Share
Sign In
Privacy policy
'LilysAI' (hereinafter referred to as the 'Company') operates 'LilysAI', and in accordance with Article 30 of the Personal Information Protection Act, has established and is operating the following personal information processing policy to protect users' personal information and rights and to promptly process related complaints and difficulties.
The company is making every effort to comply with and practice the responsibilities and obligations stipulated in relevant laws and regulations.
The company is making every effort to comply with and practice the responsibilities and obligations stipulated in relevant laws and regulations.
Effective Date: 2023-10-21
Article 1 ( Information on collection and use of personal information)
Personal information must be collected to use "LilysAI".
1.
The personal information collected is as follows and is collected after user consent.
Purpose of collecting personal information | Collection items | Retention/Use Period |
Membership registration and user identification for service provision | Nickname/Name, Email, Password | Until membership withdrawal |
Sign up for social media membership | All information permitted by the linked SNS, including the user's account information and friend relationship information provided by the SNS. | Until membership withdrawal |
Responding to service inquiries | Nickname/Name, Email, Mobile Phone Number | Until withdrawal of membership or up to 3 years according to relevant laws |
Sending information about event operations and benefits, sending service-related updates and information | Nickname/Name, Email, Mobile Phone Number, Company Name, Position and Department | Until withdrawal of consent |
Payment card registration and payment, refund | Payment information delivered to the contracted PG company | Until withdrawal of membership or up to 5 years according to relevant laws |
Identity verification | Birth date | Until membership withdrawal |
Accumulate statistical data to improve services | IP information, device and browser information, domain viewed, visited webpage, telecommunications company type, usage history, and bad usage history | Until membership withdrawal |
Preventing fraudulent use | Email | Up to 30 days after membership withdrawal |
2.
The Company collects personal information in the following ways:
a.
The company collects information in the form that users enter while using the service (e.g., information for customer center consultation, bulletin board activity, and cash receipt issuance).
b.
Transmission from linked services such as SNS linked membership registration
c.
Collected from usage statistics collection tools for service improvement and understanding user responses
d.
Cookies, access logs, etc. are automatically created and collected during the process of using the service.
e.
Method of collecting personal information in writing offline, such as at exhibitions, seminars, and events
f.
For children under the age of 14, the following information may be collected from their legal representatives:
i.
Legal representative (guardian) name, date of birth, gender, nationality, mobile phone number, mobile carrier information, i-PIN information (when i-PIN is verified), personal identification value (CI, DI)
3.
Personal information collected by the company is processed within the retention/use period of personal information agreed upon by the user at the time of collection of personal information or within the retention/use period of personal information stipulated in relevant laws and regulations. When the purpose is achieved and the retention/use period expires, the personal information is promptly destroyed in a manner that makes it irrecoverable or reproducible.
Article 2 ( Matters regarding processing of pseudonymized information)
The Company processes pseudonymized information with the user's consent for the purpose of improving model performance and quality as follows. Pseudonymized information is information that cannot identify a specific individual without using or combining additional information to restore it to its original state by pseudonymizing personal information.
1.
The company does not use users' pseudonymized information for any purpose other than improving model performance and quality.
2.
The use of pseudonymized information will only be applied while the user's consent is maintained. If you do not wish to do so, please change your consent. Any changes you make will be applied from the time of the change.
3.
The pseudonymized information collected includes:
Items of personal information to be anonymized | Pseudonymous information processing and retention period |
Information converted by AI (input information and output information) | Up to 5 years after conversion of pseudonym information |
4.
To ensure the security of pseudonymized information, the following measures are being taken:
a.
The Company is taking measures to ensure the security of pseudonymized information and additional information for restoring pseudonymized information to its original state (hereinafter referred to as “additional information” in this Article).
b.
We store pseudonymized information and additional information separately. However, if additional information is no longer necessary, we destroy it.
c.
We manage and control access rights, including separating access rights to pseudonymized information and additional information, granting the minimum access rights necessary to perform tasks, and keeping records of the status of access rights.
d.
The company creates relevant records in this personal information processing policy to manage the processing of pseudonymized information.
e.
Processing pseudonymized information for the purpose of identifying specific individuals is strictly prohibited.
f.
If information that can identify a specific individual is created during the process of processing pseudonymized information, the processing of that information will be stopped immediately and the information will be retrieved and destroyed without delay.
Article 3 ( Matters regarding installation and refusal to operate automatic personal information collection devices)
During the service use process, the company automatically creates/collects the following information from users and may use it for the following purposes.
1.
Purpose of use of automatically collected personal information
a.
Compliance with relevant laws and regulations: The company is obligated to keep user access records (logins) to comply with relevant laws and regulations.
b.
Web usability analysis and improvement: Visit date and time, service usage history, and Cookie ID items are collected and retained for 5 years from the date of collection and immediately deleted after the period expires.
2.
Guide to automatic collection of personal information and how to refuse it
a.
We collect and analyze users' main actions (behavioral information) using the analysis tools below. It is unlikely that the collected information can identify individuals.
i.
Trustee: Mixpanel
ii.
Trustee Name: Google LLC
b.
Installation and operation of personal information automatic collection devices (cookies, etc.) and methods for refusing them: You can refuse or delete the storage of cookies, etc. using the methods below.
[Web]
[App]
Article 4 ( Entrustment of personal information processing)
The company entrusts some personal information processing tasks to ensure smooth processing of personal information, and when concluding an entrustment contract, supervises whether the trustee safely processes personal information in accordance with relevant laws. If the content of the entrusted tasks or the trustee is added or changed, we will promptly provide prior consent in accordance with relevant laws or disclose it through this personal information processing policy.
Fiduciary | Consignment work |
Canny | Handling complaints, etc., sending information on event operation and benefits, sending service-related updates and information |
Tally | Collect data using forms |
Stevie Inc. | Sending information about event operations and benefits, sending service-related updates and information |
Google Firebase (FCM) | Membership registration and user identification for service provision |
Article 5 ( Provision of personal information to third parties)
The company processes the personal information of the data subject only within the scope specified in Article 1, Guidelines on Collection and Use of Personal Information, and provides personal information to third parties only when the user gives separate prior consent or when there are special requirements in relevant laws and regulations.
Article 6 ( Transfer of personal information abroad)
The company does not provide personal information to other overseas businesses. However, in order to fulfill contracts for the provision of information and communication services and to improve user convenience, the company transfers personal information processing work overseas as follows.
Purpose | Item | Date and method | Holding period | Company and Country |
Collect data using forms | Name, mobile number, email | Transmission through encrypted networks when providing services | Until the date of termination of the contract, whichever comes first, or until the date of withdrawal of membership, or | |
Up to 3 years according to relevant laws | Tally / Belgium | |||
Collect user feedback | Email | Transmission through encrypted networks when providing services | Until the earlier of the date of termination of the contract or 5 years from the date of collection | Canny / United States |
Web usability analysis and improvement | Date and time of visit, service usage history, Cookie ID | Transmission through encrypted networks when providing services | Until the earlier of the date of termination of the contract or 5 years from the date of collection | Mixpanel / United States |
Membership registration and user identification for web usability analysis and improvement and service provision | Date and time of visit, service usage history, Cookie ID | Transmission through encrypted networks when providing services | Until the earlier of the date of termination of the contract or 5 years from the date of collection | Google / United States |
Article 7 ( Users and legal representatives’ rights and methods of exercising them)
For users and users under the age of 14, their legal representatives can view, edit, and delete personal information.
1.
In cases where a legal representative or authorized agent of a user exercises the user's rights (access, correction, suspension of processing, deletion), a power of attorney in the format of Appendix 11 of the Enforcement Regulations of the Personal Information Protection Act must be submitted.
2.
When requesting access, correction/deletion, or suspension of processing in accordance with user rights, the company verifies whether the person making the request is a legitimate agent.
Article 8 ( Personal Information Manager)
The company is responsible for overall management of personal information processing, and has designated a personal information protection officer as follows to handle user complaints and provide remedies for damages related to personal information processing.
Name: Oh Hyun-soo
Affiliation: LilysAI
Position: Representative
Contact: admin@lilys.ai
Affiliation: LilysAI
Position: Representative
Contact: admin@lilys.ai
Article 9 ( Matters regarding changes to personal information processing policy)
1.
The privacy policy may be changed to provide more convenient services.
2.
When there are significant changes, we will notify users of the changes in advance in an easily understandable manner.