Privcy policies
OFFLIGHT Inc. (hereinafter referred to as the "Company") values the privacy of its customers and strives to comply with relevant laws and regulations, including the Personal Information Protection Act.Our Privacy Policy tells you what and how we use your personal information and what steps we take to protect your privacy.
The company's privacy policy is as follows.
1. Purpose of processing personal information The Company processes personal information for the following purposes.
- Service delivery and operations : To provide and operate the Service, including user authentication, member management, service provision, security of the Service, and sanctions for customers who violate the Terms of Use.
- Service improvements : Service improvement: Use to improve your service to customers, including improving existing services and discovering new ones.
2. Personal information we collect, how we collect it, and how long we retain it for
(1) Personal information collected when you sign up for the service
- Passwords are stored by converting them to an unidentifiable method through one-way encryption (hashing)
(2) Personal information we collect after you sign up for the Service
(3) Information we automatically collect while using the Services
(4) Retention period of personal information according to law
(5) Installation and operation of devices that automatically collect personal information and refusal thereof
① The Company may use 'cookies' to store and retrieve usage information from time to time to provide individualized services to users.
② A cookie is a small amount of information sent to a user's web browser by a web server used to operate a website and stored on the storage device of the user's device running the web browser.
- Purpose of use of cookies: To provide optimized information to users or improve services by identifying the type of visit and use of each service and website visited by users, popular search terms, and secure connection status.
③ We use Google Analytics by Google (Alphabet) to provide you with a better and more useful service. Google Analytics cookies collect information about the behavior of users of our website, and only non-personally identifiable information is collected.
④ You can opt out of the use of cookies in the following ways
3.Disposal of Personal Information
The Company will delete personal information without delay when it becomes unnecessary, such as the expiration of the retention period or the achievement of the purpose of processing.
If the retention period of personal information has elapsed or the purpose of processing has been fulfilled, but the personal information is still required to be retained in accordance with other laws and regulations, the personal information shall be transferred to a separate database (DB) or preserved in a different storage location. In this case, the personal information transferred to the DB will not be used for any purpose other than the purpose permitted by the applicable laws and regulations.
The Company's procedures and methods for destroying personal information are as follows
① Disposal procedures
The Company destroys personal information that has become unnecessary due to the expiration of the retention period, the achievement of the purpose of processing, or at the request of the information subject, such as withdrawal of consent or suspension of processing, without delay. The chief privacy officer regularly checks the status of destroyed personal information.
② Disposal methods
The Company destroys personal information recorded and stored in electronic files so that the records cannot be reproduced, and destroys personal information recorded and stored in paper documents by shredding or incineration.
4. Measures for the disposal of personal information of non-users of the Service
① The Company destroys or separately stores personal information of users who have not used the Service for one year. Personal information kept separately will not be used for the Service.
② This provision is only valid until August 14, 2023.
5. Outsourcing of Personal Information Processing
5-1 개인정보 처리 업무의 국외 위탁에 관한 사항
6. Rights and obligations of the information subject and how to exercise them
① Users may view or modify their registered personal information at any time within the contract period, and may exercise rights such as requesting deletion of information and suspension of processing of their personal information.
② To exercise the rights of the information subject not provided online, please send an e-mail to the person in charge of personal information protection (info@offlight.work), and the Company will take action without delay.
③ You may also exercise your rights through an agent, such as a legal representative or a person authorized by the information subject. In this case, a power of attorney in the form of Attachment No. 11 to the "Notification on Personal Information Processing Methods (No. 2020-7)" must be submitted.
④ When requesting access, correction, deletion, or suspension of processing in accordance with the rights of the information subject, the Company shall verify that the person making the request is the person or a legitimate representative.
7. Measures to ensure the safety of personal information
The Company takes the following measures to ensure the safety of personal information.
- Administrative safeguards: establishing and implementing an internal management plan for personal information, and training employees on personal information protection.
- Technical protection measures: management of access rights to personal information processing systems and two-factor authentication for remote access, management of access records, access control, encryption of personal information, and operation of security programs
- Physical safeguards: Keep documents containing personal information in a locked location
8. Limits on Use of Your Google User Data
Offlight’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
① Why do you ask for permission to connect to Gmail?
The following service requires permissions to function properly.
- View emails marked with a star in Gmail in OFFLIGHT.
We use Gmail's OAuth 2.0 flow for authenticating and authorizing all email requests.
- We request the minimum scopes required to: View your email messages and settings (auth/gmail.readonly)
② Why do you ask for permission to connect to Google Calendar?
The following service requires permissions to function properly.
- Check the events registered in Google Calendar in OFFLIGHT.
- Register OFFLIGHT tasks as events in Google Calendar through OFFLIGHT Calendar integration.
- Modify or delete events from Google Calendar in OFFLIGHT.
We use Google Calendar's OAuth 2.0 flow for authenticating and authorizing all calendar requests.
- We request the minimum scopes required to: See, edit, share, and permanently delete all the calendars you can access using Google Calendar (auth/calendar)
9. About the Privacy Officer
Information subjects may contact the person in charge of personal information protection for inquiries, complaints, and damage relief related to personal information protection. The person in charge of personal information protection will respond to and handle your inquiries without delay.
10. Changes to the Privacy Policy
The Privacy Policy will be applied from the effective date, and any additions, deletions, and corrections to the contents in accordance with laws and policies will be notified through individual notification methods such as homepage or email 14 days prior to the effective date of the changes.
- Effective date of the current privacy policy: July 3, 2023.
11. Remedies for Violations of Personal Information Rights
Users may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee or the Personal Information Infringement Reporting Center of the Korea Internet & Security Agency to receive relief from personal information infringement. In addition, please contact the following organizations to report or consult about other personal information infringement.
- Personal Information Difspute Mediation Committee: 1833-6972 (without area code) (www.kopico.go.kr)
- Personal Information Infringement Reporting Center: (without area code) 118 (privacy.kisa.or.kr)
- Supreme Prosecutors' Office: 1301 (without area code) (www.spo.go.kr)
- National Police Agency: (without area code) 182 (ecrm.cyber.go.kr)
