The following Privacy Policy has been established and published to protect the personal information of members (hereinafter referred to as "member") using b.stage (hereinafter referred to as "services") offered by bemyfriends Co., Ltd. (hereinafter referred to as "company") and process pertinent concerns smoothly and seamlessly.

 

1. Purpose of collection and utilization of personal information

The Company processes the personal information for the following purposes. Personal information processed is not used other than the purpose specified below, and in case of a change in the specified purpose, we intend to take necessary measures, including obtaining separate consent for such changes in the purpose of utilization.

• Member management : Identifying user and verifying identity, confirmation of the intention to sign up, prevention of the abuse by a delinquent member, processing of customer requests such as complaints, conveyance of notifications, confirmation of the intention to withdraw membership
• Utilization of the Services and calculation of the fees for usage : Provision of contents, payment of service fees, sending invoices and fee collections
• Use in marketing and advertisements : Development of new services and specialization of services, conveyance of promotional information including events, provision of services and exposure to advertisements based on demographic characteristics, obtaining information on access frequency and statistics on a member's use of Services
• Management of Inquiries : Receiving business-related inquiries, such as customer inquiries and partnership proposals, and replying to processing results.
• Other : Service inquiries, verification of service validity, seamless provision of high-quality services and service tutorial contents

 

2. Personal information items collected and method of collection

The Company collects the following types of personal information.

- b.stage Signup

• (Required) Email, password,  name, mobile phone number

- b.stage Service Opening

• Non-business: (Required) Name, date of birth, country

- b.stage Service Inquiry

• bstage.in: (required) Name, company name, email, Phone Number
• support.bstage.in: (required) Name, email, Phone Number

 

Additional personal information may be collected in the process of utilizing an individual service; notice shall be given and the consent of the user shall be obtained at the point of collection hereunder.

Information such as Service usage logs, visitation logs, abusive usage logs, IP addresses, cookies, device information may be generated automatically and collected.

The Company collects personal information through the following means.

• If the user provides consent for the collection of personal information and enters the information in process of membership registration and utilization of services, such information provided directly shall be collected.
• The personal information of a user may be collected through the webpage, e-mail, facsimile, or telephone during consultation via the customer service center.
• The personal information may be provided from external companies or organizations partnered with the Company; in such a case, the personal information is handed to the Company after the partnering company obtains consent on providing the personal information from the user in accordance with the Personal Information Protection Act.
• Information generated such as device information may be automatically generated and collected in the process of utilizing the Services on a PC or mobile web environment.

 

3.  Duration of utilization and retention of personal information and method to destroy the personal information

In principle, the Company shall destroy the provided personal information upon fulfilling the purpose of collection or provision of the personal information thereof without delay. However, if separate consent has been obtained in continuous retention and utilization, or the personal information is required to be retained under applicable law, such personal information shall be securely stored and utilized within the scope of the prescribed purpose.

The duration of retention of personal information by the Company is as follows.

• The Company deletes the personal information without delay when a member deletes their account.
• bstage.in Service Inquiry: 3 years from the date of collection
• support.bstage.in Service Inquiry: 3 years from the date of collection
• For a dormant member who does not have any record of utilizing the services for the past 1 year, the member information shall be stored separately and deleted after 3 years (excluding the representative manager).
• The period of retention has been otherwise specified in the applicable law.

• The Act on the Consumer Protection in Electronic Commerce, etc. : 5 years(Records on contracts and cancellation of subscriptions, Records on payments and supply of the goods, etc.), 3 years(Records on processing customer complaints or disputes), 6 months(Records on labeling and advertisements)
• Framework Act on National Taxes : 5 years(Ledgers on all transactions as prescribed by the Acts on taxation, and their supporting documents)
• Protection of Communications Secrets Act : 3 months(Service visitation records)

 

The Company shall destroy the information in the following methods based on how the information has been stored:

• Information printed on paper: shred with a shredder or incinerate
• Information stored in the form of electronic files: destroy through initializing or repeated overwriting to render the data irrecoverable

 

4. Provision of the personal information to a third party

The Company shall not provide personal information to any external party without the prior consent of a user. However, the personal information may be provided if the user provided the consent on the provision of the personal information to utilize the services from external partner companies; the Company is compelled to submit personal information as required by the applicable law, or imminent danger to the user's life or safety has been identified and provision of personal information is necessary to resolve the situation.

 

5. Entrusting the processing of the personal information

The Company commissions the processing of personal information as follows to ensure smooth personal information processing.

- Subcontractor: Amazon Web Services, Inc. | Description of commissioned duties : Operation and management of cloud servers to provide the Services
- Subcontractor : CJ OliveNetworks Co., Ltd. | Description of the commissioned duties: SMS text message services
- Subcontractor : Sendbird Korea, Inc | Description of the commissioned duties : Provision of technology and support for chatting and sharing services
- Subcontractor : twlab | Description of the commissioned duties : bstage.in development and maintenance
- Subcontractor : CJ Logistics CO., Ltd. | Description of commissioned duties : Delivery of purchased products and prizes

• Subcontractor(Re-consignment) : Lime LS Inc. | Description of commissioned duties : Distribution center operation service
• Subcontractor(Re-consignment) : FEDEX | Description of commissioned duties : Overseas delivery service

The cases of transfer abroad to entrust the handling of personal information are as follows.

- Transfer: bemyfriends Inc.

• Contact the data protection officer : [email protected]
• Country: U.S.A.
• Item of Personal Information transferred: Email, name, mobile phone number, visit record, service use information, inquiry history, purchase history
• Purpose of Transfer: Overseas Customer management and PG service linkage/settlement
• Retention and Use Period: Retained during the service period
• Date and Method of Transfer: Transfer from time to time online during the service provision process

- Transfer: bemyfriends Japan Inc.

• Contact the data protection officer : [email protected]
• Country: Japan
• Item of Personal Information transferred: Email, name, mobile phone number, visit record, service use information, inquiry history, purchase history
• Purpose of Transfer: Overseas Customer management and PG service linkage/settlement
• Retention and Use Period: Retained during the service period
• Date and Method of Transfer: Transfer from time to time online during the service provision process

- Transfer: ZenDesk Inc.

• Contact the data protection officer : [email protected]
• Country: Australia
• Item of Personal Information transferred: email, name
• Purpose of Transfer: To use the service inquiry management system
• Retention and Use Period: Retained for the duration of service use
• Date and Method of Transfer: At support.bstage.in, online at the time of submitting an inquiry.

- Transfer : Sendgrid

• Contact the data protection officer : [email protected]
• Country : USA
• Item of Personal Information transferred : email
• Purpose of Transfer : b.stage service information mailing service
• Retention and Use Period : Data will be retained for one month after the email is sent
• Date and Method of Transfer: Occurs when the notification email is sent

 

When the Company enters a commission contract, the Company is adding explicit provisions on the prohibition of processing the personal information on any other purposes than performing the commissioned duties, technical and managerial measures, restriction on re-subcontracting, and responsibility on control, supervision and compensation for damages in writing for contract documents, etc., and supervising the subcontractor on secure processing of the personal information. 

If the details of commissioned duties or the subcontractor are changed, the Company shall disclose such information through this privacy policy without delay.

 

6. Instructions for members and their legal representatives to exercise their rights and responsibilities

A member may exercise their right of perusal, revision, deletion and request to cease the processing of the personal information at any time.

Such rights may be exercised in writing, through email and other means of communications, and the Company shall process any related request without delay. 

A member may exercise their rights through an agent, such as a legal representative or a delegated person. In such a case, the letter of attorney is required. 

The request to review, or cease the processing of personal information may result in the restriction on the privileges as a member, in accordance with relevant Act. 

For the request to amend or remove the personal information, the removal shall not be requested if other applicable laws require the item of personal information to be collected.

The Company shall verify the person who tends the request to review, amendment, removal, or cessation of processing of the personal information is the requester themselves, or with a valid power of attorney.

 

7. Measures to secure the safety of the personal information

The company is exercising the following measures to ensure the safety of personal information. 

• Managerial measures: Establish and implement internal management plans, regular education sessions for employees, etc.
• Technical measures: Control the authority to access the system to process personal information, install an access control system, encryption of unique identifying information, and install security programs
• Physical measures: Control the access to computer rooms, offices, and document storage rooms, etc.

 

8. Matters regarding installation and operation of the device to collect the personal information automatically and refusals

The Company uses "Cookie," that stores and frequently retrieves usage information in order to provide personalized services to a member. The Cookie is a minuscule piece of information that the server used to operate the website transmits to the browser of the user's computer, and may be stored in the computer hard disk of the user.

The Cookie is utilized to provide optimal sets of information through identifying visitation and usage habits for the websites and services the user has accessed, top searches, use of the secured connection, etc.

A user has an option to opt-in or opt-out of installing the Cookie. Therefore, a member may configure to allow all Cookies or provide confirmation for each instance the Cookie is stored, or reject to save any Cookie, through web browser settings. 

Instruction to configure Cookie installation preferences and how to refuse the Cookie installation is presented below.

• How to configure the Cookie preferences on Internet Explorer View
• How to configure the Cookie preferences on Safari View
• How to configure the Cookie preferences on FireFox View
• How to configure the Cookie preferences on Chrome Browser View.

If the installation of Cookie is refused, difficulties may arise in utilizing personalized services.

 

9. The staff in charge of protection of the personal information

The Company is designating the staff in charge of protection of the personal information in the following to oversee the affairs on personal information processing, and respond to the complaints of the members and provide remedies for the infringement of a member's rights pertaining to the personal information processing.

- The staff in charge of protection of the personal information

• Name: UNGJEONG KIM
• Position: CPO
• e-mail: [email protected]

- Department responsible for personal information protection

• Name of Department: Information Security Team
• e-mail: [email protected]

 

A user may direct any inquiries on the protection of personal information while using the Services offered by the Company, processing of the complaints and remedies for the infringement of rights to the officer and department responsible for personal information protection. The Company will provide a response to an inquiry of the member without delay.

 

10. Instructions on requesting remedies for the infringement of rights

A member may request a consultation or dispute resolution to Personal Information Dispute Mediation Committee, Korea Internet & Security Agency and Personal Information Infringement Report Center to get remedies for personal information infringement. Please direct the inquiries and reports on personal information infringement to the agencies listed below.

• Personal Information Dispute Mediation Committee (1833-6972, www.kopico.go.kr)
• Personal Information Infringement Report Center (118, privacy.kisa.or.kr)
• Supreme Prosecutors' Office (1301, www.spo.go.kr)
• National Police Agency (182, cyberbureau.police.go.kr)

 

11. Children’s personal Information

The company does not provide services to children under the age of 19 and does not knowingly collect or request personal information from children.

 

12. Revisions to Privacy Policy

• Effective Date:  April 01, 2024
• Our Previous Privacy Policy may be found at the bottom of this policy.

 

Annex

This annex applies respectively to users residing in or having nationality in certain countries. In the event of a conflict between the following additional terms and provisions of the body of this Privacy Policy, the following terms shall control.

 

A. For members residing in the European Economic Community (EEA), the UK or Switzerland

If the member resides in the EEA (European Union and Iceland, Liechtenstein, Norway), the UK or Switzerland, the company transfers the member's personal information to a country outside Europe, such as Korea.

As a company headquartered in Korea, the EU Commission has determined that Korea's Personal Information Protection Act provides adequate protection in accordance with EU standards.

 

B. For members residing in California

The company collects and shares members' personal information described in the above privacy policy for the purpose of providing services, but does not sell personal information.

Members have the right to access and request deletion of personal information collected by the company in accordance with the CCPA. You can check how to access, manage, and delete members' personal information at the b.stage customer center (support.bstage.in) [FAQ -Accounts/Admin].

You have the right to request a list of personal information you have provided to third parties for marketing purposes during the immediately preceding calendar year and the identity of the third parties. To make such a request, please contact us at [email protected]

If you have any questions about our Privacy Policy, please email us at [email protected] or write to:

 

bemyfriends inc.

840 Apollo St., Suite #100 

El Segundo, CA 90245, USA

 

C. For members residing in Japan

With respect to users who use the services of the Company in certain countries or regions, the Company may share personal information between the Group Companies for the purposes listed in ‘1. Collection and Use of Personal Information’.

The Company shall take measures, such as requiring the Group Company that shares personal information to provide for matters relating to confidentiality and data protection, and accordingly establish a system for appropriately managing personal information.

The group companies of the Company and the countries to which personal information of the Company is transferred are as follows:

• bemyfriends Co., Ltd. (Republic of Korea)
• bemyfriends Inc. (U.S.A.)
• bemyfriends Japan Inc. (Japan)

 

If you have any questions about our Privacy Policy, please email us at [email protected] or write to:

 

株式会社bemyfriends Japan

東京都渋谷区神宮前二丁目14番19-303号神宮前214ビル