GolfzonCloud Co., Ltd. (hereinafter referred to as the "Company") establishes and discloses the following privacy policy in accordance with Article 30 of the 「Personal Information Protection Act」 to protect the personal information of data subjects and smoothly handle related grievances. This Privacy Policy applies to the Company's website with the domain smartcaddie.io, and the SMART CADDIE mobile and watch applications (hereinafter referred to as the "App" or "Service").
The Company processes personal information for the following purposes. The processed personal information will not be used for purposes other than the following, and if the purpose of use is changed, necessary measures such as obtaining separate consent in accordance with Article 18 of the 「Personal Information Protection Act」 will be implemented. ① Website and App Membership Registration and Management Personal information is processed for the purpose of confirming the intention to join as a member, identifying and authenticating the user for the provision of membership services, maintaining and managing membership, and preventing unauthorized use of the service. ② Service Provision Personal information is processed for the purpose of providing content and services. The details are as follows: • Account Creation: To access golf records and app data, you must create a SMART CADDIE account. Users can use their email address as the username to log in to the account. • When Visiting the Company Site: The Company collects industry-standard data from all users visiting our site (even general users without an account). This includes log data that is automatically recorded in connection with your visit, such as your browser type, operating system, the URL of the referring page, activity on the site, and the IP address used to access our pages. • App Data Synchronization: When you sync the app, data recorded in the app related to your activity is transmitted to our servers. This data is stored and then used to provide services and is linked to your user account. • Inquiries and Support Requests: Whenever you contact the Company for inquiries or support requests, we collect your name and email address, along with any additional information you provide, to support and improve customer service. • When Activating Location Features: The service includes features that require the collection of specific location data, such as GPS signals and device sensors. The Company collects this type of data only when the user activates location features, such as starting a golf record on a golf course. ③ Use for Marketing and Advertising Personal information is processed for the purpose of developing new services and providing customized services, providing events and promotional information, and offering participation opportunities.
① The Company processes and retains personal information within the personal information retention and use period required by law or the period agreed upon when collecting personal information from the data subject. ② The processing and retention period for personal information is as follows: • Member Information o Basis for collection: Consent of the data subject o Retention period: Until membership withdrawal is requested o Basis for retention: Consent of the data subject ③ Cases where personal information is preserved in accordance with relevant laws are as follows:
| Laws and Regulations | Record Items | Retention Period |
|---|---|---|
| Protection of Communications Secrets Act (Article 15-2) Log-in records 3 months | Log-in records | 3 months |
| Act on the Consumer Protection in Electronic Commerce, etc. (Article 6) | Records on contracts or withdrawal of subscription, etc. | 5 years |
| Records on payment and supply of goods, etc. | 5 years | |
| Records on consumer complaints or dispute resolution | 3 years | |
| Act on the Protection and Use of Location Information (Article 16) | Data confirming the collection, use, and provision of location information | 6 months |
① The Company processes personal information only within the scope specified in Article 1 (Purpose of Processing Personal Information) and provides personal information to third parties only when it falls under Articles 17 and 18 of the 「Personal Information Protection Act」, such as the consent of the data subject or special provisions of the law. ② As a rule, the Company does not provide users' personal information to third parties. Exceptions are made if users have agreed in advance, if required by law, or if there is a request from an investigative agency for investigation purposes in accordance with the procedures and methods prescribed by law.
① To smoothly process personal information, the Company entrusts personal information processing tasks as follows:
| Trustee (Company) | Entrusted Task | Entrustment Period |
|---|---|---|
| TCK | Customer Support | Until membership withdrawal or termination of the entrustment contract |
| Golfzon Co., Ltd. |
Field round record management service provision Recommendation service based on field round records |
Until membership withdrawal or termination of the entrustment contract |
② When signing an entrustment contract, the Company specifies in documents such as contracts the prohibition of personal information processing for purposes other than performing entrusted tasks, technical and administrative protective measures, restrictions on re-entrustment, management and supervision of the trustee, and responsibilities such as compensation for damages, in accordance with Article 26 of the 「Personal Information Protection Act」. The Company also supervises whether the trustee safely processes personal information. ③ If the content of the entrusted task or the trustee changes, we will disclose it without delay through this Privacy Policy.
① Data subjects may exercise their right to access, correct, delete, or suspend the processing of personal information against the Company at any time. ② Rights under Paragraph 1 can be exercised through written requests, e-mail, fax, etc., in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the 「Personal Information Protection Act」, and the Company will take action without delay. ③ Rights under Paragraph 1 may be exercised through a legal representative of the data subject or a delegated agent. In this case, a power of attorney in accordance with Form No. 11 of the "Notice on Personal Information Processing Methods" must be submitted. ④ The right of the data subject may be restricted regarding requests for viewing and suspending the processing of personal information pursuant to Article 35, Paragraph 4, and Article 37, Paragraph 2 of the 「Personal Information Protection Act」. ⑤ A request for correction or deletion of personal information cannot be made if the personal information is specified as an object of collection in other laws. ⑥ The Company verifies whether the person making the request for access, correction/deletion, or processing suspension based on the data subject's rights is the person themselves or a legitimate representative. ⑦ Users can view or modify their personal information on the site at any time and can request the withdrawal of consent for collection, use, and provision or request membership cancellation. ⑧ The department where requests for viewing personal information, etc., can be applied for can be found in "Article 12 (Request to View Personal Information)" of this policy.
The Company processes the following personal information items:
| Category | Details |
|---|---|
| Collected Items | ID, Password, E-mail, First Name, Last Name, Gender, Date of Birth, Paid service payment information (App market payment tokens, etc.), Purchase history, Country |
| Exercise and Health Information | Exercise information during a round (Elapsed time, distance moved, step count, cumulative altitude, maximum altitude, total calories, average heart rate, maximum heart rate, etc.) |
| Purpose of Collection | Provision and management of SMART CADDIE member services |
| Retention Period | Until SMART CADDIE membership withdrawal |
※ You may refuse consent, but if you refuse, your use of the service will be restricted. ※ Personal information items collected may differ depending on the service.
① Based on Article 16, Paragraph 2 of the 「Act on the Protection and Use of Location Information」, the Company automatically records data confirming the collection, use, and provision of location information to customers in the location information system. Related data is retained for 6 months or more after membership registration and is destroyed upon membership withdrawal. ② In accordance with Article 24, Paragraph 4 of the 「Act on the Protection and Use of Location Information」, if a customer withdraws all or part of their consent, the Company immediately destroys the collected personal location information and data confirming the collection, use, and provision of location information (if part of the consent is withdrawn, limited to the personal location information and data confirming the use and provision of location information for the withdrawn part).
① The Company destroys personal information without delay when it becomes unnecessary, such as when the personal information retention period has elapsed or the purpose of processing has been achieved. ② If personal information must be preserved in accordance with other laws despite the expiration of the retention period agreed upon by the data subject or the achievement of the processing purpose, the personal information is transferred to a separate database (DB) or stored in a different location ③ The procedures and methods for destroying personal information are as follows: • Destruction Procedure: The Company selects personal information that has cause for destruction and destroys the personal information with the approval of the Company's Privacy Officer. • Destruction Method: Information in the form of electronic files uses technical methods that render records unrecoverable. Personal information printed on paper is destroyed by shredding or incineration. ④ Information regarding personal information preserved without being destroyed in accordance with other laws can be found in "Article 2 (Processing and Retention Period of Personal Information)" of this policy.
The Company takes the following measures to secure the safety of personal information: • Minimization and Training of Staff Handling Personal Information : We implement measures to manage personal information by designating employees who handle personal information and minimizing the number of such staff. • Restriction of Access to Personal Information: We take necessary measures to control access to personal information through granting, modifying, and canceling access permissions to the database system that processes personal information. We also use intrusion prevention systems to control unauthorized access from the outside. • Establishment and Operation of Internal Management Plan: We have established and operate an internal management plan, including matters concerning the composition and operation of a personal information protection organization, to ensure that customers' personal information is processed safely within the service. • Encryption of Important Information: In accordance with related laws, passwords, unique identification information, account numbers, and card numbers are encrypted. Among them, member passwords are stored and managed with one-way encryption so that they cannot be decrypted. • Countermeasures against Hacking, etc.: We do our best to prevent members' personal information from being leaked or damaged by hacking or computer viruses. We regularly back up data in case of damage to personal information, use the latest anti-virus programs to prevent users' personal information or data from being leaked or damaged, and ensure that personal information can be safely transmitted over the network through encrypted communication, etc.
① The Company uses 'cookies' that store and occasionally retrieve user information to provide personalized services to users. ② Cookies are small amounts of information sent to the user's computer browser by the server (http) used to operate the website and may also be stored on the hard disk of the user's PC. 1. Purpose of Using Cookies: They are used to provide optimized information to users by identifying the visit and usage patterns, popular search terms, secure access status, etc., for each service and website visited by the user. 2. Installation, Operation, and Refusal of Cookies: o Allowing/Blocking Cookies in Web Browsers: Chrome: Select the '⁝' icon in the upper right corner > New Incognito window (Shortcut: Ctrl+Shift+N) Edge: Select the '…' icon in the upper right corner > New InPrivate window (Shortcut: Ctrl+Shift+N) o Allowing/Blocking Cookies in Mobile Browsers: Chrome: Select the '⁝' icon in the upper right corner > New Incognito tab Safari: Mobile device Settings > Safari > Advanced > Block All Cookies Samsung Internet: Select the 'Tabs' icon at the bottom > Turn on Secret mode > Start 3. Impact of Refusing Cookie Storage: If you refuse to store cookies, you may experience difficulties in using customized services.
① The Company is responsible for the overall processing of personal information and has designated a Privacy Officer and a Privacy Manager as follows to handle complaints and damage relief from data subjects related to personal information processing. ▶ Chief Privacy Officer (CPO) • Name: Lee Jae-won • Affiliation & Title: Chairperson of the Information Security Committee • Phone (Customer Center): +82-2-3472-1954 • Email: [Inquiry] ▶ Privacy Manager • Name: Jeong Jae-hee • Department: Information Security Committee • Phone (Customer Center): +82-2-3472-1954 • Email: [Inquiry] ② Data subjects can contact the Privacy Officer and the responsible department for all personal information protection inquiries, complaint handling, damage relief, etc., that occur while using the Company's service (or business).
Data subjects may request access to personal information pursuant to Article 35 of the 「Personal Information Protection Act」 to the department below. ▶ Department for Receiving and Processing Requests to View Personal Information • Person in Charge: Maeng Gyong-young • Department: Operations Team • Phone (Customer Center): +82-70-8890-5754 • Email: [Inquiry]
Data subjects can apply for dispute resolution or consultation with the following organizations to receive relief due to personal information infringement.
| Agency | Contact | Website |
|---|---|---|
| Personal Information Infringement Report Center | 118 (No area code needed in Korea) | privacy.kisa.or.kr |
| Personal Information Dispute Mediation Committee | 1833-6972 | www.kopico.go.kr |
| Supreme Prosecutors' Office Cyber Investigation Division | 1301 (No area code needed in Korea) | www.spo.go.kr |
| National Police Agency Cyber Safety Bureau | 182 (No area code needed in Korea) | ecrm.police.go.kr |