DosirakTalk Privacy Policy
General Provisions
Wide Mobile Co., Ltd. (hereinafter referred to as the "Company") complies with the Personal Information Protection Act and relevant laws to protect the rights and freedoms of data subjects, lawfully process personal information, and manage it safely. In accordance with Article 30 of the Personal Information Protection Act, this Privacy Policy is established and disclosed to inform data subjects of the procedures and standards related to the processing and protection of personal information and to handle related complaints quickly and smoothly.
Table of Contents
Chapter 1: Items of Personal Information Collected
Chapter 2: Purpose of Collection and Use of Personal Information
Chapter 3: Retention and Use Period of Personal Information
Chapter 4: Provision of Personal Information to Third Parties
Chapter 5: Entrustment of Personal Information Processing
Chapter 6: Transfer of Personal Information Overseas
Chapter 7: Procedures and Methods for Destroying Personal Information
Chapter 8: Measures for the Disposal of Personal Information of Inactive Users
Chapter 9: Rights and Obligations of Data Subjects and Legal Representatives, and How to Exercise Them
Chapter 10: Installation, Operation, and Rejection of Automatic Personal Information Collection Devices
Chapter 11: Matters Concerning the Collection, Use, and Rejection of Behavioral Information
1
Chapter 12: Measures to Ensure the Security of Personal Information
Chapter 13: Personal Information Protection Officer and Contact Information
Chapter 14: Duty to Notify
Chapter 1. Items of Personal Information Collected
In accordance with the Personal Information Protection Act, the Company collects and uses personal information only to the minimum extent necessary for providing its services. This is done with the consent of the data subject under Article 15(1)(1) and Article 22(1)(7) of the Act.
1) Items of personal information collected
|
Category
|
Collected Items
|
|
Mobile phone verification
|
[Required] Name, mobile phone number, carrier information, IMEI information
|
|
Membership registration
|
[Required] ID (email), password
|
|
International calls
|
[Required] Call points, call history
|
|
Point purchase
|
[Required] Name, mobile phone number, email
[Optional] Recipient name, recipient mobile phone number
|
|
Customer inquiry (non-member)
|
[Required] Email
|
2) Information automatically generated and collected during service use or processing
- Access logs, cookies, IP address, service usage and suspension history, (when using a mobile device) device identifier, OS information, advertising ID, mobile carrier, and push notification settings
Chapter 2. Purpose of Collection and Use of Personal Information
The Company does not use the collected personal information for purposes other than those stated below. If the purpose of use changes, necessary measures will be taken, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection Act.
|
Category
|
Purpose of Use
|
|
Member Management
|
- Identity verification and personal identification for membership services
- Prevention of misuse by delinquent members and unauthorized use
- Verification of minors
- Customer support, complaint handling, and record retention for dispute resolution
- Delivery of important notifications
|
|
Fulfillment of Contract and Payment
|
- Payment for services and additional services
- Content provision, event/winner notification, and product delivery
- Identity verification for financial transactions and related services
- Issuance of bills, payment processing, and refunds
|
|
New Service Development and Marketing
|
- Providing optimized services for customers
- Data utilization and marketing for personalized services
- Analysis of website traffic
- Statistical analysis on service usage
- Introduction of new products or services
- Planning of web services and events aligned with customer interests
- Promotions, events, advertising materials, and member engagement
- Customer surveys
|
Chapter 3. Provision of Personal Information to Third Parties
The Company promptly destroys personal information once the purpose of collection and use is achieved. However, if there is a need to retain the information as required by relevant laws, it will be stored for the period specified by such laws.
|
Category
|
Relevant Law
|
Retention Period
|
|
Records of misuse
|
Company internal policy
|
1 year
|
|
Records related to display and advertisement
|
Act on the Consumer Protection in Electronic Commerce
|
6 months
|
|
Records on contracts or withdrawal of subscription
|
5 years
|
|
Records on payment and supply of goods
|
|
Records on consumer complaints and dispute handling
|
3 years
|
|
Records of visits (telecommunications confirmation data)
|
Protection of Communications Secrets Act
|
3 months
|
Chapter 4. Provision of Personal Information to Third Parties
The Company uses users’ personal information only for the purposes stated in Article 1 (Purpose of Personal Information Processing), and does not use or provide it to third parties beyond the agreed scope. However, in accordance with Article 17 of the Personal Information Protection Act, personal information may be provided to third parties in the following cases:
1) When required by specific provisions of the law or to comply with legal obligations
2) When the data subject or legal representative cannot express their intent or consent cannot be obtained in advance due to unknown address, etc., and it is deemed necessary for the urgent benefit of life, body, or property of the data subject or a third party
3) When necessary for billing for telecommunications services
4) When providing personal information without the data subject’s consent as prescribed by Presidential Decree, considering whether it is reasonably related to the original collection purpose, whether it may disadvantage the data subject, and whether safety measures such as encryption have been taken
In accordance with the "Guidelines for Handling and Protecting Personal Information in Emergencies" jointly announced by government ministries, personal information may be processed in emergencies such as disasters, infectious diseases, incidents or accidents that pose urgent threats to life and body, or critical property loss.
(For details, please click here.)
Chapter 5. Outsourcing of Personal Information Processing
1) The Company outsources the following personal information processing tasks to ensure smooth operations.
|
Consigned Company
|
Outsourced Task
|
Retention and Use Period
|
|
LG CNS Co., Ltd.
|
Notification Talk and SMS sending
|
Until the end of the outsourcing contract
|
|
Infobank Co., Ltd.
|
SMS sending
|
|
NHN KCP Corp.
|
Mobile phone identity verification
|
|
Korea Information & Communications Co., Ltd.
|
Product payment (credit card)
|
|
Softbay
|
Provision of voice call function based on data
|
|
Daesung Global Network Co., Ltd.
|
Customer consultation
|
|
The White Communication Co., Ltd.
|
Message delivery via Kakao Consultation Talk service
|
2) When signing an outsourcing contract, the Company specifies in the contract or equivalent documents matters regarding prohibition of processing personal information for purposes other than performing the entrusted work, technical and managerial protection measures, restrictions on re-consignment, management and supervision of the consignee, and liability for damages in accordance with Article 26 of the Personal Information Protection Act, and supervises the secure processing of personal information by the consignee.
3) If the content of the outsourced work or the consignee changes, such changes will be promptly disclosed through this privacy policy.
Chapter 6. Transfer of Personal Information Overseas
1) The Company transfers and entrusts personal information collected from users overseas as follows.
|
Legal Basis
|
Transferred Items
|
Country
|
Timing & Method
|
Recipient
|
Purpose
|
Retention & Usage Period
|
|
Article 28-8(1)3 of the Personal Information Protection Act (Entrustment & Storage for Contract Fulfillment)
|
Name, mobile phone number, telecom provider info, IMEI, call points, call history
|
Japan
|
Transmitted via network at the time of service use
|
Softbay
(+81-3-3667-6661)
|
Provision of data-based voice call function
|
Until user account deletion
|
If you do not agree to the overseas transfer, you will not be able to use the service. If you do not wish to proceed with the overseas transfer, you may delete your account via the DosirakTalk mobile app or request account deletion by contacting customer service ([email protected]).
Chapter 7. Destruction of Personal Information
1) When the retention period has expired or the processing purpose has been fulfilled, and the information is no longer needed, the Company will promptly destroy the relevant personal information.
2) If personal information must continue to be retained according to other legal requirements even after the retention period or processing purpose has been fulfilled, such data will be stored separately in a different database (DB) or location.
3) Destruction Procedure
- The Company selects the personal information to be destroyed and destroys it after receiving approval from the Personal Information Protection Officer.
4) Destruction Method
- Paper documents: Shredding or incineration
- Electronic files: Permanently deleted using irreversible technical methods
Chapter 8. Measures for Non-Users’ Personal Information
1) For users who have not used the service for 1 year, the Company converts the account to inactive status and stores personal information separately.
2) The Company notifies the user at least 30 days in advance via email or SMS that the account will become inactive and the personal information will be stored separately.
3) If you do not wish your account to become inactive, simply log in before the scheduled date. If the account has already become inactive, logging in again will restore the account with your consent, allowing normal service use.
Chapter 9. Rights of Data Subjects and Legal Representatives
1) Data subjects may exercise their rights to request access, correction, deletion, or suspension of processing of their personal information at any time.
※ For children under 14 years of age, such rights must be exercised by their legal guardian. For minors aged 14 and above, they may exercise their rights personally or through a guardian.
2) You may exercise your rights by submitting a request in writing, via email, or fax, in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act. The Company will respond without delay.
3) These rights may also be exercised through a legal representative or an authorized agent. In such cases, a power of attorney in the format specified in Form No. 11 of the Notice on Personal Information Processing Method (2020-7) must be submitted.
4) Requests for access or processing suspension may be restricted under Article 35(4) and Article 37(2) of the Personal Information Protection Act.
5) Requests for correction or deletion may not be accepted if the data must be retained by law.
6) The Company verifies the identity of the requester (or their agent) when processing requests for access, correction, deletion, or processing suspension.
Chapter 10. Installation and Operation of Automatic Data Collection Devices and Opt-Out Options
The Company operates "cookies" and "sessions" to store and retrieve users' information from time to time.
A "cookie" is a very small text file that a server used to operate the Company's website sends to a user's browser and is stored on the user's computer hard drive.
In relation to cookie operation, the Company may identify the user’s computer but does not personally identify the user.
A "session" refers to the process by which a server used to operate the website stores user information on the server during the login period.
The Company uses cookies and sessions for the following purposes:
A. Purpose of Using Cookies and Sessions
The Company uses "sessions" to store and retrieve users' information from time to time in order to provide specialized, customized services.
Users have the option to allow or refuse the installation of cookies. Accordingly, users can allow all cookies, choose to confirm each time a cookie is stored, or refuse all cookies by setting options in the web browser.
B. How to Refuse Cookie Settings
Example: To refuse cookie settings
For example, in Internet Explorer: Go to Tools > Internet Options > Privacy > Settings to adjust options.
Note: Refusing cookie installation may lead to difficulties in service provision.
Chapter 11. Collection, Use, and Refusal of Behavioral Information
The Company collects and uses behavioral information during service use in order to provide optimized customized services, benefits, and online targeted advertising.
1) Behavioral information collected via automatic tools by third parties is as follows:
|
Tool Name
|
Collector
|
Tool Type
|
Collected Behavioral Data
|
Purpose
|
|
Google Tag Manager
|
Google
|
Analytics Cookie
|
Page info, device info, user events, custom event data, e-commerce data, cookie data
|
Statistics
|
|
Naver Log Analysis
|
Naver
|
Analytics Cookie
|
User info, visit info, event info, e-commerce info
|
Statistics
|
2) The Company only collects the minimum amount of behavioral information required for online targeted advertising and does not collect any sensitive behavioral information that may clearly infringe upon the user’s rights, interests, or privacy, such as beliefs, family or relative relationships, education, medical history, or social activities.
3) The Company does not collect behavioral information for targeted advertising from children under 14 or from services primarily used by such children, and does not serve targeted advertising to known users under 14 years of age.
4) The Company collects and uses advertising identifiers from mobile apps for online targeted advertising. Data subjects may block or allow app-based targeted ads by changing the settings on their mobile devices.
▶ How to block/allow advertising identifiers on smartphones
- Android: ① Settings ② Privacy ③ Reset advertising ID or delete advertising ID
- iPhone: ① Settings ② Privacy ③ Tracking ④ Turn off "Allow Apps to Request to Track"
※ The menu or method may vary depending on the mobile OS version.
5) Data subjects may block or allow online targeted ads entirely by changing cookie settings in their web browser. However, changing cookie settings may affect the availability of services such as automatic login.
▶ Blocking/allowing targeted ads via web browser
(1) Internet Explorer (Windows 10)
- Select Tools > Internet Options in Internet Explorer
- Go to the Privacy tab and choose Advanced under Settings, then choose whether to allow or block cookies
(2) Microsoft Edge
- Click the '···' icon at the top right in Edge, then select Settings
- Click "Privacy, search, and services" on the left and select tracking prevention level under the Tracking Prevention section
- Choose whether to always use "Strict" tracking prevention when browsing in InPrivate
- Under "Privacy," choose whether to send Do Not Track requests
(3) Chrome Browser
- Click the '︙' icon (Customize and control Chrome) at the top right, then click Settings
- Click "Advanced" at the bottom of the settings page, then under the "Privacy" section, click Site Settings
- Under Cookies, select the checkbox to "Block third-party cookies and site data"
6) Data subjects may contact the following department for questions regarding behavioral information, to exercise opt-out rights, or to report related concerns.
▶ Personal Information Protection Department
- Department: Creative Strategy Team
- Person in Charge: Eunseon Park
- Phone: 1566-9070
- Email: [email protected]
Chapter 12: Measures to Ensure the Security of Personal Information
The company takes the following technical and managerial measures to ensure the security of personal information and to prevent loss, theft, leakage, alteration, or damage of users’ personal data.
A. Encryption of Personal Information
Users’ personal information (e.g., credit card information) is encrypted and securely stored and managed. Encrypted communication methods (such as SSL) are used to safely transmit personal data over the network.
Passwords are stored and managed using one-way encryption that cannot be decrypted.
B. Countermeasures Against Hacking and Malware
To prevent the leakage or damage of users’ personal data due to hacking or malware, systems are installed in areas restricted from external access.
Up-to-date antivirus programs are used to prevent the leakage or damage of users’ personal information or data, and SSL encryption is utilized to secure network communication.
The company also uses intrusion prevention systems to control unauthorized access from the outside and is committed to implementing all possible technical measures to maintain system security.
C. Minimization and Training of Personnel Handling Personal Information
The number of employees authorized to handle personal data is minimized, and certain external internet services are restricted on work PCs to reduce the risk of data leakage.
Password management policies, including creation and changes of access passwords to databases and systems handling personal data, are enforced. Access rights are strictly managed, and regular audits are conducted.
Regular training and campaigns are conducted for all employees who process personal data to enhance awareness of personal data protection responsibilities and security.
Chapter 13: Personal Information Protection Officer and Department
The company designates the following Personal Information Protection Officer and staff member to protect customers’ personal data and to handle complaints and inquiries related to personal information.
We value your opinions and welcome your inquiries. Please visit our branch, contact our call center, or reach out to the department in charge for prompt and accurate responses.
1) Personal Information Protection Officer
A. Name: Lee Chung-deok
B. Department: Business Innovation Division
C. Position: Executive Director
D. Contact: 1566-9070
E. Email: [email protected]
2) Personal Information Protection Staff
A. Name: Park Eun-sun
B. Department: Creative Strategy Team
C. Position: Team Leader
D. Contact: 1566-9070
E. Email: [email protected]
3) For reports or consultations regarding personal data breaches, please contact the following organizations:
A. Personal Information Infringement Report Center: https://privacy.kisa.or.kr / 118 (no area code)
B. Personal Information Dispute Mediation Committee: https://kopico.go.kr / 1833-6972
C. Cyber Investigation Division, Supreme Prosecutors’ Office: https://www.spo.go.kr / 1301 (no area code)
D. Cyber Safety Bureau, National Police Agency: https://cyberbureau.police.go.kr / 182 (no area code)
Chapter 14: Duty of Notification
If there are any additions, deletions, or modifications to the contents of this Privacy Policy, such changes will be notified in advance via the 'Notices' section at least 7 days before implementation.
However, in cases involving significant changes to user rights, such as changes to the items of collected personal information or purpose of use, a notice will be given at least 30 days in advance, and user consent may be obtained again if necessary.
Initial implementation date of this Privacy Policy: March 26, 2024
Revised implementation date of this Privacy Policy: April 08, 2025