These terms and conditions are designed to stipulate the rights, obligations, and responsibilities of the "service" and "members" for the use of FaceOTP software (hereinafter referred to as "services").
Article 1 (Definition of Terms)
The terms used in this Agreement are defined as follows:
Article 2 (Validity of Terms and Conditions)
The “service” publishes the contents of these terms to the members in the process of membership registration or other means, and the members who agree to the terms and conditions become effective by joining the "service."
Article 3 (Changes of Terms and Conditions)
Depending on changes in laws and policies for the "blockchain" industry in each country and changes in policies of international agencies or affiliates, the “service” may change these terms and conditions as necessary.
Article 4 (Notice of Terms and Conditions)
Article 5 (Interpretation of Terms and Conditions)
Article 6 (“Service”)
Article 7 (“Service” Registration)
Article 8 (The Roles and Duties of the “service”)
Article 9 (Roles and Responsibilities of the “Member”)
Article 10 (Service Announcement)
Article 11 (Provision of “Service”)
Article 12 (Use of “Service”)
Article 13 (Changes in “Service”)
Article 14 (Cancelling “Service”)
Article 15 (“Service” Use Restrictions)
Article 16 (“Service” Cancellation)
Article 17 (“Membership Information” Management)
Article 18 (“Membership Information” Changes)
Article 19 (Limitation of Liability)
Article 20 (Competent court and Settlement of Dispute)
These terms and conditions have been updated on August 1, 2020,
and is effective with the consent of "members".
FaceOTP (the "company") places importance on the personal information of the users of the service provided by the "company" and complies with the laws on promotion of information, communication network use and protection of information, the laws on the protection of consumers in electronic commerce, the telecommunications business act, and the personal information protection act.
1. Items of personal information collected and methods of collection
①The personal information of the users collected by the company is as follows:
A.(Required) Email, mobile phone number, password, name
B.(Information automatically generated during service use or processing) Service usage records, access logs, access IP information, purchase information, deposit and remittance of cryptocurrencies
C.(In the event of identification tasks) copy of ID (other than the date of birth, information is masked and provided.), Face photo, Face Information
②The company collects personal information by the following methods.
A.Personal information is collected in the event that the user agrees to the collection of personal information and enters the information directly in the process of membership registration and service use.
B.The members' personal information is collected through the webpage, e-mail, faxes, and phone during the customer center consultation process.
C.Personal information can be collected through documents from offline events and seminars.
D.Generating information, such as device information, can be generated and collected automatically during PC web, and mobile web use (access IP information, cookies, service use records, connection logs, etc.).
2. Purpose of collecting and using personal information
A.Identification of the members based on their use of service and identification
B.Prevention of fraudulent use and unauthorized use of fraudulent members
C.Confirmation of intention to sign up, registration and limitation of subscriptions
E.Consultation with "members"; receipt and handling of "members" complaints; preservation of records for dispute settlement
F.Transfer of notice
②Implementation of the agreement on service delivery and the settlement of charges
A.Delivering services and contents
B.Payment and settlement of charges
C.Event/gift equivalents guide and product delivery
③Used in marketing and advertising
A.Provide optimized service to "members"
B.Developing and specializing new services(products)
C.Service provision and advertisement according to demographic characteristics
D.Web page access frequency
E.Statistics on service utilization
F.Sending periodicals, and guides to new products or services
G.Planning for web services and events corresponding to "members" interest
H.Operate a space for members to participate or deliver advertising information such as prize events and other events
I.Survey of "members"
3. Providing a third party of personal information
The 'company" shall not use or provide to any third party the personal information of "members" beyond the scope notified to the "members" or the scope specified in terms and conditions of service. Exceptions shall be made if the consent of the "members" is obtained or if:
①Alliance: To provide a better service, the personal information of the "members" may be provided to or shared with affiliates. If the personal information is provided or shared, it will go through the process of notifying the "members" in writing or e-mailing them individually about who the affiliates are, why such personal information should be provided or shared, and how long they are protected or shared and managed. If the "member" doesn't agree with sharing their personal information, we do not share the personal information with the affiliates. Notifications or consent shall be obtained through the same procedures when the partnership changes or the partnership closes.
②Sale and M&A: In the event the rights and obligations of the service provider are transferred in whole or in part, or the rights and obligations of the service provider are transferred through a merger or acquisition, the member shall be notified in order to guarantee the rights of the "members' in relation to the protection of personal information.
③In case of need for settlement of charges based on the provision of information and communication services.
④In cases where there are special provisions in other laws such as; the 'Protection of Communications Secrets Act', 'The Framework Act on National Taxes', 'the law regarding the promotion of information and communication network use and protection of information', 'law of real name financial transaction', 'Telecommunications Business Act', 'local tax law', 'Framework Act on Consumers', 'Banking Act', and the 'Criminal Procedure Law'. However, even if the administrative office or investigative agency has requested it for administrative purposes or investigation purposes, it does not provide personal information of the "members" according to the request and is provided in accordance with due process, such as by a warrant or by a letter with the authority's seal of approval as provided under the Act.
4. Handling personal information
The "company" may entrust personal information to other companies in a limited scope for smooth and improvement of the service. Currently, the following companies are entrusted with the processing of personal information by the company for the implementation of the service contract with the "members." The related statutes stipulated necessary matters for the safety of management of personal information in the consigned contracts.
TrusteeConsignment PurposeHolding Period
ALIGOSMS Certification service.Delete immediately after SMS is sent (If it is necessary to preserve it according to relevant laws, the period of preservation)
5. Personal information retention and period of use
①Personal information of the "members" shall be retained and used during the period when the "company" provides the services to the "members." However, if there is a need to preserve it according to the provisions of the relevant statutes, it shall be preserved in accordance with the following related statutes:
A.Records of contracts or withdrawal of subscriptions: 5 years
B.Records on big payments and supply of goods: 5 Years
C.Records on consumer complaints or dispute handling: 3 years
②If the "members" request access to the transaction information held with by the "members'" consent, they shall be allowed to access or verify the transaction information without delay.
③If a member has withdrawn from the service then the member's name, date of birth, ID, and password identification shall be kept for one month after the member's withdrawal for the purpose of preventing illegal or expedient activities, as the member may illegally receive economic benefits such as discount coupons and event benefits provided by the company or prevent such illegal or expedient activities.
6. Methods for personal information disposal and procedures
In principle, the "company" destroys personal information without delay if the purpose of handling personal information has been achieved. However, if the personal information needs to be preserved continuously in accordance with other statutes, personal information shall be transferred to a separate database or stored in a safe storage place.
①Revocation procedure: The company selects personal information for which the reason for revocation has occurred and destroys the personal information after obtaining approval from the company's personal information protection manager.
②Revocation method: Information in the form of electronic files uses a technical method that does not allow recording to be replayed. Personal information printed on paper is shredded and destroyed.
7. Actions to secure personal information
According to the technical and administrative protective measures of personal information, the company takes technical, administrative, and physical actions necessary to secure safety as follows:
①Technical measures for hacking
In order to prevent personal information leakage or damage caused by hacking or computer viruses, the company installs security programs, periodically updates and checks, installs systems for the areas with restricted access from the outside, and monitors and blocks them technically and physically.
②Encryption of personal information
The user's personal information is encrypted, stored, and managed, so only he or she can know. Important data uses separate security functions such as encrypting files and transmission date or using file locking.
③Restrictions on access to personal information
Through granting, changing, and terminating access authority to database systems that processes the personal information, the government is taking necessary measures to control access to personal information and controlling unauthorized access from the outside using the intrusion prevention system.
④Use of locking information for document security
Documents and auxiliary storage media containing personal information are stored in a secure place with a lock tool.
⑤Controlling the access of unauthorized persons
We set aside physical storage locations where personal information is stored and set up and operate procedures for access control.
⑥Control actions in accordance with internal management plan
The company establishes and implements an internal management plan and regularly conducts employee training.
⑦Other security measures
In addition to the items above, we also implement measures to secure personal information safety based on technical and administrative protective measures.
8. Personal information protection officer
The company is responsible for handling personal information and designates the person in charge of personal information protection as follows to handle complaints and remedy damages by the information subjects involved in the processing of personal information.
Personal Information Protection Officer
Name: Brian Park
Position: Personal information protection officer
9. Information subject and legal representative’s rights and obligations and methods of exercising those rights and obligations
①The information principal can exercise his or her rights to access, correct, delete, and suspend personal information at any time.
②The exercising rights pursuant to paragraph 1 above can be done through the website account information menu, or through the company's personal information protection manager, and the company will take actions without delay.
③The exercising rights under paragraph 1 above can be conducted through an agent, such as a legal representative of the information subject or a person who has been delegated. In this case, you must submit a letter of attorney according to the form No. 11 attached to the enforcement rules of the personal information protection act.
④If the information subject asks for correction or deletion of personal information errors, the company shall not use the personal information or provide it to a third party until correction or deletion is completed.
⑤The exercising rights pursuant to paragraph 1 above may be limited if their personal information is specified in other statutes for collection or preservation.
⑥The "company" may confirm whether the person who exercised the rights under paragraph 1 above is a principal or a legitimate agent.
10. Legal remedy for infringement of rights
The following organizations are separate from the company. If you are not satisfied with the results of the company's own personal information complaints and damage relief, or if you need more assistance, please contact us.
These terms and conditions have been updated on August 1, 2020,
and is effective with the consent of "members".