STING Service Privacy Policy

The STING Foundation (hereinafter referred to as the "Company") values the privacy of users and is committed to protecting the privacy provided to the company to use the company's services (digital asset transaction services). Therefore, the company complies with laws related to personal information protection, such as the Act on the Promotion of Information and Communication Network Use and Information Protection, etc. and the Personal Information Protection Act.

The company discloses this personal information processing policy on the first screen of the website so that users can easily check it at any time.

This personal information processing policy may be changed in accordance with the relevant statutes and the company's internal policies, and the amendment can be easily confirmed through version management.

Article 1 (Personal Information Items Collecting)

The personal information items collected by the company are as follows.

  1. 1. Personal information items collected when necessary, such as membership registration and digital asset transactions, etc.
  2. Sortation point of collection Collection Items
    join membership STING join membership Whether to receive Kakao account (email) or Apple account (email), STING nickname, and event information (optional)
    Level 1 Email Authentication Email
    Digital Asset Transactions Level 2 Mobile Phone Identification Name, mobile number, date of birth, gender, domestic/foreign information, subscribed carrier, identification information (CI, DI)
  3. 2. Personal information items collected in accordance with the Act on the Provision of Goods or Services
  4. Sortation point of collection Collection Items
    Event Payment of utility bills a copy of one's identification card
    financial fraud Unstopped Transaction Name, date of birth, gender, account information, damage deposit and withdrawal transaction details
    Cash Receipt Issuance Register cash receipt information Mobile phone number, business number
  5. 3. Information collected automatically during service use
  6. Sortation point of collection Collection Items
    Automatically generated items during service access Using the STING service Device information (OS, model name, carrier, device identification number, language information), IP address, service usage record, cookie
  7. 3. Information collected automatically during service use
  8. 1) Collection through the website, mobile app, KakaoTalk consultation, telephone, etc.
  9. 2) Collection from other services with consent from third parties
  10. 3) Collection through an automatic collection device
  11. Article 2 (Purpose of processing personal information)

    The company processes the user's personal information for the following purposes. The personal information being processed shall not be used for any purpose other than the following, and if the purpose of use is changed, necessary measures, such as obtaining separate consent pursuant to Article 18 of the Personal Information Protection Act, will be implemented.

  12. 1. Manage user information
  13. - Identification of users, management of user information, and delivery of various notices;
  14. - Consultation with users, handling complaints, and compensation for customer damage
  15. - Process withdrawal through non-face-to-face authentication, initialization of mobile phone number and withdrawal account, etc.
  16. 2. Service delivery
  17. - Confirmation of security and digital asset transaction relationships
  18. - Matters concerning the overall management of services, such as the establishment, maintenance, and termination of digital asset transaction relationships, etc.
  19. 3. Event Information Guide
  20. - Providing various events and advertising information
  21. - Providing new and customized services, etc.
  22. Article 3 (Term of retention and use of personal information)
  23. ① The company shall process personal information within the period of retention and use of personal information under Acts and subordinate statutes or the period of retention and use of personal information agreed upon when collecting personal information from users.

    ② The period of retention and use of each personal information is as follows.

  24. 1. Personal Information Retention and Use Period for Digital Asset Transaction Services
  25. Sortation Reason for possession
    join membership Managing members, consulting with users, and handling civil petitions (if there is no financial history of transactions);
    Digital Asset Transactions Identification of identity according to the use of services provided by the company, management of information on payment and withdrawal processing in digital asset transactions, and determination of transaction relationships;
    Additional authentication Process withdrawal of members, initialization of mobile phone number and withdrawal account, and verification of deposit fact.

    Provided, That if an investigation or investigation is under way due to a violation of relevant statutes, it shall be retained and used until the completion of the relevant investigation or investigation.

  26. 2. Preservation of goods or services under the law of Goods or Services
  27. Sortation Related Laws
    Records of withdrawal of contracts or subscriptions, etc. The Consumer Protection Act in E-commerce, etc.
    Records of payment and supply of goods, etc.
    Records of consumer complaints or disputes
    Records of marking and advertising
    Records of compensation and misappropriation.
    Login History Communication Secret Protection Act
    Record of payment of utility bills Framework Act on National Taxes
    Customer verification records to raise withdrawal limits Specific Financial Information Act

    ③ The period of retention and use of personal information is from signing a service use contract (member registration) to termination of a service use contract (withdrawal application). Except as otherwise provided for in other Acts and subordinate statutes or at the request of users, the company shall destroy the personal information of users who are not reused for the period defined in Acts (one year) or store and manage it separately from the personal information of other users. Provided, That the fact that personal information is destroyed or stored separately and managed by 30 days prior to the expiration of the period, and the items of the relevant personal information shall be notified to the user by e-mail, writing, FAX, telephone, or similar means.

    Article 4 (Provide third party personal information)

    ① The company shall process the user's personal information only to the extent specified in Article 2 (Purpose of Processing Personal Information), and shall provide personal information to third parties only if it falls under Articles 17 and 18 of the Personal Information Protection Act.

    Service Name Offered by Purpose of delivery Third Party Offerings Period of use
    Real name verification account service K-Bank Prevention of money laundering (provided upon request of data) Name, date of birth, account information, transaction details Until withdrawal of membership or termination of partnership agreements.
    Article 5 (Consignment of Personal Information Processing)

    ① The company entrusts the personal information to external companies to perform some of the necessary tasks in providing services. And we manage and supervise the entrusted company not to violate the relevant laws.

    ② The following companies are entrusted with the processing of personal information.

  28. 1. Trustee for personal information processing (domestic)
  29. Trustee Consignment Purpose Personal Information Period
    KT Co., Ltd. Kakao Notification Tok Sending Agency Until withdrawal of membership or termination of consignment contract.
    KT Co., Ltd. SMS Shipping Service
    KT Co., Ltd. Staking Service
  30. 2. Personal information processing trustee (overseas)
  31. Trustee Consignment Purpose Entrusted Items Country of Consignment Date of Consignment, Method Period of use
    Twilio Inc. Send an Informed Mail Email the United States When email is sent, transferred over the network when using the service 30 Days After Email Sent
    Article 6 (The rights, obligations, and methods of exercise of users and legal representatives);
  32. ① The user may exercise his/her right to the company at any time, such as requesting perusal, correction, deletion, suspension of processing, etc. of personal information.
  33. However, the exercise of rights may be restricted, such as the user's request for perusal, correction, deletion, and suspension of personal information, as prescribed by related statutes, such as Articles 35(4), 36(1) and 37(2) of the Personal Information Protection Act.
  34. ② The exercise of users' rights may be made in writing, e-mail, FAX, etc. pursuant to Article 41 (1) of the Enforcement Decree of the Personal Information Protection Act, and the company will take measures without delay.
  35. ③ The exercise of rights under paragraph (1) may be conducted through an agent, such as a legal representative of the user or a delegated person. In such cases, a power of attorney under attached Form 11 of the Enforcement Rules of the Personal Information Protection Act shall be submitted.
  36. ④ When requesting the correction or deletion of personal information, if the personal information is specified as a target for collection in other statutes, it shall not be requested to be deleted.
  37. ⑤ The company verifies whether the person who made the request for perusal, correction or deletion, and suspension of processing according to the user's right to use is himself/herself or a legitimate agent.
  38. Article 7 (Destruction of Personal Information)
  39. ① When personal information becomes unnecessary, such as the lapse of the personal information retention period and the achievement of the processing purpose, the company shall destroy the personal information without delay.
  40. ② If personal information is to be preserved in accordance with Acts and subordinate statutes even after the period of retention of personal information agreed by users or the purpose of processing has been achieved, the relevant personal information shall be moved to a separate database (DB) or stored in a differently.
  41. 1. Items stored separately: name, mobile phone number, email, date of birth, gender, identification information (CI, DI), account information

  42. ③ The methods for destroying personal information are as follows.
  43. 1. Permanently delete personal information stored in electronic file format so that records cannot be played

    2. Personal information recorded and stored in paper documents is shredded or incinerated with a grinder.

  44. Article 8 (Technical and managerial protection measures for personal information);

    In order to ensure safety so that personal information is not lost, stolen, leaked, tampered with, or damaged while processing the personal information of users, the company shall:

  45. 1. Establishing an internal management plan
  46. The company establishes and implements an internal management plan for the safe management of personal information processed by the company.
  47. 2. Encrypt user's personal information
  48. The company stores and manages personal information such as the user's password and bank account number by encrypting them with a secure password algorithm.
  49. 3. Measures to prepare for hacking, etc.
  50. The company is doing its best to prevent users' personal information from being leaked or damaged by hacking or computer viruses. We frequently back up data in case of damage to personal information, prevent users' personal information or data from being leaked or damaged using the latest vaccine program, and secure transmission of personal information on the network through crypto communication.
  51. 4. Minimization and education of personal information handler
  52. The company limits personal information handlers to the minimum necessary for performing their duties, and recognizes the importance of personal information protection through management measures such as education for personal information handlers.
  53. Article 9 ( Matters concerning the installation and operation of automatic personal information collection devices and the refusal thereof);

    ① The company uses 'cookie' to store user information and bring it in frequently to provide convenience to users.

    ② Cookies are small amounts of information that a website sends to a customer's computer browser (such as Internet Explorer).

  54. 1. Purpose of use of cookies
  55. We store user's preference settings, etc. through cookies to support a faster web environment for users, and use it to improve services for convenient use. This makes it easier for users to use the service.
  56. 2. Installation, operation, and rejection of cookies
  57. You have the option of installing cookies, and you can refuse or delete them at any time.
  58. 3. How to reject cookie settings
  59. You have the option of installing cookies, and you can refuse or delete them at any time.
  60. - Internet Explorer: Select Tools Menu > Select Internet Options > Click the Privacy tab > Advanced Privacy Settings > Cookie Level Settings

    - Chrome : Select Settings Menu > Select Display Advanced Settings > Privacy and Security > Select Content Settings > Set Cookie Level

    - Safari : Select Configuration Menu > Select Privacy Tab > Set Cookie and Website Data Level

  61. Article 10 (Personal Information Protection Director and Department)

    ① In order to protect users' personal information and handle complaints related to personal information, the company designates the relevant departments and persons in charge of personal information protection as follows:

  62. ▶ Responsible for personal information protection
  63. Name
  64. ② All complaints related to personal information protection arising from the user's use of the company's services can be inquired to the person in charge of personal information protection and the department in charge. The company will answer and deal with the user's inquiries.

    Article 11 (Breakage of Rights)

    You can contact the following institutions if you need damage relief or counseling for privacy violations.

  65. ▶ Personal Information Infringement Report Center (Operated by the Korea Internet Agency)
  66. - Home page: privacy.kisa.or.kr
  67. - Phone: (without country code) 118
  68. ▶ Personal Information Dispute Mediation Committee
  69. - Home page: www.kopico.go.kr
  70. - Phone: (without country code) 1833-6972
  71. ▶ Cyber crime investigation team of the Supreme Prosecutors' Office
  72. - Home page: www.spo.go.kr
  73. - Phone: (without country code) 1301
  74. ▶ Cyber Safety Bureau of the National Police Agency
  75. - Home page: cyberbureau.police.go.kr
  76. - Phone: (without country code) 182
  77. Article 12 (Responsibility for Link Sites)

    The company can provide users with links to other external sites. In this case, the company has no control over the external site, so it cannot guarantee the usefulness, integrity, and legality of services or data received from the external site, and the privacy policy of the linked external site is irrelevant to the company.

    Article 13 (Change of Privacy Policy)

    If there is any addition, deletion, or revision of the contents of the current privacy policy, we will notify you at least seven days before the revision through "Notice". However, if there is an important change in user rights, such as the collection and utilization of personal information and the provision of third parties, it will be notified at least 30 days in advance.

    This personal information processing policy V2.9 will take effect from October 13, 2020. You can check the previous privacy policy below.