Items of personal information collected
HeyStars collects the minimum personal information necessary for the implementation of contracts for service provision, user identification, service improvement, development of new services, membership registration, and consultation.
The user agrees to allow HeyStars to collect the essential data necessary to perform essential functions of the service and the optional personal data needed to provide more specialized services.
The user is not restricted from using the service even if said user does not agree to the collection of the selected personal data, however the user would not be able to make use of specialized services.
HeyStars receives nicknames, social media IDs, email addresses and profile images from the social media platform chosen to use social logins to sign up for the service.
HeyStars can collect the user’s personal information through social media platforms according to the policy and terms and conditions of each platform and the user’s consent agreements.
When dealing with service related inquiries or the infringement of the user’s right, HeyStars may collect user’s email address and phone number.
In the case of mobile services, information such as mobile models, mobile network operator information, hardware ID, ADID, and service use can be collected automatically, but the specific individual the aforementioned information belongs to cannot be distinguished or identified.
In addition to information about the device, users' voice recordings, log information, service usage records, app installation information, and browser information can also be collected.
Purpose of collecting and using personal information
The company uses the information collected for the following purposes:
- To help users make good use of the service
- To identify users and prevent fraudulent use of the service
- To prepare statistical data on the service use
- To survey and analyze necessary service improvements
- To draw and send gifts, such as campaigns and events
- To confirm the user’s identity when a report is made or a question is asked to the company
- In order to inform of important notices as required
- To communicate advertising information, such as events
- To identify the user in the process of providing paid services
- To identify the age of the user when using the content
Personal information collection method
The company collects personal information for service provision through the following methods:
- Collecting directly from users during HeyStars membership registration and usage
- Collecting through the Generated Information Collection Tool
- Collecting via written form, fax, telephone, message board, email
Sharing and Providing Personal Information
In principle, the company does not provide or share the user’s personal information to outside entities without the user’s prior consent. Exceptions shall be made in the following cases:
- In the case of the user agreeing to it beforehand
- In the case of compliance with the compliance of the law
User rights and execution practices
The user can inquire about or modify their registered personal information at any time and request to delete their account.
- Should the user request a correction of an error on the user’s personal information, the incorrect information will not be used until the correction is completed.
In addition, if incorrect personal information has already been provided to a third party, the third party will be notified of the correction without delay.
- The company processes personal information that has been revoked or deleted at the request of the user as specified in "Personal Information retention and Period of Use" below, and the corresponding personal information cannot be accessed or used for other purposes.
Personal information retention and period of use
In principle, the company destroys the user's personal information without delay when the purpose of collecting and using personal information is achieved.
However, if it is necessary to preserve the personal information, the personal information can be kept for a certain period of time as follows:
Records of contracts or withdrawal of subscriptions, etc.: Storage for 5 years
Records of payment and supply of goods: Storage for 5 years
Records of consumer complaints or dispute handling: storage for three years
Nickname and profile image for CS processing of withdrawal members: 3 months
Personal information destruction procedures and methods of the company’s personal information destruction are as follows:
- Information destruction procedure
Information entered by the user for service use, etc. shall be destroyed after the purpose of service has been achieved and stored for a certain period in accordance with the internal policy and related statutes.
The personal information is not used for anything other than the purpose of storage unless it is provided by law.
- Information destruction method
Personal information printed on paper is shredded with a shredder, and personal information stored in electronic file form is deleted using a technical method that does not allow records to be restored.
Technical Management Protection of Personal Information
Questions, comments and requests regarding this policy should be addressed to:
HeyStars. Co.,Ltd. Address: 1341, 217, Jungang-ro, Jeju-si, Jeju-do, Republic of Korea
Email Address: firstname.lastname@example.org
Technical Management Protection of Personal Information
When handling the personal information of its users, HeyStars seeks the following technical and administrative measures to ensure safety in order to prevent personal information from being lost, stolen, leaked, tampered with or damaged.
- The user's personal information is stored and managed through an encryption communication system (SSL) and the password is stored and managed one way so that it cannot be decoded.
- In order to prevent users’ personal information from being leaked or damaged by hacking or computer viruses, the system is being installed in areas with restricted access from outside entities.
- In case of personal information corruption, we frequently back up data, prevent users' personal information or data from being leaked or damaged by using the latest vaccine program, and secure transmission of personal information on the network through the cryptographic communication system (SSL).
- Using an intrusion prevention system, we control unauthorized access from outside entities and try to equip all possible technical devices to ensure security systematically.
- By minimizing employees handling personal information, we reduce the risk of personal information leakage.
- We provide regular training or campaigns for employees handling personal information on their privacy obligations and security.
Executed on December 1, 2020.