Stream Privacy Policy

StreamStudio Corporation ("the Company") is committed to protecting the freedom and rights of its users by adhering to the "Personal Information Protection Act" and related legal requirements, processing personal information lawfully, and managing it securely. To guide users on the procedures and standards of personal information processing and to address any related grievances promptly and smoothly, the Company has established and disclosed the following Privacy Policy:

1. Personal Information Collected

The Company processes the following personal information items:

a. Stream (the "Service") can be accessed using Apple and Google accounts, during which the account owner provides the following information for service registration and use: Email address, hash value for duplicate sign-up verification.

b. For content creation within the Service (including paid content) or direct provision by users (such as instructors), the following personal information is processed:

For sole proprietors: Name, gender, mobile phone number, nickname displayed within the service, personal social media address, social security number and account information (account holder, bank name, account number) in case of sales generation.

For individual/corporate businesses: Name, representative’s name, phone number, business address, contact person’s name/phone number/email address, account information (account holder, bank name, account number), submitted documents (business registration certificate, copy of representative’s bank account).

c. The following information may be automatically generated or additionally processed during the service use or business processing: IP address, cookies, device information, access logs, visit time, payment and purchase information, service usage records, and misuse records.

d. Email addresses are processed when necessary for customer consultation, and additional information may be processed depending on the consultation content.

2. Purpose of Processing Personal Information

The Company processes personal information for the following purposes and will not use it for any purposes other than those listed below. If the purpose of use changes, the Company will take necessary measures such as obtaining separate consent:

Providing services such as Stream (the "Service")

User identification and membership management

Preventing and sanctioning actions that interfere with the smooth operation of the service, including service misuse and account theft

Demographic analysis, analysis of service visits and usage records, statistical processing for service improvement, personalized service provision, and advertising placement

Communication of notices, record preservation for dispute resolution, customer protection and service operation

Processing purchases/sales of paid products and payment processing, verification and payment of costs and settlement amounts, tax processing

Providing affiliate services, delivery, and payment of products

Creating a safe service usage environment for users in terms of security, privacy, and safety

3. Retention and Processing Period of Personal Information

The Company will destroy personal information without delay once the purpose of its collection and use has been achieved, except in cases where the user has agreed to a longer retention period or when legal requirements mandate the retention for a certain period:

a. Under the Act on Consumer Protection in Electronic Commerce, etc.:
Records related to contracts or withdrawal of subscriptions: 5 years
Records on payment and supply of goods: 5 years
Records on consumer complaints or dispute resolution: 3 years

b. Under the Protection of Communications Secrets Act:
Log-in records: 3 years

c. Under the Basic Tax Act, the Corporate Tax Act:
Books and documentary evidence regarding all transactions defined by tax laws: 5 years

4. Destruction Procedure and Method of Personal Information

Personal information is destroyed without delay once the purpose of its collection and use has been achieved or the retention period has expired. The destruction procedure and method are as follows:

a. Destruction Procedure
Personal information collected for service signup or other purposes is stored for a certain period according to internal policies and other relevant legal reasons before destruction.

b. Destruction Method
Printed personal information is shredded or incinerated. Personal information stored in electronic file formats is deleted using technical methods that prevent record recovery.

5. Third-Party Provision of Personal Information

The Company processes users' personal information within the scope specified in "Purposes of Processing Personal Information" and only provides it to third parties with user consent or under special provisions of the law (e.g., when requested by investigation agencies according to prescribed procedures and methods for investigative purposes) and does not otherwise provide personal information to third parties.

6. Entrusting Personal Information Processing

The Company may transfer or manage users' personal information overseas for membership management and service provision purposes. Membership management is essential for service operation, so if you refuse the transfer, service use may be difficult. If you do not wish for this transfer, you may proceed with service termination.

Entrusted Compan	Google Cloud Platform
Entrusted Work and Purpose	Management of member information and service information through Google Firestore
Contact Information	Tel) +82-080-822-1422
Timing and Method of Entrustment	Transmission through the network at the time of service use
Location of Storage	United States
Items of Personal Information Entrusted	Member information, service usage records
Retention and Use Period	Consistent with the retention period stipulated in this Privacy Policy

7. Rights of Users and Legal Representatives and How to Exercise Them

Users and legal representatives of children under 14 years old can exercise rights such as requesting access to, correction, deletion, or suspension of processing of personal information at any time. Rights can be exercised via written request, telephone, or email, and the Company will respond promptly.

Users can withdraw their consent to the collection and use of personal information at any time through service termination.

However, the exercise of rights may be restricted if other laws apply.

Rights can be exercised through a legal representative or an authorized agent. The Company will verify whether the requester is the user or a legitimate representative when requests for access, correction, deletion, or suspension of processing are made.

8. Installation/Operation of Automatic Personal Information Collection Devices and Refusal

To provide personalized services to users, the Company uses cookies, which are small amounts of information sent by the server (http) used to operate the website to the user's computer browser and stored on the user's PC computer hard disk.

a. Purpose of Using Cookies
Cookies are used to identify visit and usage patterns, user scale, etc., to provide optimized personalized information, including advertising.

b. Installation/Operation and

9. Measures to Ensure the Safety of Personal Information

The Company has implemented the following measures to ensure the safety of personal information:

a. Minimization and Training of Staff Handling Personal Information

The Company has designated and limited the number of staff handling personal information, implementing measures to minimize and manage personal information effectively.

b. Encryption of Personal Information

Users' personal information, including passwords, is encrypted and managed securely.

c. Preservation and Prevention of Falsification of Access Records

Records of access to the personal information processing system are kept and managed for at least one year. However, in cases involving more than 50,000 information subjects, adding unique identifiers or sensitive information, the records are kept and managed for more than two years.

d. Restriction of Access to Personal Information

Necessary measures have been taken to control access to the database system processing personal information by granting, changing, and revoking access rights, and intrusion prevention systems are used to control unauthorized access from outside.

10. Personal Information Protection Officer

The Company has appointed a Personal Information Protection Officer to oversee the processing of personal information and address complaints and remedy damage related to the processing of personal information as follows:

Personal Information Protection Officer

Name: Seok-young Lee

Position: CEO

Contact: cs.streamstudio@gmail.com (Customer Service)

11. Remedies for Rights Infringement

Users can apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, Korea Internet & Security Agency Personal Information Infringement Report Center, and other relevant organizations for remedies regarding personal information infringement. For reporting or consulting on other personal information infringements, please contact the following organizations:

Personal Information Dispute Mediation Committee (kopico.go.kr / Toll-free: +82-1833-6972)

Personal Information Infringement Report Center (privacy.kisa.or.kr / Toll-free: +82-118)

Supreme Prosecutors' Office (www.spo.go.kr / Toll-free: +82-1301)

National Police Agency (ecrm.police.go.kr / Toll-free: +82-182)

The Company is committed to ensuring users' rights to control their personal information and to providing consultation and remedies for personal information infringement. If you need to report or consult, please contact the Personal Information Protection Officer.

12. Changes to the Privacy Policy

In the event of additions, deletions, or modifications to the content of the current Privacy Policy, it will be announced through electronic means specified in the service's 'Notices' or terms and conditions at least 7 days before the amendments take effect. However, for changes that significantly affect users' rights, the announcement will be made at least 30 days in advance.

Announcement Date: February 1, 2024

Effective Date: February 1, 2024

Made with SlashPage