​개인정보 처리방침

The Company may collect and use automatically generated information that can be collected without consent in accordance with applicable laws and regulations (such as log records, billing information, payment records, and other information automatically generated during the service contract fulfillment process), as well as information necessary for fee settlement (such as billing details, payment/non-payment status, outstanding amounts, etc.) within the scope of purposes stated in the mandatory consent items. Furthermore, if the User agrees to the optional consent form, the information may also be used within the scope of those purposes. The Company may process the collected personal information into a format that does not identify specific individuals, such as statistical data, and may use or provide such data.

Article 4: Consent to the Collection and Use of Personal Information When a User signs up for the service, the Company has a separate procedure to obtain consent for its 'Privacy Policy' and has established a process for the User to click a button confirming that they have read and understood it. Clicking the said button is considered as giving consent to the collection and use of personal information. The User has the right to refuse the collection and use of personal information, and there are no specific disadvantages for refusing consent. However, if the User refuses to consent to the mandatory items, service use may be impossible, or the provision of services according to the purpose of service use may be restricted.

Article 5: Method of Collecting Personal Information The Company collects the User's personal information through the following methods: ⋅ Automatically generated and collected during the process of service subscription and use. ⋅ Collected through the input of personal information such as the User's name, date of birth, and contact information during the service subscription process. ⋅ Collected by receiving User subscription information from partners when signing up through affiliates such as memorial parks. ⋅ Collected through the User's voluntary provision during service use, such as customer service inquiries or event applications. ⋅ Collected through information generation and collection tools.

Article 6: Use and Provision of Collected Personal Information to Third Parties The Company uses the User's personal information within the scope notified in the 'Items and Purposes of Personal Information Collection' of the Terms of Service and Privacy Policy, and does not use it beyond this scope or provide it to other individuals, companies, or institutions without the User's prior consent. However, personal information may be used and provided in the following cases: a. Partnerships To provide better services, the Company may provide or share the User's personal information with its partners. When providing or sharing personal information, the Company will go through a procedure to obtain consent by notifying the User individually in writing or by e-mail in advance about who the partner is, what personal information items are being provided or shared, why such personal information needs to be provided or shared, and how long it will be protected and managed. If the User does not consent, the information will not be provided to or shared with the partner. However, an exception is made if the User has subscribed to the service through a partner, and the partner already has rights to the User's information. b. Sale, Mergers & Acquisitions, etc. In the event of transferring all or part of the business, or succeeding the rights and obligations of the service provider through merger, inheritance, etc., the Company will notify the User of this fact to guarantee the User's rights related to personal information protection. The Company does not use the User's personal information beyond the scope notified to the User at the time of collection or specified in the Terms of Service, nor does it provide it to third parties. However, exceptions are made if there is the User's consent or in the following cases: ⋅ When the personal information is necessary for the fulfillment of a contract regarding the provision of services, and it is significantly difficult to obtain normal consent for economic/technical reasons. ⋅ When necessary for the settlement of fees following the provision of services. ⋅ When, in accordance with the "Guidelines for Processing Pseudonymized Information" announced by the Personal Information Protection Commission in September 2020, the information is determined to be pseudonymized or anonymized after undergoing pseudonymization/anonymization measures and an adequacy assessment. ⋅ When there are special provisions in other laws, such as the Protection of Communications Secrets Act, Framework Act on National Taxes, Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., Personal Information Protection Act, Act on Real Name Financial Transactions and Confidentiality, Credit Information Use and Protection Act, Telecommunications Business Act, Framework Act on Telecommunications, Local Tax Act, Framework Act on Consumers, Bank of Korea Act, Criminal Procedure Act, etc. However, even if there are 'special provisions in the law' and an administrative agency or investigative body requests the information for administrative or investigative purposes, the Company does not unconditionally provide the customer's personal information. It is provided in accordance with lawful procedures, such as when requested by a warrant or an official document bearing the seal of the head of the institution as prescribed by law.

Article 7: Retention and Use Period of Personal Information The Company retains and uses the User's personal information only for the period from the User's service subscription date to the period during which services are provided to the User. If the User requests to withdraw, revokes consent for the collection and use of personal information, the purpose of collection/use is achieved, the retention/use period ends, or a reason such as business closure occurs, the relevant personal information is destroyed without delay. However, if it is necessary to retain personal information for a certain period to prepare for fee settlement, lawsuits, disputes, or other necessary cases, the personal information is retained for a certain period. In the case of text/voice/photo/video information collected during service use, it is stored for a minimum of 30 days to a maximum of 24 months for user experience improvement and service provision/performance enhancement research, after which it is deleted. In accordance with Article 16, Paragraph 2 of the Act on the Protection and Use of Location Information, records of collection, use, and provision of location information for customers are automatically recorded in the location information system and are preserved for 6 months from the time of recording to respond to customer complaints. Furthermore, if it is necessary to preserve information in accordance with relevant laws such as the Commercial Act, Framework Act on National Taxes, Protection of Communications Secrets Act, Act on Consumer Protection in Electronic Commerce, etc., and the Credit Information Use and Protection Act, the Company stores User information for the period prescribed by the relevant laws. In this case, the Company uses the stored information only for the purpose of storage, and the retention periods are as follows: ⋅ Commercial books and important documents related to business, and vouchers: Important documents for 10 years / Vouchers for 5 years (Commercial Act) ⋅ Books and documentary evidence regarding transactions: 5 years (Framework Act on National Taxes, Corporate Tax Act, Value-Added Tax Act, etc.) ⋅ Records on display/advertisement: 6 months (Act on Consumer Protection in Electronic Commerce, etc.) ⋅ Records on contracts or withdrawal of offers, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.) ⋅ Records on payment and supply of goods, etc.: 5 years (Act on Consumer Protection in Electronic Commerce, etc.) ⋅ Records on consumer complaints or dispute resolution: 3 years (Act on Consumer protection in Electronic Commerce, etc.) ⋅ Records on collection/processing and use of credit information: 3 years (Credit Information Use and Protection Act) ⋅ 1:1 Inquiries: 1 year from the date of receipt (Consent to the collection and use of personal information)

Article 8: Procedure and Method of Destroying Personal Information After the purpose of using the collected personal information is achieved, the Company destroys the information without delay according to the storage and use period by methods such as shredding, incineration, or permanent electronic deletion that makes recovery impossible. However, even if a User deletes the application from their mobile terminal device (e.g., smartphone), if they do not request withdrawal of consent (membership withdrawal), the personal information will remain in the service. Therefore, if you wish to destroy your personal information, you must request 'Account Deletion' (membership withdrawal) from the 'Settings' menu of the SoulLink app.

​

Article 9: Method of Notifying or Announcing the Use and Third-Party Provision of Personal Information When the Company intends to use a User's personal information beyond the scope notified at the time of collection or specified in the Terms of Service or this Privacy Policy, or to obtain the User's consent for provision to a third party, it will notify the User of the relevant matters individually in advance through the service screen, in writing, by e-mail, or by telephone. In cases where the collection, storage, processing, use, provision, management, destruction, etc., of a User's personal information is entrusted to another party, the Company will notify the User of this fact through the Terms of Service, the website's Privacy Policy, etc. If the Company transfers all or part of its business or succeeds its rights and obligations through merger, inheritance, etc., it will notify the User individually in writing, by e-mail, etc., and at the same time, will announce the fact for at least 30 days in a manner identifiable within the service. However, if notification by writing or e-mail is not possible due to not knowing the User's contact information without fault, or due to natural disasters or other justifiable reasons, it will be replaced by an announcement on the service's first screen.

​

Article 10: Technical and Administrative Measures for Personal Information Protection The Company has prepared and applies the following technical/administrative measures to ensure safety so that the User's personal information is not lost, stolen, leaked, forged, altered, or damaged. ⋅ Technical Measures against Hacking, etc. The Company does its best to prevent the leakage or damage of Users' personal information by hacking or computer viruses. To prepare for damage to personal information, data is backed up frequently, and the latest antivirus programs are used to prevent leakage or damage to Users' personal information or data. Encrypted communication, etc., is used to securely transmit personal information over the network. An intrusion prevention system is used to control unauthorized access from the outside, and we strive to equip all other possible technical devices to secure system stability. ⋅ Minimization and Training of Handling Staff The Company limits the handling of personal information to designated personnel, assigns separate passwords that are regularly updated, and emphasizes compliance with this Privacy Policy through regular training for the handlers. ⋅ Operation of a Dedicated Personal Information Protection Body The Company strives to immediately correct and rectify any problems found by checking the implementation of this Privacy an Policy and the compliance of the handlers through an internal dedicated personal information protection body. However, the Company is not responsible for any problems arising from the leakage of personal information due to the User's own negligence or for reasons not attributable to the Company's intentional or gross negligence. ⋅ Secure Management of Pseudonymized Information To securely manage pseudonymized information, the Company takes necessary technical, administrative, and physical measures to ensure safety in accordance with personal information protection laws, such as establishing and implementing an internal management plan, separating and storing pseudonymized information and additional information, separating authority, and creating and storing processing records.

​

Article 11: Prohibition of Service Use by Children Under 14 Years of Age The Company, in principle, prohibits the service use by children under 14 years of age (hereinafter 'Children') and has a verification process at the service subscription stage to confirm that the User is not a child under 14. The Company is not responsible for any disadvantages that may occur to a child who has signed up with false information despite these procedures.

​

Article 12: Collection of Opinions and Complaint Handling The Company highly values the opinions of its Users. If you have any inquiries, you can contact the customer service center. The customer service contact points are as follows: ⋅ KakaoTalk ‘SoulLink’ Channel: KakaoTalk bottom ‘Chat’ menu > top ‘Magnifying glass’ > type ‘SoulLink’ and search ‘Channel’ > SoulLink channel ‘Start Chat’

Article 13: Personal Information Protection Officer and Manager The Company is doing its best to protect personal information so that Users can use the service safely. The Chief Privacy Officer is responsible for any accidents that violate the matters notified to the User in protecting personal information. The officer and manager responsible for processing the User's personal information are as follows, and they respond to personal information-related inquiries promptly and sincerely. ⋅ Chief Privacy Officer: Nam-Woong Cho ⋅ Personal Information Protection Manager: Hyun-Ah Hwang ⋅ Customer Service Inquiry: KakaoTalk ‘SoulLink’ Channel If you need to report or consult about other personal information infringements, you can get help by contacting the institutions below. ⋅ KISA Personal Information Infringement Report Center (privacy.kisa.or.kr / Dial 118 without an area code) ⋅ Supreme Prosecutors' Office Cyber Investigation Division (www.spo.go.kr / Dial 1301 without an area code) ⋅ National Police Agency Cyber Bureau (ecrm.police.go.kr / Dial 182 without an area code)

Article 14: Transfer/Processing/Entrustment/Storage of User Personal Information If necessary, the Company may transfer/process/entrust/store the information entered by the User for the functions of deceased Digital Twin creation, real-time AI conversation, and AI guestbook replies as follows.