ViewChat Privacy Policy

BC Innovation (hereinafter referred to as the "Company") adheres to regulations related to personal information protection as stipulated by laws including the Telecommunications Privacy Act, Telecommunications Business Act, Act on Promotion of Information and Communications Network Utilization and Information Protection, and the Personal Information Protection Act. The Company is committed to protecting user rights by establishing a personal information processing policy in accordance with these laws. The Company's personal information processing policy encompasses the following contents. The Company's policy may be amended based on changes in laws, notifications, or the Company's terms and internal policies. Should there be revisions to the policy, the Company will notify users by posting the changes on the service screen or by informing users directly. Users have the right to refuse consent regarding the collection, use, provision, and delegation of personal information as outlined below. However, users are informed that if they refuse consent, they may not be able to use all or part of the services provided by the Company.

1. Personal information to be collected and method of collection

1.1. The Company collects the following personal information for member registration, customer consultation, and the provision of various services.

1.1.1. Name, ID, Password, Korean ID (Nickname), E-mail, Mobile carrier, Mobile number, Phone number, Postal code, Address, Marital status, Occupation, Personal information disclosure preference, E-mail receipt preference, SMS receipt preference, Gender, Age, Workplace (or School) name.
1.1.2. For users under the age of 14, if the legal guardian agrees to the service use: legal guardian's social security number, name, address, and email address.
1.1.3. (For mobile phone payments) Mobile phone number, social security number, payment approval number, etc.
1.1.4. (For bank transfers) Bank name, account number, account password, etc.
1.1.5. (For coupon registration) Coupon information, etc.
1.1.6. (For logging in through Naver, Kakao) Email, phone number, gender, date of birth.
1.1.7. Information related to user content: The company can process photos, videos, audio, and text (referred to as “user content”) that users upload or create. The company uses this information for special effects and content review. The company collects information about how users use the service, such as how users participate in the service. The company promotes user content to other users and processes information related to users' relationships with other users, including blocking and favoriting. When users use the service, the company generates and stores log data including the type of user device, IP address, OS type, browser information, and certain electronic IDs automatically provided by the user device, such as cookies, advertising partner information, and mobile application IDs. This information is used to prevent unauthorized or fraudulent service use (or abuse) and to provide a service optimized for the user's device. Advertising identifiers might be linked with the user's account through the company's internal ID (a random unique value).
1.1.8. Optional and other information: The service may request the 'location information service activation' feature for video shooting and uploading but does not receive or use location information.Registration information. ID, username or nickname, email address, telephone number, password, address, date of birth, sex, identification information of overlapped membership (DI), encoded identification information (CI), Equipment identifier, operation system, hardware version, equipment set-up, and so on.

1.2. Besides of information directly provided by the users, the Company may collect information in the course that the users use the service provided by the Company.

1.2.1. User's browser type and OS
1.2.2. Service usage records, access logs, cookies, access IP information, payment records, and records of improper usage
1.2.3. Website address

1.3. The Company collects the information of users in a way of the followings:

Webpage, written form, fax, telephone calling, e-mailing, tools for collection of created information, provided by partner companies.

2. Purpose of Collection and Use of Personal Information

2.1. The Company processes the collected personal information for the following purposes. Personal information collected, used, and processed by the company will not be used for purposes other than those listed below. If the purpose of use changes, necessary measures such as obtaining separate consent according to Article 18 of the "Personal Information Protection Act" will be taken.

2.1.1. Service provision and billing for the provided service: Content provision, delivery of goods or sending invoices, identity verification, purchase and payment, fee collection, payment of fees and amounts.
2.1.2. Member management: Use of membership services and identity verification under the restricted identification system, personal identification, prevention of unfair use by malicious members and prevention of unauthorized use, confirmation of intention to join, age verification, record preservation for dispute resolution, handling complaints and other grievances, notification delivery.
2.1.3. Development of new services and marketing, advertising: Development of new services and provision of customized services, provision of services and advertisement placement based on statistical characteristics, confirmation of service validity, provision of event and advertising information, access frequency identification, statistics on members' use of the service, delivery of event and other advertising information.
2.1.4. Affiliated services: For the activation of the service, the company can share information such as user ID, nickname, talk content, comments, and replies with third parties providing affiliated services to the company through a lawful procedure.
2.1.5. Execution of tasks related to providing information on tangible and intangible products linked with The Company, and offering additional services, within the minimum necessary scope of information utilization.

2.2. For users who use additional services beyond the common features of the service, the company may provide a separate personal information processing policy or an appendix to the personal information processing policy for the additional services.

3. The Period for retaining and using personal information

3.1. As a principle, the personal information of the user is destroyed without delay once the purpose of collecting and using the personal information is achieved. However, for the following information, it is preserved for a specified period due to the reasons mentioned below.

3.1.1. Reasons for retaining information according to related laws: When there is a need to retain information in accordance with provisions of related laws, such as the Commercial Act and the Act on the Consumer Protection in Electronic Commerce, The Company retains the member information for a specified period as stipulated by related laws. In this case, The Company uses the retained information solely for the purpose of retention, and the reasons and periods of retention are as follows:

3.1.1.1. Record of contract or withdrawal of offers
- Reason for retention: Act on the Consumer Protection in Electronic Commerce
- Retention period: 5 years

3.1.1.2. Record of payment and supply of goods, etc.
- Reason for retention: Act on the Consumer Protection in Electronic Commerce
- Retention period: 5 years

3.1.1.3. Record of consumer complaints or dispute resolution
- Reason for retention: Act on the Consumer Protection in Electronic Commerce
- Retention period: 3 years

3.1.1.4. Log record-related retention access record
- Reason for retention: Protection of Communications Secrets Act
- Retention period: 3 months

3.1.1.5. Record related to electronic financial transactions
- Reason for retention: Electronic Financial Transactions Act
- Retention period: 5 years

3.2. Membership registration for children under the age of 14 requires the explicit consent of their legal guardian. To obtain this consent, the Company may collect a minimal amount of personal information from the child, such as the legal guardian's name and contact details.

4. The Destruction of personal information

4.1. The Company shall destroy personal information without delay when the personal information becomes unnecessary owing to the expiry of the retention period, attainment of the purpose of the collection, etc.
4.2. Notwithstanding the previous clause, if there is a requirement under other laws to retain personal information, such personal information (or personal information files) will be transferred to a separate database (DB) or stored in a different location for preservation.
4.3. The Company shall destroy personal information by any of the following methods:

4.3.1. Personal information in electronic files shall be permanently deleted so that it cannot be restored.
4.3.2. Other records, printouts, paper documents, and media containing personal information, other than those referred to in subparagraph 1, shall be shredded or incinerated.
4.3.3. The information entered by the user for purposes such as membership registration will be transferred to a separate database (or stored in a separate document folder if in paper form). Following internal policies and other relevant data protection laws (please refer to the retention and use period), this information will be stored for a specified period and then destroyed.

5. Provision of personal information with a third party

The Company, in principle, processes the personal information of the data subject within the range specified for the purpose of collection and use. Except for the cases listed below, the information will not be processed beyond the original purpose or provided to a third party without the prior consent of the data subject:

5.1.1. When separate consent has been obtained from the data subject.
5.1.2. When there is a special provision in another law or it is inevitable to comply with legal obligations.
5.1.3. In cases where the data subject or their legal representative is in a state where they cannot express their intentions, such as being untraceable, and it is clearly recognized that it is necessary for the urgent benefit of the data subject or a third party's life, body, or property.
5.1.4. If it is not possible to perform the jurisdictional duties stipulated in other laws unless personal information is used for purposes other than its original purpose or provided to a third party, and it has gone through the deliberation and resolution of the Personal Information Protection Committee according to the "Personal Information Protection Act" Article 7.
5.1.5. When it is necessary to provide it to a foreign government or international organization for the implementation of treaties and other international agreements.
5.1.6. When necessary for the investigation and prosecution of crimes.
5.1.7. When necessary for the performance of judicial duties by a court.
5.1.8. When necessary for the execution of punishment, parole, and protective measures.

6. Entrustment of Personal Information

For efficient personal information operational processing and service enhancement, the Company may entrust personal information processing to third parties. In such cases, the Company must announce the personal information entrustment processing institution and the content of the entrusted tasks. Matters concerning the entrustment of personal information processing as executed under this privacy policy are as follows:

Trustee Company:

Content of Entrusted Tasks: Member information management, collection, use, and other processing tasks for the development and operation of the service.

7. The rights of users and their legal representatives

7.1. The data subject and the legal representative can, at any time, inquire, modify, view, correct, delete, request the suspension of processing their own or the respective minor under 14 years old's personal information, and can also request membership withdrawal.
7.2. For the individual data subject or a child under the age of 14 to inquire or modify their personal information, they can click on "Edit Personal Information" (or similar options like "Edit Member Information"), and after undergoing an identity verification process, they can directly view, modify, or withdraw their membership.
7.3. To exercise the rights mentioned above, the data subject can contact the Company's Personal Information Management Officer via written form, telephone, or email.
7.4. If a data subject requests correction due to an error in their personal information, the Company will not use or provide the relevant personal information until the correction is completed. If incorrect personal information has already been provided to a third party, the Company will promptly notify the third party of the correction results, ensuring that the necessary corrections are made.
7.5. Personal information deleted or corrected at the request of the data subject or legal guardian will be handled according to Article 3 of this policy. This information will be managed so that it cannot be viewed or used for any other purpose.
7.6. For users claiming identity theft, they can utilize identity verification services offered by the electronic government through their National Identification Card or services from the police agency using their Driver's License.

8. Cookies and similar technologies

8.1. The Company may collect collective and impersonal information through cookies or similar technologies. Cookies are very small text files to be sent to the browser of the users by the server used for operation of the websites of the Company and will be stored in hard disks of the users’ computer.
8.2. The users have an option for cookie installation. So, they may either allow all cookies by setting option in web browser, make each cookie checked whenever it is saved, or refuses all cookies to be saved: Provided that, if the user rejects the installation of cookies, it may be difficult for that user to use the parts of services provided by the Company.
8.3. The purpose of using cookies and their management are as follows:

8.3.1. Purpose of Using Cookies: The Company uses cookies to analyze the services used by users and their usage patterns, and to provide member-exclusive services.
8.3.2. Installation/Management and Refusal of Cookies: Users have the option to decide on the installation of cookies. Therefore, users can choose in their web browser settings to accept all cookies, confirm every time a cookie is saved, or refuse all cookies.

8.4. The method to refuse cookie settings allows users, through their web browser options, to either accept all cookies, confirm every time a cookie is saved, or refuse the saving of all cookies. However, if users refuse to save cookies, they might encounter difficulties when trying to use some of the Company's services that require logging in.

(Method of Setting: Go to the web browser's top menu > Tools > Internet Options > Privacy (in the case of Internet Explorer))

9. Personal Information Protection and Management Officer

9.1. The Company has designated a personal information management officer and a responsible person to gather opinions and handle complaints about personal information. Their contact details are as follows:

Personal Information Protection and Management Officer
Name: Ji Nam-ho
Email: contact@bcinnovation.co.kr

9.2. Users can report all personal information protection-related complaints arising from the use of The Company's service to the personal information management officer or the designated department.
9.3. The Company will provide a prompt and sufficient response to the users' reports.
9.4. If you need to report or consult about personal information breaches, please contact the following institutions:

Personal Data Breach Report Center (privacy.kisa.or.kr / Call 118)
The Supreme Prosecutors' Office Cyber Investigation Division (www.spo.go.kr / Call 1301)
National Police Agency Cyber Safety Bureau (cyberbureau.police.go.kr / Call 182)

10. The Safeguard of the personal information

10.1. The Company takes the following measures to protect personal information:

10.1.1. Technical Measures:

- The Company securely protects users' personal information in accordance with relevant legal regulations and internal policies through security features.
- The Company uses antivirus software to prevent damage from computer viruses. This antivirus software is regularly updated, and in the event of a sudden virus outbreak, the software is immediately updated to prevent personal information breaches.
- The Company encrypts and manages users' passwords and has adopted security devices to securely transmit personal information over the network.
- The Company uses devices to block external intrusions, such as hacking, to prevent users' personal information from being leaked. It monitors for intrusions 24 hours a day, 365 days a year.

10.1.2. Administrative Measures:

- The Company limits access to users' personal information to a minimum number of personnel. Those who have such access include:
- Individuals who directly engage with users for marketing, events, customer support, and service operations.
- Personal information management officers and those who perform personal information management tasks.
- Others for whom handling personal information is inevitable for their duties.

10.2. The department dedicated to personal information protection in The Company checks the compliance with the personal information processing policy and internal regulations. If any issues are identified, immediate corrective measures are taken.
10.3. The Company is not responsible for any issues arising from the user's negligence or internet-related problems that result in the leakage of personal information, such as names and passwords.

11. Notification

When The Company revises its personal information processing policy, it will announce the changes on the website's announcement section 7 days in advance.

12. Miscellaneous

12.1. If The Company modifies this personal information processing policy, the reasons for the changes and the implementation date will be specified. The revised policy will be announced on the service screen from 10 days prior to the implementation date, alongside the current policy. However, if there are significant changes affecting the rights or obligations of users, notification will be provided at least 30 days in advance.
12.2. Even if The Company notifies users of the changes according to paragraph 1 and states that not expressing refusal by the date of implementation will be regarded as acceptance, if a user does not explicitly express refusal, it is considered that the user has agreed to the changes.
12.3. Despite paragraph 2, if The Company collects additional personal information from users or provides it to third parties, a separate consent process will be conducted with the user.

Update Date : October 19, 2019
Enforcement Date : October 1, 2023.