AraoneSoft Privacy Policy

Araone Soft Privacy Policy

Araone Soft (hereinafter referred to as "Araone Soft", located at https://dalnimdev.tistory.com/450) establishes and discloses this Privacy Policy in accordance with Article 30 of the Personal Information Protection Act to protect the personal information of data subjects and to handle any related grievances promptly and smoothly.

○ This Privacy Policy is effective from July 20, 2021.

---

Article 1 (Purpose of Processing Personal Information)

Araone Soft (hereinafter referred to as "Araone Soft", located at https://dalnimdev.tistory.com/450) processes personal information for the following purposes. The personal information being processed will not be used for any purposes other than those listed below. If the purpose of use changes, necessary measures such as obtaining separate consent will be taken in accordance with Article 18 of the Personal Information Protection Act.

1. Membership Registration and Management
2. Personal information is processed for the purposes of confirming the intent to register as a member, identity verification and authentication for providing membership-based services, maintaining and managing membership status, preventing unauthorized use of services, verifying consent from legal guardians when processing personal information of children under the age of 14, and delivering various notifications and announcements.
3. Use for Marketing and Advertising
4. Personal information is processed for the purposes of developing new services (or products) and providing customized services, offering information on events and promotional opportunities, delivering services and advertisements based on demographic characteristics, verifying the effectiveness of services, analyzing access frequency, and generating statistics on members’ use of services.

Article 2 (Period of Retention and Use of Personal Information)

1. Araone Soft processes and retains personal information within the period permitted by applicable laws or within the period agreed upon by the data subject at the time of personal information collection.
2. The respective processing and retention periods for personal information are as follows:

1. Website Membership Registration and Management
Personal information related to membership registration and management will be retained and used from the date of consent for collection and use until it is promptly destroyed.

• Retention basis: Immediate destruction after the purpose is achieved
• Relevant laws: —
• Exceptions: —

---

Article 3 (Rights and Obligations of Data Subjects and Their Legal Representatives, and How to Exercise Them)

1. Data subjects may exercise the right to request access, correction, deletion, or suspension of processing of their personal information at any time against Araone Soft.
2. The exercise of rights under Paragraph 1 can be made through written documents, email, or fax in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act. Araone Soft will take prompt action in response to such requests.
3. The rights under Paragraph 1 may also be exercised by the data subject’s legal representative or a delegated representative. In such cases, a power of attorney must be submitted in accordance with Form No. 11 of the “Notice on the Method of Processing Personal Information” (Notice No. 2020-7).
4. Requests for access or suspension of processing may be restricted in accordance with Article 35(4) and Article 37(2) of the Personal Information Protection Act.
5. Requests for correction or deletion of personal information cannot be accepted if the information is designated as subject to collection under other laws.
6. When a data subject makes a request for access, correction, deletion, or suspension of processing, Araone Soft will verify whether the person making the request is the data subject or a legitimate representative.

Article 4 (Items of Personal Information Processed)

1. Araone Soft processes the following personal information items:

• Website Membership Registration and Management
  • Required items: Email, Password
  • Optional items: None

---

Article 5 (Destruction of Personal Information)

1. Araone Soft promptly destroys personal information when it becomes unnecessary, such as when the retention period has expired or the processing purpose has been achieved.
2. Even if the retention period agreed to by the data subject has expired or the processing purpose has been achieved, if there is a legal obligation to retain the personal information, it will be stored in a separate database (DB) or in a different storage location.

• Legal basis: —
• Items retained: Account information, Transaction date

1. The procedures and methods for destroying personal information are as follows:

• Destruction Procedure:
  Araone Soft selects the personal information for which destruction is required and proceeds with destruction after obtaining approval from the personal information protection officer.
• Destruction Method:
  Information in electronic file format is destroyed using technical methods that make the records irrecoverable.

 

Article 6 (Measures to Ensure the Security of Personal Information)

Araone Soft takes the following measures to ensure the security of personal information:

1. Regular Self-Audits
   To ensure the stability of personal information handling, Araone Soft conducts regular self-audits (once per quarter).
2. Minimization and Training of Personnel Handling Personal Information
   Personnel who handle personal information are designated and limited to specific individuals, and measures are implemented to manage personal information with minimal exposure.
3. Establishment and Implementation of Internal Management Plans
   Internal management plans are established and implemented to ensure the safe handling of personal information.
4. Technical Measures Against Hacking, etc.
   To prevent leakage or damage of personal information caused by hacking or computer viruses, Araone Soft installs security programs, regularly updates and inspects them, installs systems in areas restricted from external access, and monitors and blocks unauthorized access both technically and physically.
5. Encryption of Personal Information
   Users’ personal information, including passwords, is encrypted and stored in a way that only the user can know. Important data is protected using encryption or file locking features during storage and transmission.
6. Retention and Protection of Access Records
   Access records to personal information processing systems are retained and managed for at least six months, and security functions are used to prevent tampering, theft, or loss of these records.
7. Access Restriction to Personal Information
   Necessary measures are taken to control access to personal information by granting, changing, or revoking access rights to database systems. Intrusion prevention systems are also used to block unauthorized external access.
8. Use of Locking Devices for Document Security
   Documents and auxiliary storage media containing personal information are stored in secure places equipped with locking devices.
9. Access Control for Unauthorized Personnel
   Physical storage locations containing personal information are managed separately, and access control procedures are established and operated.

Article 7 (Matters Regarding the Installation, Operation, and Refusal of Automatic Personal Information Collection Devices)

Araone Soft does not use cookies or similar technologies that store and retrieve usage information of data subjects.

---

Article 8 (Personal Information Protection Officer)

1. Araone Soft appoints the following person as the Personal Information Protection Officer, who is responsible for overseeing personal information processing and handling complaints or damage relief related to personal data.

▶ Personal Information Protection Officer

• Name: Hyungdal Kim
• Title: CEO
• Position: CEO
• Contact: araonesoft@gmail.com
  ※ Connected to the Personal Information Protection Department.

▶ Department in Charge of Personal Information Protection

• Department Name: 
• Person in Charge: 
• Contact: 

1. Data subjects may contact the Personal Information Protection Officer or the department in charge for any inquiries, complaints, or damage relief related to personal information that occur while using Araone Soft’s services (or business operations). Araone Soft will respond and handle such inquiries without delay.

---

Article 9 (Request for Access to Personal Information)

In accordance with Article 35 of the Personal Information Protection Act, data subjects may request access to their personal information through the department below. Araone Soft will strive to promptly process such requests.

▶ Department for Receiving and Processing Access Requests

• Department Name: [Not provided]
• Person in Charge: [Not provided]
• Contact: [Not provided]

 

Article 10 (Remedies for Infringement of Rights)

If a data subject suffers damage due to a violation of personal information rights, they may seek dispute resolution or consultation through the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency’s Personal Information Infringement Center, and other organizations.

For reporting or consulting on other personal information infringements, please contact the following institutions:

1. Personal Information Dispute Mediation Committee
   • Phone: 1833-6972 (no area code required)
   • Website: www.kopico.go.kr
2. Personal Information Infringement Center (KISA)
   • Phone: 118 (no area code required)
   • Website: privacy.kisa.or.kr
3. Supreme Prosecutors' Office
   • Phone: 1301 (no area code required)
   • Website: www.spo.go.kr
4. Korean National Police Agency – Cyber Bureau
   • Phone: 182 (no area code required)
   • Website: cyberbureau.police.go.kr

In accordance with Articles 35 (Access to Personal Information), 36 (Correction or Deletion), and 37 (Suspension of Processing) of the Personal Information Protection Act, if a person has been harmed due to a disposition or inaction by a public institution, they may file for administrative appeal as prescribed by the Administrative Appeals Act.

※ For more information on administrative appeals, please refer to the Central Administrative Appeals Commission website: www.simpan.go.kr

---

Article 11 (Changes to the Privacy Policy)

This Privacy Policy has been in effect since April 20, 2025.