Privacy Policy

The Ohm, Inc. (hereinafter referred to as the “Company”) has the following policy to protect users' personal information in accordance with laws and regulations related to personal information, such as the Act On Promotion Of Information And Communications Network Utilization And Information Protection, Etc., and to handle users' complaints related to personal information.

1. Purpose of Collection and Use of Personal Information

A. Website membership registration and management

The Company processes personal information for following purposes: Confirmation of membership intent, identification/authentication according to the provision of membership service, maintenance and management of membership, identification according to the real-name system, prevention of illegal use of services, various notices/notifications, handling of grievances, preservation of records for dispute settlement, etc.

B. Handling user requests

The Company processes personal information for the purpose of verifying the identity of the user, confirming the request, contacting and notifying for fact-finding, and notifying the processing result, etc.

We will immediately send you an SMS text message with a code so we can verify your number.

C. Provision of goods or services

Personal information is processed for the purpose of service provision, contents provision, and identity authentication, etc.

D. Service improvement

Personal information is processed for the purpose of developing new services (products) and providing customized services, providing services and posting advertisements according to demographic characteristics, verifying service effectiveness, identifying access frequency, or statistics on users’ service use, etc.

2. Items of Personal Information to be Collected and Methods of Collection

A. Items of Personal Information to be Collected

The Company collects the following personal information when registering as a member and using the service for membership registration, customer consultation, and provision of services.
- Required Item: name, e-mail address, log-in ID, password, mobile number
The following information may be automatically generated and collected in the course of service use or processing.
- Items collected: IP Address, cookies, visit history, service usage record, faulty use records, etc.

B. Collection Method

The Company collects personal information in the following ways.

from inputs during online membership registration and service use;
by using generated information collection tool

3. Term of Retention and Use of Personal Information

The Company retains and uses the user's personal information for a limited period necessary for the purpose of use. When a user withdraws consent to the collection and use of personal information, the Company shall destroy the personal information without delay when the purpose of collection and use of personal information is achieved. Provided, however, that if there is a need to preserve the personal information in accordance with the relevant laws and regulations, the Company may retain the personal information for a certain period of time as stipulated by the laws and regulations.

■ Records on contract or subscription withdrawal

Basis for preservation: Act on the Consumer Protection in Electronic Commerce, Etc.
Preservation period: 5 years

■ Records on payment and supply of goods

Basis for preservation: Act on the Consumer Protection in Electronic Commerce, Etc.
Preservation period: 5 years

■ Records on consumer complaints or dispute resolution

Basis for preservation: Act on the Consumer Protection in Electronic Commerce, Etc.
Preservation period: 3 years

■ Records of indications and advertisements

Basis for preservation: Act on the Consumer Protection in Electronic Commerce, Etc.
Preservation period: 6 months

4. Personal Information Destruction Procedure and Method

In principle, users' personal information is destroyed without delay when the purpose of collection and use of personal information is achieved or the period of retention and use is terminated. The company's personal information destruction procedures and methods are as follows.

Destruction procedure

The user's personal information is transferred to a separate DB (separate filing cabinet in the case of paper) after the purpose of collection and use for which consent was obtained is achieved, stored for a certain period of time as stipulated by the relevant laws and regulations, and then destroyed.

Destruction method

Personal information printed on paper is shredded with a shredder or destroyed through incineration.
Personal information stored in the form of an electronic file is deleted using a technical method that cannot reproduce the record.

Personal information validity period (dormant account policy) If the user has no record of using the services (website, mobile web, mobile app) provided by the Company for one year, the personal information of the inactive user is stored and managed separately from the personal information of general users (change to a dormant account). The Company notifies the user through e-mail, etc. of the foregoing 30 days before the time of change to a dormant account. Separately stored personal information is not used or provided, except as otherwise provided in the relevant laws and regulations, and is retained for a certain period in accordance with the relevant laws and regulations and is destroyed after the end of the relevant period. However, personal information that has not been destroyed will be provided again at the time of resumption of service use at the request of the user.

5. Provision of personal information to third parties

The Company does not currently provide personal information of the users to third parties.

6. Entrustment of personal information

The Company entrusts the following personal information processing tasks for the service implementation.

Trustees

Contents and Purpose of the Entrusted Tasks

KTH

Name of Company and Contact: KTH (https://www.kthcorp.com/etc/contactus)

SMS sending service using personal information collected in accordance with Section 2 Paragraph A (Retention period: Until the end of service)

Twillio

Name of Company and Contact: Twillio (https://www.twilio.org/contact/)

Countries to be transferred: USA

Transfer date and method: Transmission through the network at the time of service use SMS sending service using personal information collected in accordance with Section 2 Paragraph A (Retention period: Until the end of service)

SendGrid

Name of Company and Contact: SendGrid (https://sendgrid.com/contact/)

Countries to be transferred: USA

Transfer date and method: Transmission through the network at the time of service use E-mail sending service using personal information collected in accordance with Section 2 Paragraph A (Retention period: Until the end of service)

Amazon Web Services Inc.

Name of Company and Contact: Amazon Web Services Inc. (https://aws.amazon.com/compliance/contact/)

Countries to be transferred: USA

Transfer date and method: Transmission through the network at the time of service use Storage of all personal information collected in accordance with Section 2 Paragraph A (Retention period: Until the end of service)

7. Rights of users and their legal representatives

Users and their legal representatives may at any time inquire or modify the registered personal information of themselves or children under the age of 14, and may request withdrawal of consent or termination of membership.
If a user or a legal representative contacts the person in charge of personal information protection in writing, by phone or e-mail to inquire or modify the personal information of the user or children under the age of 14, the Company will take action without delay.
If a user requests correction of errors in personal information, the personal information will not be used or provided until the correction is completed. In addition, if incorrect personal information has already been provided to a third party, the Company will notify the third party of the result of the correction without delay so that the correction can be made.
The Company handles personal information that has been canceled or deleted at the request of users or their legal representatives as specified in the Personal Information Destruction Procedure and Method, and is not viewed or used for any other purpose.

8. Matters Concerning the Installation/Operation and Rejection of Automatic Personal Information Collection Devices

The company uses “cookies” and similar technologies that store and retrieve users’ access information from time to time. Cookies are a small amount of information stored in the user's terminal when the user uses application services or visits the website, and stores information that can be read when the user visits the website again.

Purpose of use of cookies

To maintain the user's connection session
To analyze the usage and visit behavior of users on the service and website
For secure access to the website or application service

Installation, operation, and rejection of cookies

When a user uses the service through the web, by setting the browser option, all cookies can be accepted, checked every time a cookie is saved, or all cookies can be rejected. However, in the case of applications, the cookie setting option may not be supported.
If a user refuse to store cookies, the user may experience difficulty in using some services that require login features.

9. Chief Privacy Officer

All personal information protection related requests that occur while using the Company's services can be reported to the chief privacy officer or the department in charge. The Company will promptly and sufficiently respond to users' reports.

Chief Privacy Officer

Name: Gi Yoon Ohm
Position: CEO
Title: President
Contact: contact@tastebds.com

※ You will be directed to the department in charge of personal information protection.

10. Miscellaneous

This document was originally written in Korean. In the event of conflict between the Korean and the English versions, the Korean version shall prevail.