal information stored in electronic file formats is to be deleted using technical means which make the information unrecoverable. Personal information printed on paper records, printed matters and documents is to be destroyed through shredding or incineration.
7. Rights and its exercise by User and User’s Legal Representative
The user may view and edit his or her personal information at any time (through a legal representative for users aged under 14), and may at any time withdraw his or her agreement on personal information provision or unregister from the service. Users may contact the customer service via in writing, or though phone or email. If a user requests the revision of personal information, the user’s information is not to be used or provided until the revision is completed.
8. Service regarding Privacy Protection
NeoLAB appoints privacy protection officer and responsible department in order to protect personal information of its users and to process any complaint regarding personal information.
For any inquiries, complaints, feedback or other matters related to personal information protection which arise while you use the service, please contact the privacy protection officer and responsible department. NeoLAB will do its best to listen to you and promptly answer any questions you may have.
1) Customer Service A. Department : Customer Support Team B. Email :email@example.com C. Contact: 1588-6239 2) Data Protection Officer A. Department : Management Support Team, Cho Sangwon B. Email :firstname.lastname@example.org C. Contact : 02-2284-9293
Please make inquiries to the following organizations if you need to report or consult in regards to the violation of personal information.
9. Compliance with the General Data Protection Regulation
NeoLAB complies with the General Data Protection Regulation (GDPR) as well as the domestic laws of each member country.
The following may apply when NeoLAB provides services to users in EU countries.
1) Purpose and Basis of Personal Information Processing
NeoLAB uses personal information collected from users only for purposes specified in “3. Use of Personal Information”, informs users prior to any use thereof and asks for agreement.
We process, among others, data revealing the geolocation (with the prior consent of the data subject) and the access to photos, multimedia contents and files on your device through the NeoLAB’s App (with the prior consent of the data subject).
In addition, NeoLAB may process personal information in accordance with applicable laws including GDPR in any of the following cases:
A. When agreed by the data subject B. For signing and fulfilling a contract with the data subject C. For legal compliance D. When personal information processing is necessary for the material benefit of the data subject E. For the pursuit of legitimate interests of the company (except for cases where the benefits, rights or freedom of the data subject is more important than that of the company.)
2) Rights of the Data Subject
A. You may exercise your rights pursuant to Regulation EU 2016/679, by contacting the Data Controller sending an email to “email@example.com”. You have the rights, at any time, to request the Data Controller to access your personal information (Art. 15), the rectification (Art. 16) or the erasure (Art. 17) of the personal information, or the restriction of the processing (Art. 18) or to object to the processing activities based on the legitimate interest (Art. 21). Lastly, you have the right to data portability (Art. 20). B. Where the processing activity is based on consent, you have the right to withdraw your consent, at any time, without affecting the lawfulness of processing based on consent given before the withdrawal. C. You have the right to lodge a complaint with a supervisory authority. D. No automated decision process is carried out.
3) The DATA “Controller”
Pursuant to Articles 4 and 24 of GDPR, the Data Controller is NeoLAB Convergence Inc., having its principal business place at 1501, Mario Tower, Guro-Dong 222-12, Guro-Gu, Seoul, Korea, in the person of its personal information protection in charge. The email of the Data Controller is “firstname.lastname@example.org”.
4) Transfer of Personal Information Outside the European Union
Your personal information may be transferred globally, either within or outside the European Economic Area (“EEA”), including to a country or territory without an adequacy resolution by the European Commission. However, in all cases, appropriate security measures for the protection of personal information will be applied in those countries or territories including NeoLAB’s using European Commission approved model contract clauses to protect your personal information. Users have the possibility of receiving or inspecting a copy of such data transfer agreements. As the case may be, please contact the DPO at “email@example.com”.
5) Data Retention Period or Criteria to Determine the Period
Personal information retention period is equal to the period of time the APP is used and installed on your device. The data subject may obtain information regarding the criteria used to determine such retention period, by contacting us firstname.lastname@example.org.
6) Access Rights of this App
This App requires various access permissions from your device. These are required to maintain certain functionality of our App. The access permissions on your mobile device are dependent on the operating system (e.g. Android, iOS, etc.) and the store where the app was purchased (e.g. Google Play Store, Apple App Store, Amazon, etc.). As a rule, user will receive information prior to the installation as to which access permissions are required by our App. The legal basis for the processing of technically necessary access permissions is Art.6 paragraph 1 sentence 1 letter b GDPR. All further access permissions are based on Art.6 paragraph 1 sentence 1 letter f GDPR. Under “Settings” in Apple iOS, you can get an overview at any time of the content that our App can access. You can restrict these access permissions at a later point in time. In Android, various access permissions are also needed on your mobile device. Under “Settings/Apps” you can subsequently check the access rights of our App. As it concerns geolocation data and personal information concerning the access to photos, multimedia content and files stored on your device through the APP, the relevant provision is optional and does not affect the App utilization.
10. Safeguards for Your Personal Information
We maintain technical and administrative safeguards designed to protect personal information we obtain through the services against accidental, unlawful or unauthorized destruction, interference, loss, alteration, access, disclosure, or use.
NeoLAB also maintains reasonable procedures to help ensure that such data is reliable for its intended use and is accurate, complete, and current.