b.stage Privacy Policy
  • 23 Nov 2022
  • 11 Minutes to read
  • Dark
    Light
  • PDF

b.stage Privacy Policy

  • Dark
    Light
  • PDF

Following Privacy Policy has been established and published to protect the personal information of members (hereinafter referred to as "member") using b.stage (hereinafter referred to as "services") offered by bemyfriends Co., Ltd. (hereinafter referred to as "company") and process pertinent concerns smoothly and seamlessly.


1. Purpose of collection and utilization of personal information

The Company processes the personal information for the following purposes. Personal information processed is not used other than the purpose specified below, and in case of a change in the specified purpose, we intend to take necessary measures, including obtaining separate consent for such changes in the purpose of utilization.

  • Member management : Identifying user and verifying identity, confirmation of the intention to sign up, prevention of the abuse by a delinquent member, processing of customer requests such as complaints, conveyance of notifications, confirmation of the intention to withdraw membership
  • Utilization of the Services and calculation of the fees for usage : Provision of contents, payment of service fees, sending invoices and fee collections
  • Use in marketing and advertisements : Development of new services and specialization of services, conveyance of promotional information including events, provision of services and exposure to advertisements based on demographic characteristics, obtaining information on access frequency and statistics on a member's use of Services
  • Other : Service inquiries, verification of service validity, seamless provision of high-quality services and service tutorial contents


2. Personal information items collected and method of collection

The Company collects the following types of personal information.

[business operator]

  • Upon signing up : (Required) name, e-mail address, mobile phone number, password
  • Upon service inquiries : (Required) name, name of the company, e-mail address

[non-business operator]

  • Upon signing up : (Required) name, e-mail address, mobile phone number, password
  • Upon creation of a service : (Required) name, date of birth, country


Additional personal information may be collected in the process of utilizing an individual service; notice shall be given and the consent of the user shall be obtained at the point of collection hereunder.

Information such as Service usage logs, visitation logs, abusive usage logs, IP addresses, cookies, device information may be generated automatically and collected.

The Company collects personal information through the following means.

  • If the user provides consent for the collection of personal information and enters the information in process of membership registration and utilization of services, such information provided directly shall be collected.
  • The personal information of a user may be collected through the webpage, e-mail, facsimile, or telephone during consultation via the customer service center.
  • The personal information may be provided from external companies or organizations partnered with the Company; in such a case, the personal information is handed to the Company after the partnering company obtains consent on providing the personal information from the user in accordance with the Personal Information Protection Act.
  • Information generated such as device information may be automatically generated and collected in the process of utilizing the Services on a PC or mobile web environment.


3.  Duration of utilization and retention of personal information and method to destroy the personal information

In principle, the Company shall destroy the provided personal information upon fulfilling the purpose of collection or provision of the personal information thereof without delay. However, if separate consent has been obtained in continuous retention and utilization, or the personal information is required to be retained under applicable law, such personal information shall be securely stored and utilized within the scope of the prescribed purpose.

The duration of retention of the personal information by the Company is as follows.

  • Withdrawal of membership: Member information is retained for 30 days after the withdrawal of membership (to minimize the risk of damages from indiscreet repetition of signing up and withdrawal, and handle the request to restore due to the change of mind after membership withdrawal).
  • For a dormant member who does not have any record of utilizing the services for the past 1 year, the member information shall be stored separately and deleted after 3 years.(Excluding the representative manager)
  • The period of retention has been otherwise specified in the applicable law.

          - The Act on the Consumer Protection in Electronic Commerce, etc. : 5 years(Records on contracts and cancellation of subscriptions, Records on payments and supply of the goods, etc.), 3 years(Records on processing customer complaints or disputes), 6 months(Records on labeling and advertisements)

         - Framework Act on National Taxes : 5 years(Ledgers on all transactions as prescribed by the Acts on taxation, and their supporting documents)

         - Protection of Communications Secrets Act : 3 months(Service visitation records)


The Company shall destroy the information in the following methods based on how the information has been stored:

  • Information printed on paper: shred with a shredder or incinerate
  • Information stored in the form of electronic files: destroy through initializing or repeated overwriting to render the data irrecoverable


4. Provision of the personal information to a third party

The Company shall not provide personal information to any external party without the prior consent of a user. However, the personal information may be provided if the user provided the consent on the provision of the personal information to utilize the services from external partner companies; the Company is compelled to submit personal information as required by the applicable law, or imminent danger to the user's life or safety has been identified and provision of personal information is necessary to resolve the situation.


5. Entrusting the processing of the personal information

The Company commissions the processing of personal information as follows to ensure smooth personal information processing.

  • subcontractor : Amazon Web Services, Inc.

          - Description of commissioned duties : Operation and management of cloud servers to provide the Services

  • subcontractor : MongoDB, inc.

          - Description of commissioned duties : Operation and management of cloud DB infra to provide the Services


The cases of transfer abroad to entrust the handling of personal information are as follows.

  • Transfee : bemyfriends Inc.

          - Contact the data protection officer : privacy.us@bemyfriends.com

          - Country : U.S.A.

          - Item of Personal Information transfferd : Email, name, mobile phone number, visit record, service use information, inquiry history, purchase history

          - Purpose of transfer : Overseas Customer management and PG service linkage/settlement

          - Retention and Use period : Retained during the service period

          - Date and Method of transfer : Transfer from time to time online during the service provision process


When the Company enters a commission contract, the Company is adding explicit provisions on the prohibition of processing the personal information on any other purposes than performing the commissioned duties, technical and managerial measures, restriction on re-subcontracting, and responsibility on control, supervision and compensation for damages in writing for contract documents, etc., and supervising the subcontractor on secure processing of the personal information. 

If the details of commissioned duties or the subcontractor are changed, the Company shall disclose such information through this privacy policy without delay.


6. Instructions for members and their legal representatives to exercise their rights and responsibilities

A member may exercise their right of perusal, revision, deletion and request to cease the processing of the personal information at any time.

Such rights may be exercised in writing, through email, facsimile (FAX), and other means of communications, and the Company shall process any related request without delay. 

A member may exercise their rights through an agent, such as a legal representative or a delegated person. In such a case, the letter of attorney is required. 

The request to review, or cease the processing of personal information may result in the restriction on the privileges as a member, in accordance with relevant Act. 

For the request to amend or remove the personal information, the removal shall not be requested if other applicable laws require the item of personal information to be collected.

The Company shall verify the person who tends the request to review, amendment, removal, or cessation of processing of the personal information is the requester themselves, or with a valid power of attorney.


7. Measures to secure the safety of the personal information

The company is exercising the following measures to ensure the safety of personal information. 

  • Managerial measures: Establish and implement internal management plans, regular education sessions for employees, etc.
  • Technical measures: Control the authority to access the system to process personal information, install an access control system, encryption of unique identifying information, and install security programs
  • Physical measures: Control the access to computer rooms, offices, and document storage rooms, etc.


8. Matters regarding installation and operation of the device to collect the personal information automatically and refusals

The Company uses "Cookie," that stores and frequently retrieves usage information in order to provide personalized services to a member. The Cookie is a minuscule piece of information that the server used to operate the website transmits to the browser of the user's computer, and may be stored in the computer hard disk of the user.

The Cookie is utilized to provide optimal sets of information through identifying visitation and usage habits for the websites and services the user has accessed, top searches, use of the secured connection, etc.

A user has an option to opt-in or opt-out of installing the Cookie. Therefore, a member may configure to allow all Cookies or provide confirmation for each instance the Cookie is stored, or reject to save any Cookie, through web browser settings. 

Instruction to configure Cookie installation preferences and how to refuse the Cookie installation is presented below.



8. Matters regarding installation and operation of the device to collect the personal information automatically and refusals

The Company uses "Cookie," that stores and frequently retrieves usage information in order to provide personalized services to a member. The Cookie is a minuscule piece of information that the server used to operate the website transmits to the browser of the user's computer, and may be stored in the computer hard disk of the user.

The Cookie is utilized to provide optimal sets of information through identifying visitation and usage habits for the websites and services the user has accessed, top searches, use of the secured connection, etc.

A user has an option to opt-in or opt-out of installing the Cookie. Therefore, a member may configure to allow all Cookies or provide confirmation for each instance the Cookie is stored, or reject to save any Cookie, through web browser settings. 

Instruction to configure Cookie installation preferences and how to refuse the Cookie installation is presented below.

  • How to configure the Cookie preferences on Internet Explorer View
  • How to configure the Cookie preferences on Safari View
  • How to configure the Cookie preferences on FireFox View
  • How to configure the Cookie preferences on Chrome Browser View.

 If the installation of Cookie is refused, difficulties may arise in utilizing personalized services.


9. The staff in charge of protection of the personal information

The Company is designating the staff in charge of protection of the personal information in the following to oversee the affairs on personal information processing, and respond to the complaints of the members and provide remedies for the infringement of a member's rights pertaining to the personal information processing.

[The staff in charge of protection of the personal information]

  • Name: UNGJEONG KIM
  • Position: CPO
  • Phone number: 1670-6010
  • e-mail: privacy@bstage.in

[Department responsible for personal information protection]

  • Name of Department: Information Security Team
  • Phone number: 1670-6010
  • e-mail: privacy@bstage.in


A user may direct any inquiries on the protection of personal information while using the Services offered by the Company, processing of the complaints and remedies for the infringement of rights to the officer and department responsible for personal information protection. The Company will provide a response to an inquiry of the member without delay.


10. Instructions on requesting remedies for the infringement of rights

A member may request a consultation or dispute resolution to Personal Information Dispute Mediation Committee, Korea Internet & Security Agency and Personal Information Infringement Report Center to get remedies for personal information infringement. Please direct the inquiries and reports on personal information infringement to the agencies listed below.

  • Personal Information Dispute Mediation Committee (1833-6972, www.kopico.go.kr)
  • Personal Information Infringement Report Center (118, privacy.kisa.or.kr)
  • Supreme Prosecutors' Office (1301, www.spo.go.kr)
  • National Police Agency (182, cyberbureau.police.go.kr)


11. Children’s personal Information

The company does not provide services to children under the age of 19 and does not knowingly collect or request personal information from children.


12.Obligation to provide notice upon amendment

If the content is added, deleted or modified from this Privacy Policy, the Company shall notify of the changes in advance no later than 7 days before the date of the amendment through the "Notice" bulletin board. Notwithstanding, if the changes include significant changes in the users' rights, such as the items of personal information to be collected, and changes in the purpose of utilization, etc., the notice shall be provided no later than 30 days prior to the amendment date.


Annex

This annex applies respectively to users residing in or having nationality in certain countries. In the event of a conflict between the following additional terms and provisions of the body of this Privacy Policy, the following terms shall control.


A. For members residing in the European Economic Community (EEA), the UK or Switzerland

If the member resides in the EEA (European Union and Iceland, Liechtenstein, Norway), the UK or Switzerland, the company transfers the member's personal information to a country outside Europe, such as Korea.

As a company headquartered in Korea, the EU Commission has determined that Korea's Personal Information Protection Act provides adequate protection in accordance with EU standards.


B. For California Residents

The company collects and shares members' personal information described in the above privacy policy for the purpose of providing services, but does not sell personal information.

Members have the right to access and request deletion of personal information collected by the company in accordance with the CCPA. You can check how to access, manage, and delete members' personal information at the b.stage customer center (support.bstage.in) [Frequently Asked Questions > Account].

You have the right to request a list of personal information you have provided to third parties for marketing purposes during the immediately preceding calendar year and the identity of the third parties. To make such a request, please contact us at privacy.us@bemyfriends.com


If you have any questions about our Privacy Policy, please email us at privacy.us@bemyfriends.com or write to:


bemyfriends inc.

PACIFIC DESIGN CENTER, RED BUILDING, 750, N SAN VINCENTE BLVD,

WEST HOLLYWOOD, CA 90069



- Notice Date : November 23, 2022

- Effective Date: November 30, 2022