The following content is a simple translation of the Korean Privacy Policy using OpenAI. In the event of any discrepancies between the translated version and the original Korean document, the Korean version shall take precedence.
Privacy Policy and Consent to Collection and Use of Personal Information
Works & People Co., Ltd. (hereinafter referred to as “the Company”) is committed to protecting the personal information of its members. To this end, the Company complies with relevant laws and regulations regarding personal information, such as the "Act on Promotion of Information and Communications Network Utilization and Information Protection" and the "Personal Information Protection Act."
This privacy policy includes the following contents:
1. Items of Personal Information Collected
The Company collects information such as name, email, age, gender, service usage history, payment and refund records, date of birth, mobile number, and areas of interest. During the use of the service, information such as visit date, usage history, device information, access logs, and IP address may be automatically generated and collected. The Company collects personal information with user consent only to the minimum extent necessary for service provision and uses the collected data solely for the purposes disclosed.
Required Information
Type | Context | Items Collected |
Common | Upon registration | Email (ID), Password |
Common | During service use | User ID, IP Address, Cookies, Visit Date, Usage History, Misuse Records, Device Info, ADID, IDFA |
Common | During dispute resolution or customer service | Inquiry records, chat logs, service usage records, payment and refund records |
Member | Upon registration | Name, Mobile number, Date of birth, Gender, CI (unique identification info), Foreigner status |
Member | When purchasing services | Credit card info, Bank account info, Payment records |
Member | When using mobile | WorksD app version, OS version (iOS, Android), Location info (used without storing) |
Partner Member | Upon registration | Partner name, Business name, Business registration number, ID, Contact person name, Contact person number, Business address |
Partner Member | For settlement | Bank name, Account holder, Account number |
Optional Information
Type | Context | Items Collected |
Common | For marketing, promotions, notifications | Email address, Mobile number |
2. Purpose of Collection and Use of Personal Information
Personal information is used for user identification and verification, registration confirmation, prevention of duplicate sign-ups, age verification, legal guardian consent, contract fulfillment and management, delivery notifications, payments and refunds, statistical analysis, purchase pattern analysis, service improvement, handling of inquiries, investigations into misuse, notifications, billing, legal compliance, promotional events, personalized services, event information, marketing, and other notifications regarding the Company's and its affiliates' products/services.
3. Method of Collecting Personal Information
Personal information is collected through the website, applications, customer service, bulletin boards, event participation, and partnerships. Users may indicate consent to the collection of their personal data by clicking the “Agree” button on the provided consent form.
4. Retention and Usage Period of Personal Information
Unless otherwise specified by law or agreed upon separately, personal data will be retained and used only for the duration of service use or until the stated purpose is achieved. Some data may be retained for the period required by relevant laws:
Data | Retention Period | Legal Basis |
Contract/withdrawal records | 5 years | E-Commerce Act |
Payment/supply records | 5 years | E-Commerce Act |
Tax-related information | 5 years | Income Tax Act |
Electronic transaction records | 5 years | Electronic Financial Transactions Act |
Dispute/complaint records | 3 years | E-Commerce Act |
Location information log | 6 months | Location Information Act |
Website/app visit history | 3 months | Communications Privacy Protection Act |
5. Provision of Personal Information to Third Parties
The Company provides only the minimum necessary personal information to third parties to fulfill contracts. In cases where personal information must be provided to a third party, the Company will notify the user in advance and obtain consent. However, the following cases are exceptions:
•
a. When required for payment settlement related to service provision
•
b. When required by law
•
c. When requested by investigative agencies following legal procedures
When a transaction is made via services provided by the Company, necessary information may be shared between the parties to facilitate communication, delivery, and service execution.
Recipient | Items Provided | Purpose of Use | Retention Period |
Partner | Name, gender, age, contact info, and other data entered per class requirements | Identity verification, class preparation and execution, handling inquiries, product/service provision, refunds, customer service | 6 months after service is completed |
Member | Partner name, representative’s name, contact info, address, and other entered data | Identity verification, class preparation and execution, handling inquiries, product/service provision, refunds, customer service | 6 months after service is completed |
6. Consignment of Personal Information Processing
To improve its services, the Company consigns certain personal information processing tasks to third-party service providers. These contractors are obligated by law and contract to handle information securely. Details of entrusted companies and tasks are as follows:
Contractor | Entrusted Task | Retention Period |
KoreaPortOne Co., Ltd. | Order processing and electronic payments | Until membership withdrawal or contract termination |
Toss Payments Co., Ltd. | Payment data transmission and processing | Until membership withdrawal or contract termination |
NICE Payments Co., Ltd. | Payment data transmission and processing | Until membership withdrawal or contract termination |
Danal Co., Ltd. | Identity verification | Until membership withdrawal or contract termination |
Channel Corporation | Customer service and support | Until membership withdrawal or contract termination |
Amazon Web Services | Data storage and infrastructure management | Until membership withdrawal or contract termination |
Naver Corporation | SMS/MMS text messaging | Until membership withdrawal or contract termination |
Biztalk Co., Ltd. | KakaoTalk notifications and messages | Until membership withdrawal or contract termination |
Barobill | Issuance of electronic tax invoices | Until membership withdrawal or contract termination |
WorksD Partner Members | Communication and support for product/service delivery | Until membership withdrawal or contract termination |
7. Rights of Users
The Company protects the following rights of users (or legal guardians if the user is under 14):
•
a. Users may view or correct their personal information at any time.
•
b. Users may request to suspend processing of their personal data unless restricted by law.
•
c. Users may withdraw consent to the collection and use of their data at any time by withdrawing from membership.
•
d. If correction is requested, the Company will not use or provide the data until corrections are complete.
8. Destruction of Personal Information
In principle, the Company deletes personal data immediately upon membership withdrawal.
However, data retained for specific legal reasons or based on separate user consent will be securely stored for the required period.
Upon expiration of the retention period or completion of the intended purpose, data is destroyed using irreversible methods:
•
Electronic files: Secure deletion using technical means
•
Paper documents: Shredding or incineration
9. Technical and Administrative Measures to Protect Personal Information
The Company employs the following technical and administrative measures to prevent personal data leakage, loss, theft, hacking, and other threats:
•
a. Password protection, encryption of important files and data
•
b. Regular updates of antivirus software
•
c. Secure transmission of personal data using encryption technology
•
d. Firewalls and intrusion detection systems to prevent unauthorized access
•
e. Limiting access to personal information to authorized staff only, with regular security training and audits
10. Use of Cookies and Rejection Policy
The Company uses cookies and other automatic collection tools to improve user experience. A cookie is a small text file stored on the user’s device.
•
a. Purpose of cookies
To identify login status, track user behavior, and offer personalized services.
•
b. Cookie settings
Users can manage cookie preferences in their browser or app settings to allow all, prompt for consent, or block all cookies.
11. Personal Information Protection Officer
The Company has designated the following personnel to be responsible for personal information protection.
Personal Information Protection Officer
Name | Jongryeol Seo |
Department | Service Development Team |
Position | CEO |
Email | |
Contact | 010-8479-3302 |
Personal Information Inquiry Department
For any concerns or inquiries regarding personal information, you may also contact the following agencies:
Organization | Contact | Email | Website |
Privacy Infringement Center | 118 (no area code) | ||
Personal Information Dispute Mediation Committee | 1833-6972 | ||
Supreme Prosecutors’ Office – Cybercrime | 1301 (no area code) | ||
Cyber Safety Bureau – National Police Agency | 182 (no area code) |
12. Exclusion of Privacy Policy Application
The Company may provide links to other websites or resources. The Company has no control over third-party websites and is not responsible for their data collection. Users should check the privacy policies of such external websites independently.
13. Effective Date
This privacy policy is effective from March 1, 2023.