The AIDUSPAY(hereinafter referred to as “the Company”) abides by the related regulation on the protection of private information such as the PERSONAL INFORMATION MANAGEMENT ACT, and strives its best efforts to protect the rights of the service users by implementing relevant personal information processing protocols.
ARTICLE 1 (Collection of Private Information) The Company shall be collecting minimum information only that is needed for the sign up process for the service usage. There will be a prior announcement that such collection shall be made on the private information of service users including the areas of collected information and as well as on the agreement of such collection to each respective user.
1. The private information that is collected by the Company from the service users upon the sign up process is as following.
|Sign up||Email, password, mobile phone number|
2. The private information that is additionally collected by the Company from the service users for the usage of security authentication for exchange services on cryptocurrencies is as following.
|Personal authentication (in a need basis)||Mobile phone number, Pin Code|
a. Following information is generated during the service period and is subject for collection and usage by the Company.
ⅰ. Device information(OS, screen size, machine ID, mobile phone number, UID, UUID, IMEI), IP address, service usage records, service user status information, cookie
ARTICLE 2 (Usage of Private Information)
1. (Purpose of Usage) The Company shall be using the private information of service user only for the following purposes.
|Category||Purpose of Usage|
|Categorizing members||- Identification of service user
- Prevention of unlawful registration
- Prevention of unlawful usage by suspicious users
|Providing service||- Confirmation on the service usage
- Transfer of important information
|Improving service quality||- Recording of service usage records and access records
- Establishment of service environment on private information protection
- Providing hands-on services
2. (Period of Storage) The Company shall be collecting private information of service users and using it only for limited purpose/period, and once there is a request of withdrawal of account or previous agreement on the private information usage, the private information shall be immediately destroyed. However, for the following storage period, the Company shall be storing the private information as per the governing regulation to store the private information even after the withdrawal of the account or previous agreement on the private information
|ACT ON THE CONSUMER PROTECTION IN ELECTRONIC COMMERCE, ETC.||- Record on Contract Agreement and or Withdrawal
- Record on Commodity Payment and Supply of Resources
- Record on Consumer Complaint and Dispute Resolution
|- 5 years
- 5 years
- 3 years
|ELECTRONIC FINANCIAL TRANSACTIONS ACT||- Record on Electronic Financial||- 5 years|
ARTICLE 3 (Destruction of Private Information)
The Company shall be immediately destroying relevant personal information once the purpose of collection and usage of private information has been fulfilled. However, for some specific private information that is required to be stored by the Company as per the governing regulation shall be destroyed after the regulated period for storage. Should the subject private information for destruction be in an electronic format, the destruction will take place by technical methods that would prevent regeneration of the data, while for other types of information that are stored in paper or any recording device, the destruction method range from grinding, incineration and etc.
ARTICLE 4 (Rights of Service Users and Way to Exercise the Rights)
The Company protects the rights of service users as following.
1. Service users can access and revise each respective personal status information. Access and revision of personal information of the service users can be made in their own “my profile” menu.
2. Service users can always request for withdrawal of agreement in providing personal information and to terminate its member status. Termination(withdrawal of agreement) can be made in “member termination” menu.
3. Private information of minors below 19 years old shall not be a subject for collection of information. However, should there be a request by the legal guardian of the minor, rights stipulated in the governing regulations shall be protected. (access to minor’s private information, revision/deletion/suspension of processing of private information)
4. Should there be a request of revision of private information, in order to provide accurate private information, the information shall not be used or provided if during the revision process. Moreover, if the private information has been disclosed to any 3rd party, such information shall be given immediately to facilitate timely revision of the information.
ARTICLE 5 (Installation/Operation and Refusal on the Automatic Collection Device on Private Information)
The Company protects the rights of the service users as following.
1. (Definition of Cookie) Cookie is a very tiny text file that is sent from the website server to the user’s computer to be saved in the user’s computer.
2. (Purpose of Cookie Usage) Cookie will enable more rapid web environment to the users by saving the user preference in the settings, which can be utilized for the service improvement. Service users will then able to access various services on the web with more convenience.
3. (Installation, Operation, and Refusal of Cookie) Service users will have the authority to choose to install the cookie or not. Refusal in saving the cookie or deletion of cookie data can take place at any time.
ARTICLE 6 (Measure on Securing Stability in Private Information)
The Company implements following technical, managerial, and physical measures to prevent any loss, theft, leak, tampering, forgery and damage of private information of service users.
1. (Establishment and Implementation of Internal Management Plan) The Company has established an internal management plan on private information and has implemented the plan to ensure safe processing of private information.
2. (Access Restriction to Private Information) Access to private information is thoroughly controlled by providing access authority, modification, and deletion of access authority to the private information processing database system depending on the staff ranks.
3. (Encryption of Private Information) Important data within the private information of service users such as the password is being managed through a separate encryption, and is transmitted through an encrypted communication channel.
4. (Storage of Access Records and Prevention of Forgery) Access records to the private information processing system is separately gathered and monitored, along with a security feature that prevents forgery and loss of such access records.
5. (Technical Measures to Hacking) Data files go to a regular back-up process to prevent loss of private information, along with the application of the latest vaccine programs designed to prevent any leakage or damage of user’s private information. Moreover, by implement a separate intrusion prevention system, unauthorized access by any 3rd party is regulated, along with the Company’s constant effort to equip with various systematic measures on the security dimension of the system.
6. (Access Restriction to Unauthorized Personnel) In order to prevent any leakage of private information, system and equipment for controlling the access of unauthorized personnel are currently in full operation.
ARTICLE 7 (Representative on Private Information Protection and Contact Details)
The Company has designated below-named staffs as representatives on the protection of private information, answering to questions, and to respond to complaints of the service users. Should you inquire for any topic to below-named representatives, there will be a rapid and ample response to your inquiry.
[Representative on Private Information Management]
Name : Dennis Lee
Position : Representative on Private Information Management
[Staff-in-charge on Private Information Management]
Name : Neo Min
Position : Staff-in-charge on Private Information Management
ARTICLE 8 (Application Period for Private Information Processing Protocols)
This private information processing protocol shall be applied from October 1st 2018.
Should there be any addition to the current private information processing protocols, previous protocols shall be accessible in the below page.