Announcement Date: February 18, 2025
Effective Date: March 19, 2025
The responsibility for all transactions related to inline AI, as well as handling content reviews, exchanges, refunds, and complaints, is managed by Elements Co., Ltd. For further inquiries, you can contact us at contact@elements.im.
Elements Co., Ltd. (hereinafter referred to as "the Company") adheres to the Personal Information Protection Act, the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Protection of Communications Secrets Act, the Telecommunications Business Act, and other relevant laws and regulations that information and communication service providers must comply with regarding the Inline AI services (hereinafter referred to as "the Service") provided by the Company. The Company is committed to protecting the rights and interests of all users (hereinafter referred to as "Users"), both members and non-members, utilizing the Service, by establishing and following a privacy policy in accordance with the pertinent laws. Additionally, the Company publishes the privacy policy on its website and applications, ensuring that users can easily access it at any time.
1. Purpose of Collecting and Using Personal Information
The "Company" utilizes the collected personal information for the following purposes.
Membership registration and communication-related matters: Member identity verification, prevention of fraudulent registrations, confirmation of registration intention, age verification, grievance counseling and handling, announcement notifications, etc.
Matters related to service provision: Payments, use of individual services and issuance of cash receipts, identity verification during financial transactions, and financial services, etc.
Event and marketing, and data research matters: Events, promotional information delivery, statistical surveys on service usage, etc.
Provision of other services, etc.
2. Items of Personal Information Collected and Collection Methods
Required Information for SNS-linked Account (Kakao) Registration:
Login Identification Value, Mobile Phone Number, Kakao Account Email
During the use of the service, the following information may be automatically generated and collected:
Connection Environment and Device Information (Browser, OS, Screen Size, Device ID), IP Address, Cookies, Visit Date and Time, Records of Misuse, Service Usage Records, etc., may be automatically generated and collected.
During the use of paid services, the following payment information may be collected:
Credit Card Payment: Mobile Phone Number, Card Company Name, Card Number, etc.
Mobile Payment: Mobile Phone Number, Carrier, Payment Approval Number, etc.
Account Transfer: Mobile Phone Number, Bank Name, Account Number, etc.
Bank Deposit: Mobile Phone Number, Bank Name, Account Information, Contact Details, etc.
Other Payment Methods: Mobile Phone Number, Contact Details, Email, Payment Information, etc.
Refund Processing: Mobile Phone Number, Bank Account, Account Number, Account Holder Name, Email
Issuance of Cash Receipts: Mobile Phone Number, Cash Receipt Card Number
The "Company" uses users' personal information within the scope and purposes notified in "1. Purpose of Personal Information Collection and Use," "2. Items of Personal Information Collected and Collection Methods," and will not exceed this range or disclose personal information to external parties without prior consent from the "User."
However, exceptions are made in the following cases:
If the "User" has given prior consent.
If it is necessary for the creation of statistics, academic research, or market research, and is provided in a form where specific individuals cannot be identified.
If reasons related to business transfer or merger occur (However, if the transfer of personal information is necessary due to reasons such as business transfer, the company will notify the fact and other matters concerning the transfer of personal information in advance according to the procedures and methods prescribed by relevant laws, and users will be granted the right to withdraw consent to the transfer of personal information.)
If there are special provisions under laws.
3. Retention and Utilization Period of Personal Information
The user's personal information is promptly destroyed once the purpose of its collection and use is achieved. However, the following information will be retained for the specified period for the reasons outlined below:
Reasons for information retention according to the company's internal policy
Reason for retaining records of improper use: Prevention of misuse
Retention period: 1 year
Reasons for information retention according to relevant laws
Records related to contracts or withdrawal of subscription, etc.
Basis for retention: Consumer Protection Act in Electronic Commerce, etc.
Retention period: Up to 5 years
Records concerning payment and supply of goods, etc.
Basis for retention: Consumer Protection Act in Electronic Commerce, etc.
Retention period: Up to 5 years
Records of electronic financial transactions
Basis for retention: Electronic Financial Transactions Act
Retention period: Up to 5 years
Records of consumer complaints or dispute resolutions
Basis for retention: Consumer Protection Act in Electronic Commerce, etc.
Retention period: Up to 3 years
4. Methods for Storing and Processing File Data
All file data uploaded by the "User" to the "Service" is used only when necessary and is not permanently stored on the "Company" servers. The "Company" manages the file data of the "User" as described in detail below.
Namespace Separation
All file data of each "User" is stored within their own respective namespaces.
Each namespace is accessible only to the owner, and data sharing between namespaces does not occur.
Data Random Obfuscation
All file data is stored in an obfuscated form of random text chunks (unreadable form).
The obfuscated random text is used only when inferring a response to a "User" request, and the text within the file itself is not stored as data.
Zero Data Retention
The "Company" has established a Zero data retention agreement with AI model vendors such as OpenAI and Anthropic, with whom the "Company" collaborates to provide the "Service," ensuring no document/file records are kept.
All AI systems operate from data centers based in the Eastern United States and Seoul, South Korea.
No vendors from other regions, particularly those from Greater China like China, are utilized.
5. Procedures and Methods for the Destruction of Personal Information
The personal information of the "user" is, in principle, destroyed without delay when the purpose of the collection and use of the personal information is achieved. The procedure and method for the destruction of personal information by the "company" are as follows:
Destruction Procedure
The information entered by the "user" for purposes such as membership registration is transferred to a separate database after the purpose is achieved, and is destroyed in accordance with internal policies and other related legal reasons for information protection (refer to the retention and usage period).
Destruction Method
Personal information stored in electronic file format is deleted using technological methods that prevent the reproduction of records.
6. User Rights and How to Exercise Them
Method for Deleting Local File Data
The “User” may delete file data within the “Service” by removing the “Service” installed on a local computer at any time.
The “User” may individually delete files within the “Service” at any time.
Since this is no different from deleting files on the “User’s” local computer, it can be done at any time as per the convenience of the “User.”
In Case of Membership Withdrawal
The
7. Matters Concerning the Installation/Operation and Rejection of Automatic Personal Information Collection Devices
The "Company" has implemented the following technical and administrative measures to ensure the security of personal information handled by our "Users," to prevent the loss, theft, leakage, alteration, or damage of personal data.
Password Encryption
The passwords for the service member IDs are encrypted, stored, and managed in such a way that only the individual user knows them, and changes to personal information can only be made by the individual who knows the password.Measures Against Hacking
The "Company" is committed to preventing the leakage or damage of members' personal information due to hacking or computer viruses.We regularly back up data to prevent damage to personal information and use the latest antivirus programs to prevent user information or data from being leaked or damaged. We also ensure that personal information can be securely transmitted over the network through encrypted communication.
Moreover, we use intrusion prevention systems to control unauthorized access from outside, and we strive to implement all technically possible security measures to ensure system security.
Minimizing and Training Staff
The number of staff handling personal information at the "Company" is limited to the personnel in charge. We assign a unique password for this purpose, which is regularly updated, and we continually emphasize the adherence to the Company's privacy policy through ongoing training of the personnel in charge.
Operation of the Privacy Protection Taskforce
Additionally, the "Company" strives to promptly rectify any issues by verifying compliance with the Company's privacy policy and adherence by the responsible personnel through an internal privacy protection taskforce.
However, the Company shall not be responsible for any issues caused by the User's own negligence or problems on the internet that result in the disclosure of personal information such as ID, password, or social security number.
8. Technical/Administrative Measures for the Protection of Personal Information
Contact Information for Personal Information Management Officer and Personnel
"Users" may report any personal information protection-related complaints arising from using the company's services to the personal information management officer or the relevant department.
The "Company" will promptly provide a sufficient response to the "User's" reported matters.
Personal Information Management Officer
Name: Juwon Song
Position: CTO
Affiliation: Elements Inc.
Phone: 070-4138-4000
Email: contact@elements.im
For further reports or consultations on personal information infringements, please contact the institutions below.
Personal Information Infringement Report Center: 118 (without area code) (http://privacy.kisa.or.kr)
Personal Information Dispute Mediation Committee: 1833-6972 (http://kopico.go.kr)
Supreme Prosecutors' Office Cyber Investigation Department: 1301 (without area code), cid@spo.go.kr (http://spo.go.kr)
National Police Agency Cyber Safety Bureau: 182 (without area code) (http://cyberbureau.police.go.kr)
Etcetera
Please be informed that this "inline AI Privacy Policy" does not apply to the collection of personal information by websites that are linked to the company.
Duty of Disclosure
If there are any additions, deletions, or modifications to the current privacy policy, we will notify you through the 'Notices' section on our website at least 7 days in advance. However, in cases of significant changes to user rights, such as the collection and use of personal information or provision to third parties, we will provide notice at least 30 days in advance.
