Updated at Dec 13th, 2022
-
Privacy Policy
We, at Keefit Inc. (hereinafter referred to as the "Company"), have
created this privacy policy (this “Privacy Policy”) because we want
you to know how information you provide to us is used and shared. This
Privacy Policy relates to the information collection and use practices
of Keefit in connection with our Service which is made available to
you through our Website (including mobile web) located at https://keefit.com, our App and our Platform (which may be
accessed via the Website or App).
The Company complies with relevant laws, such as the Act on Promotion
of Information and Communication Network Utilization and Information
Protection, Personal Information Protection Act, and personal
information protection regulations and guidelines that information and
communication service providers must comply with. This Privacy Policy
(hereinafter "Personal Information Protection Policy") applies to the
Keefit service (hereinafter "Keefit") operated by the company.
-
I. Purpose of Collecting Personal Information
The company collects the minimal amount of personal information
required for the proper operations and development of the service. The
personal information collected is not used for any purpose other than
the stated purpose (outlined below), and if the purpose of use is
changed or added, we will ask for your consent in advance.
-
1. Verification of the integrity of member information,
strengthening safety and security of information
Membership confirmation, identification/authentication according
to membership service provision, maintenance/management of member
qualifications, identification according to enforcement of limited
identification system, prevention of illegal use of services,
various notices/notifications, complaint handling, record
preservation for dispute settlement, etc. We collect personal
information necessary for this.
-
2. Provision and improvement, personalization and customization of
products and services
We collect personal information necessary for identity
verification, age verification, development of products and
services, provision of products/services and customized services,
provision of content, payment/settlement, and delivery of
purchased goods.
-
3. Provision of other business services such as measurement and
analysis, marketing/advertising
We will collect personal information necessary for statistical
understanding and analysis of service use, such as providing event
and advertising information and participation opportunities,
providing services according to demographic characteristics and
posting advertisements, verifying the validity of services, and
accessing frequency of member participation.
-
4. Social and public interest research and innovation
The company will use the collected personal information when
necessary for research and innovation on topics related to human
health, health, welfare, etc. to better its service.
-
II. Types of Personal Data Collection
The following is a list of the types of personal information the
company collects for its services. The information is collected and
processed during membership registration and service use.
-
1. Information provided by you and other members
- Uploaded information and content
- Information related to network and connectivity
- Information related to your use of services
-
Information related to transactions made within the service
-
Information that others provide about your through activities
within the service
-
2. Information about the device used to access the service
-
Device properties
Information including operating system, hardware and software
version, battery level, signal strength, available storage
space, browser type, app and file names and types, plugins,
etc.
-
Device actions
Information about actions and actions performed on the device,
such as whether the window is in the foreground or background,
and mouse movements (which can help differentiate humans from
bots).
-
Identifiers
Unique identifiers, device IDs and other identifiers. Examples
of other identifiers are identifiers such as apps or accounts
that you use.
-
Device signal
Bluetooth signal and information about nearby Wi-Fi access
points, beacons, and cell towers
-
Device Settings Data
Information that you authorize through your device's settings
so that Keefit can receive it, such as GPS location, access to
cameras or photos.
-
Networks and connections
Carrier or ISP name, language, time zone, mobile phone number,
IP address, connection speed, and sometimes information about
other devices in close proximity or on your network.
-
Cookie Data
Cookie data stored on the device, including cookie ID and
settings. Cookies are small text files that are installed on a
user's computer or mobile device and contain strings that
identify the user's browser or device. We may use technologies
such as cookies, pixels and local storage to provide, protect
and understand our products, services and advertising. The
length of time a cookie remains on your computer or mobile
device depends on whether it is a "persistent" cookie or a
"session" cookie. Session cookies persist on the device only
until the user stops browsing. Persistent cookies remain on
the user's computer or mobile device until the expiration
period or until deleted. The user has the option of installing
cookies, and by setting the option of the web browser, all
cookies can be allowed, confirmation whenever a cookie is
saved, or rejecting the storage of all cookies. However, if
you refuse to install cookies, it may be difficult to use some
services that require login.
-
3. Third Party Disclosures
- Information from websites and apps that use our Services.
-
-
Service Providers
We employ third party companies and individuals to
facilitate our Website ("Service Providers"), to provide
our Website on our behalf, to perform Website-related
services or to assist us in analyzing how our Website is
used. These third-parties have access to your personal
information only to perform these tasks on our behalf and
are obligated not to disclose or use it for any other
purpose.
-
Analytics
Google Analytics is a web analytics service offered by
Google that tracks and reports website traffic. Google
uses the data collected to track and monitor the use of
our Service. This data is shared with other Google
services. Google may use the collected data to
contextualize and personalize the ads of its own
advertising network. You can opt-out of having made your
activity on the Service available to Google Analytics by
installing the Google Analytics opt-out browser add-on.
The add-on prevents the Google Analytics JavaScript
(ga.js, analytics.js, and dc.js) from sharing information
with Google Analytics about visits activity. For more
information on the privacy practices of Google, please
visit the Google Privacy & Terms web page.
-
Information from third-party partners.
We receive information about you and your activities on and
off Keefit from third-party partners, such as information from
a partner when we jointly offer services or from an advertiser
about your experiences or interactions with them. No personal
information collected and retained by Keefit is provided to
any third party without the consent of a user except in the
following cases:
-
(a) Where a data subject specifically consents to provision
of personal information;
- (b) Where special provisions exist in other statutes;
-
(c) Where it is deemed necessary explicitly to protect, from
impending danger, the life, body or economic profits of a
data subject or a third party when the data subject or such
person’s legal representative is incapable of communicating
intention or it is impossible to obtain prior consent due to
unknown addresses, etc.;
-
(d) Where personal information is provided in a manner that
makes it impossible to identify a specific person, as
necessary for compiling statistics, academic research, etc.;
-
(e) Where it is impracticable to perform relevant duties
provided for in other statutes unless personal information
is provided for any purpose other than its original purpose
or is provided to a third party, with the relevant case
having been deliberated on and determined by the Personal
Information Protection Commission;
-
(f) Where it is necessary to provide personal information to
a foreign government or an international organization to
implement treaties or other international agreements;
-
(g) Where it is necessary to investigate a crime and to file
and undergo prosecution;
-
(h) Where it is necessary for a court to proceed with a
trial;
-
(i) Where it is necessary to enforce a sentence, custody or
protective order that has been imposed.
-
(j) When we, at Keefit, provide personal information to a
third party, we will inform the respective person of the
following facts to obtain consent:
-
The name of a person to receive the personal information
(if the recipient is a corporation or organization, the
name thereof) and the contact information;
-
The recipient’s purpose of use of the personal
information and the items of the personal information to
be provided;
-
The duration during which the personal information will
be retained and used by the recipient;
-
The fact that the data subject has a right to refuse
consent and details of the disadvantages due to such
refusal, if any.
-
"Do Not Sell My Personal Information" Notice for California
consumers under California Consumer Privacy Act (CCPA)
Under the CCPA, California consumers have the right to:
-
Request that a business that collects a consumer's personal data
disclose the categories and specific pieces of personal data
that a business has collected about consumers.
-
Request that a business delete any personal data about the
consumer that a business has collected.
-
Request that a business that sells a consumer's personal data,
not sell the consumer's personal data.
If you make a request, we have one month to respond to you. If you
would like to exercise any of these rights, please contact us.
-
III. How we use your information
We use your personal information for a variety of business purposes,
including to:
-
Provide the Services or Requested Information, such as:
- Fulfilling our contract with you;
-
Identifying and communicating with you, including providing
newsletters and marketing materials;
- Managing your information;
-
Processing your payments and otherwise servicing your purchase
orders;
- Responding to questions, comments, and other requests;
-
Providing access to certain areas, functionalities, and features
of our Services; and
- Answering requests for customer or technical support.
-
Serve Administrative and Communication Purposes, such as:
-
Pursuing legitimate interests, such as direct marketing,
research and development (including marketing research), network
and information security, and fraud prevention;
-
Sending communications about new product features, promotions,
Keefit's strategic partners, and other news about Keefit;
-
Measuring interest and engagement in our Services, including
analyzing your usage of the Services;
-
Developing new products and services and improving the Services;
- Ensuring internal quality control and safety;
- Authenticating and verifying individual identities
- Carrying out audits;
-
Communicating with you about your account, activities on our
Services and Privacy Policy changes;
-
Preventing and prosecuting potentially prohibited or illegal
activities;
- Enforcing our agreements;
- Complying with our legal obligations;
-
Marketing of Products and Services:
We may use personal information to tailor and provide you with
content and advertisements. If you have any questions about our
marketing practices or if you would like to opt out of the use of
your personal information for marketing purposes, you may contact
us as set forth below.
-
Consent:
We may use personal information for other purposes that are
clearly disclosed to you at the time you provide personal
information or with your consent.
-
De-identified and Aggregated Information Use:
We may use personal information and other data about you to create
de-identified and/or aggregated information. De-identified and/or
aggregated information is not personal information, and we may use
and disclose such information in a number of ways, including
research, internal analysis, analytics, and any other legally
permissible purposes.
-
Process Information on Behalf of Our Customers:
Our customers may choose to use our Services to process certain
data of their own, which may contain personal information. Such
personal information that is processed by us on behalf of our
customers, and our privacy practices will be governed by the
contracts that we have in place with our customers, not this
Privacy Policy.
If you have any questions or concerns about how such personal
information is handled or would like to exercise your rights, you
should contact the person or entity (i.e., the data controller) who
has contracted with us to use the Service to process this information.
Our customers control the personal information in these cases and
determine the security settings within the account, its access
controls and credentials. We will, however, provide assistance to our
customers to address any concerns you may have, in accordance with the
terms of our contract with them.
-
VI. Collection and retention period of personal information
After achieving the purpose of collecting and using personal
information, the company destroys the information immediately.
However, the data may be retained while sanctioning users in violation
of policies, handling related disputes, or other administrative tasks
to keep the community safe.
-
V. Matters concerning the provision of personal information to third
parties
When a third party's service is connected, the company may provide
personal information to a third party only in cases falling under
Articles 17 and 18 of the Personal Information Protection Act,
including special provisions of the law, after obtaining the user's
consent.
-
VI. Procedure and method of destruction of personal information
Keefit destroys user personal information immediately after the user
has deleted their account the period of retaining personal information
ends or the purposes of processing personal information are attained,
except where it is required to preserve the personal information under
other statutes. The procedures, deadlines and methods for destroying
personal information are as follows:
-
(a) Procedures for destruction: The personal information that a user
provides is destroyed in accordance with our internal policies and
relevant statutes after the retention period of the relevant
information expires or the purposes of processing such information
are attained;
-
(b) Methods for destruction: The personal information recorded and
stored in electronic files will be destroyed by means of low-level
formatting or other similar methods to prevent the recovery of the
records, while personal information recorded and preserved in paper
documents will be destroyed by a shredder.
-
VII. Members' rights and obligations as information subjects, and how
to exercise their rights
Users can exercise the following rights as the subject of personal
information:
-
(1) A data subject may exercise the following rights at any time
in relation to the protection of personal information:
-
(a) The right to request permission to inspect personal
information;
-
(b) The right to request correction of personal information if
there is any error, etc.;
-
(c) The right to request deletion of personal information;
-
(d) The right to request suspension of processing personal
information.
-
(2) A data subject can exercise the rights provided in paragraph (1)
by completing the form specified in attached Form 8 of the
Enforcement Rule of the Personal Information Protection Act and
submitting it to Keefit by post, email or fax. In such cases, the
Keefit Team will take necessary measures promptly.
-
(3) Where a data subject requests the correction or deletion of any
error, etc., to the data subject’s personal information, the
relevant information will not be used or provided until such
information is corrected or deleted.
-
(4) A data subject may exercise the rights provided in paragraph (1)
through an agent, including a legal representative and a power of
attorney. In such cases, the data subject is required to submit a
letter of delegation as specified in attached Form 11 of the
Enforcement Rule of the Personal Information Protection Act.
-
(5) Where a data subject requests permission to inspect one’s
personal information or suspension of processing personal
information, such subject’s rights may be limited in the following
cases under Article 35 (4) or 37 (2) of the Personal Information
Protection Act:
- (a) Where any Act prohibits or restricts such inspection;
-
(b) Where it is likely to harm another person’s health or safety
or to unfairly violates another person’s property or interests;
-
(c) Where it substantially interferes with a public
institution performing any of the following business affairs:
-
Affairs concerning imposing, collecting or refunding taxes;
-
Affairs concerning assessing academic achievements or
selecting new enrollees at schools of each level established
under the Elementary and Secondary Education Act or the
Higher Education Act; lifelong education facilities
established under the Lifelong Education Act; and higher
education facilities established under other Acts;
-
Affairs concerning the testing of academic skills,
aptitudes, skills for employment and examination of
qualifications;
-
Affairs concerning evaluating or determining calculation,
etc. of damages or benefits;
-
Affairs concerning audits and investigations in progress
under any other Act.
-
(6) With respect to a request for correction or deletion of personal
information, a data subject cannot request the deletion of personal
information of such subject if the relevant personal information is
provided for as information subject to collection under any statute.
-
(7) Upon receipt of a request to inspect, correct or delete
personal information or a request to suspend processing of
personal information, Keefit will verify whether the requesting
person is the data subject or a legitimate representative.
-
(a) A written request to inspect personal information [attached
Form 8 of the Enforcement Rule of the Personal Information
Protection Act]
-
(b) A letter of delegation [attached Form 11 of the Enforcement
Rule of the Personal Information Protection Act]
-
VIII. Measures to secure the safety of personal information
In accordance with Article 29 of the Personal Information Protection
Act, the company is taking the following technical, managerial and
physical measures necessary to secure safety:
-
(a) Formulation and implementation of internal management plans:
Keefit formulates and implements internal management plans in
accordance with the guidelines on measures for ensuring the safety
of personal information;
-
(b) Minimizing and educating personnel authorized to process
personal information: The number of personnel authorized to process
personal information is minimized and regular educational programs
are implemented for such personnel;
-
(c) Restrictions on access to personal information: Access to
personal information is controlled by granting, amending or
cancelling the authority to access the database system that
processes personal information. Unauthorized external access is
controlled by operating firewalls for blocking and preventing
invasion and intrusion, while personnel authorized to process
personal information are precluded from accessing the personal
information processing system externally via information and
communications networks. Furthermore, details about granting,
amending or cancelling authority are recorded and such records are
preserved for at least three years;
-
(d) Preserving access logs and preventing forgery and alteration of
access logs: Log data about access to the personal information
processing system (including web logs and summary information) are
retained and managed for at least two years, and access logs are
maintained properly to prevent forgery, alteration, theft and loss;
-
(e) Encryption of personal information: Passwords and identification
numbers for the personal information of each user are encoded for
storage and management. Furthermore, additional means, such as
encrypting essential data for storage and transmission, are used for
security.
-
(f) Technical measures against hacking, etc.: Keefit has installed
security programs and updates and inspects the programs to protect
personal information from being leaked externally or destroyed by
hacking or computer viruses and the systems have been installed in
an area with restricted access to technically and physically monitor
and block external access.
-
(g) Controlling access by unauthorized persons: The area for the
physical storage of the personal information system that retains
personal information is separated from other areas and a procedure
for controlling access to this area is established and implemented.
-
IX. Personal Information Protection Officer
The company is responsible for overall personal information collection
and has designated a personal information protection officer to
support customers who have any inconvenience or damage related to
personal information collection. If you have any questions about this
policy or need assistance, please feel free to contact us at the
contact information below.
Personal Information Protection Officer
Keefit Inc., CEO Andrew Lee
-
If you have anything you’d like to discuss with the Keefit Team,
please feel free to email us at contact@keefit.com. We’d love to hear
your input and will reply as quickly as we can.