Privacy Policy

Kids Note Corporation (hereinafter "the Company") collects, uses and provides personal information based on the user’s consent, and actively guarantees the user’s right (the right to control one’s own personal information).

Kids Note legally processes and safely manages personal information in compliance with the Personal Information Protection Act and related laws to protect the freedom and rights of information subjects. Accordingly, in accordance with Article 30 of the Personal Information Protection Act, we guide information subjects to the procedures and standards for processing personal information, and establish and disclose personal information processing policies as shown below to quickly and smoothly deal with related difficulties.

The Privacy (Location) Policy refers to guidelines on protecting the user’s valuable personal information which the Company is required to comply with, in order to ensure that users use its services with confidence.

Personal Information Processing Labeling

Collection of general personal information	Collection of sensitive information	Purpose of processing personal information
Name, phone, email, children’s info, senior’s info etc. ※ Refer to the Privacy Policy for details.	For using specific services: Temperature of staff, children’s temperature. For Family Members: Children’s health info, senior’s health info, behavior record, notable qualities regarding development and change record. ※ Refer to the Privacy Policy for details.	Service provision, member registration and management. Provision of PR and marketing information. ※ Refer to the Privacy Policy for details.
Retention period and destruction	Provision and sharing personal information	Privacy Protection Officer
General personal information is to be destroyed immediately after the user’s unregistration. Some personal information must be kept for a certain period of time specified by the law.	Third party recipients: S-1, LG U+, etc. Entrustment: Kakao, Daou Technology, etc. ※ Refer to the Privacy Policy for details.	Privacy protection officer: Seonho Bang (CPO) Tel: 1644-6734 e-mail: contact@kidsnote.com

Index

Purpose of Processing Personal Information, Items to be Collected, Retention and Use Period

The following minimum personal information is collected when a user signs up for the Service or while the user uses the Service through the homepage, individual applications and programs, and etc. to provide the following services.

Common (sign-up)

Personal Information Items to be Additionally Collected from Family Members

“Family member” refers to a parent who sends his or her child to a center using the Service, including a day care center, a kindergarten, an academy and an after school class, or a guardian whose parent uses a senior care facility using the Service. The Company collects the following information from Family Members when a center uses specific features of Kids Note, Class Note and Family Note, or when Family Members order products from Smart Order or Photo Mall.

Personal information items which are processed additionally when a center using Family Note enters data in the Familycare ERP

Facilities using Family Note may use the Familycare ERP for their convenience, and enter data in the ERP system based on documents submitted by a person registered or to be registered in a senior care facility, or a staff member, after an agreement to the collection of personal information is obtained.

※ The above information may be used for statistics and analysis related to service use.

※ Personal information will be destroyed after being retained for a certain period of time as specified below.

Provision of Personal Information to Third Parties

1. The Company processes the personal information of information subjects only within the scope specified in the Purpose of Processing Personal Information, and provides personal information to third parties only when it falls under Articles 17 and 18 of the Personal Information Protection Act as mentioned in the Consent of the Information Subject and special provisions of the law, and otherwise, does not provide the personal information of information subjects to third parties.
2. To provide its services smoothly, the Company provides personal information to third parties within the minimum extent required upon the consent of the information subjects.

3. In accordance with the "Personal Information Handling and Protection Rules in Emergency Situations" jointly announced by the relevant government ministries and agencies, Kids Note may provide personal information to relevant organizations without the consent of the information subject in response to emergencies such as disasters, infectious diseases, events or accidents that cause imminent danger to life or body, or imminent property loss. Please click here* for details.

In this case, Kids Note will provide the minimum personal information required by applicable laws and only for purposes specified.

Entrustment of Personal Information Handling Tasks

1. Kids Note entrusts the processing of personal information as shown below for the smooth processing of personal information.

2. When executing an entrustment agreement, in accordance with Article 26 of the Personal Data Protection Act, the Company specifies in documents prohibition on personal information processing for purposes other than the purpose of carrying out the entrusted work, technical and managerial protection measures for personal data, purpose and scope of entrusted tasks, restriction on re-entrustment, management and supervision of the entrustee, matters relating to liability such as compensation for damages, etc, and supervises whether the entrustee safely processes personal information.
3. If the content of the entrusted tasks or the entrustee is changed, the Company will immediately notify such change through this Privacy Policy.

Crossborder Transfer of Personal Information and Entrustment of Processing

The Company shall provide no personal information to any third party provided, however, that the Company entrusts the following personal information to overseas entities only for some services to enhance users’ convenience while they use services.

Personal Information Destruction Process and Methods

1. The Company will destroy personal information immediately when personal data becomes unnecessary because of expiration of the retention period, achievement of the purpose of processing, etc.
2. In the event that the Company must continue to preserve the personal information in accordance with other applicable laws even when the personal information retention period agreed by the information subject has elapsed, or the purpose of processing it has been achieved, it may move the personal information to a separate database or store it in a different storage location.
3. The procedure and method of destroying personal information are as follows.
   1. Destruction Procedure the Company selects personal information for which the cause for destruction occurs, and destroys them with the approval of the Company’s Privacy Protection Officer.
   2. Destruction Method The Company destroys personal information recorded and kept in the form of an electronic file so that records cannot be reproduced, and personal information recorded and kept in paper documents is shredded by a shredder or incinerated.

Information Regarding Long-Term Non-Users

In accordance with the recent revisions to the Personal Information Protection Act, effective as of September 15, 2023, we have discontinued our dormant account system.
*Relevant sections removed include Article 39-6 (Special Provisions on the Destruction of Personal Information) of the Personal Information Protection Act, and Article 48-5 of the Enforcement Decree of the Personal Information Protection Act, concerning special provisions on the destruction and handling of personal information.
Please note that, starting from January 23, 2024, the Company will cease the destruction and segregated storage of data pertaining to accounts that have been inactive for an extended period.
If you prefer not to accept these changes, you are required to initiate the account termination process yourself. This can be done by logging into our service (app or web) and navigating to My Info Settings > Withdrawal.
Please rest assured that these changes in our dormant account policy will not impact your current experience with our service.
If you wish to use the service, you can do so at any time by accessing the service.

Rights and Obligations of Information Subject and Its Statutory Agent, and Method of Exercising Them

1. Information subjects may exercise the rights to request for access, correction, deletion and suspension of processing of personal information against the Company at any time. ※ Request for access to personal information, etc. for children under the age of 14 shall be made directly by a legal representative. (In case of a divorced family, the legal representative must have both parental rights and custody. This policy remains the same throughout this Privacy Policy.) An information subject aged 14 or older may exercise his or her rights related to personal information by himself or herself, or through a legal representative.

2. Access to or correction of personal information can be made in “Edit Personal Information” (or “Manage Member Information”). An information subject may unregister from the service by clicking “Unregister”, complete the user verification process and choose “Unregister”. The information subject may also contact the Privacy Protection Officer by writing, phone, or email for such requests.

3. Rights may also be exercised through a legal representative of the Information subject or a person who has been delegated with the authority. In this case, the person shall submit a power of attorney using the Attachment #11 template in the Notice on Personal Information Handling (#2020-7).

4. In terms of a request for access and suspension of processing of personal information, the rights of the information subject may be restricted in accordance with Paragraph 4 of Articles 35, and Paragraph 2 of Article 37 of the Personal Information Protection Act..

5. A request to delete personal information may not be made if the concerned personal information is prescribed as an item to be collected in other applicable laws.

6. The Company verifies whether the person making a request for access to, correction, deletion and suspension of processing of personal information based on the rights of information subjects is the information subject himself (or herself), or a legitimate representative.

Personal Information Security Securement Measures

The Company is taking the following measures to ensure the safety of personal data.

1. Managerial measures: Establishment and implementation of internal management plans, operation of dedicated organizations, periodic staff training.
2. Technical measures: Access management for personal information processing system, installation of access control system, encryption of personal information, security program installation and update.
3. Physical measures: Access control for the IT department and archives.

Matters Concerning Installation, Operation and Refusal of Automatic Personal Information Collection Device

1. The Company uses cookies which save and retrieve usage data frequently in order to provide customized information and ads to information subjects, and develop performance information statistics and new services.
2. Cookies are a small amount of data that a server (http) used to run a website sends to a user’s computer browser, and are sometimes stored on the hard disk of the user’s desktop computer.
   1. Purpose of using cookies: To track visits, types of use, popular keywords, secure access, user volume, etc. for services and websites visited by users and provide optimized information to users.
   2. Installation, operation and refusal of cookies: You can refuse to store cookies by setting options at [Tools] on the top > [Internet Options] > [Personal Data].
   3. If you refuse to store cookies, provision of services may be difficult.

Matters concerning the Collection, Use, and Rejection of Behavioral Data

1. The Company does not collect or use behavioral data to provide optimized and customized services and benefits, and online behavioral advertising to information subjects while they use its services.

2. The Company allows the collection and processing of behavioral data to the providers of online behavioral advertising as follows.

   1. Provider of online behavioral advertising to collect and process behavioral data: Kakao
   2. Method of collecting behavioral data: Automatic collection and transmission of data during the user’s service use.
   3. Items to be collected and processed: User’s service visit record, activity log and search history.
   4. Purpose of collecting behavioral data: Providing personalized ads and content according to estimated gender, age groups, and interest areas based on the characteristics of demographics.
   5. Retention and use period: The data will be retained for a maximum period of one year

3. The Company collects the minimum behavioral data required for online behavioral advertising, etc, and does not collect sensitive behavioral information which may infringe on the rights, benefits or privacy of a person, such as ideas, beliefs, family and relative information, education and military records, and other social activity history..

4. The Company does not collect behavioral data for personalized advertising from children who the Company knows are under the age of 14 or from online services of which main users are children under the age of 14. Also, it does not provide personalized advertising for children who the Company knows are under the age of 14.

5. The Company collects Identifiers for Advertisers (IDFA) for online behavioral advertising on mobile apps. Information subjects may block or allow personal ads on the app by changing the settings of their mobile devices.
   

   • Blocking or Allowing IDFA on smartphones
   
   1) (Android) ① Settings → ② Privacy → ③ Ads → ③ “Reset advertising ID” or “Delete advertising ID”. 2) (iPhone) ① Settings → ② Privacy → ③ Tracking → ④ Disable “Allow Apps to Request to Track”.

   ※ The menus and methods may vary depending on the version of mobile OS.

6. Information subjects may block or allow online behavioral advertising temporarily by changing the cookie settings of the web browser, etc. However, changes in cookie settings may have an impact on some service uses such as auto login for certain websites.

   • Blocking personalized ads through web browser.
   1. Internet Explorer (Internet Explorer 11 for Windows 10)
      • Select “Tool” and then “Internet Options”.
      • Click on the "Personal Data" tab > the “Advanced” button > “Accept” or “Block”.
   2. Microsoft Edge
      • Select ‘…’ on top right corner of the browser > Settings.
      • Select “Privacy, search, and services”. > Go to the “Tracking Prevention” section. > Set whether or not to accept cookies and the tracking prevention level.
      • Always use “Strict” when browsing InPrivate.
      • In the “Privacy and services” section, enable the “Send Do Not Track requests” option.
   3. Chrome
      • At the top right, click More (‘⋮’) > Settings.
      • Click on the Advanced link at the bottom of the Settings page > Privacy and security > Content settings.
      • Under Cookies, turn on “Block third party cookies”.

7. Information Subjects may contact the following department for questions regarding behavioral data, exercising the right to refuse, reporting damages, etc.

   • Department in charge of privacy protection
   1. Department: Customer Service
   2. Contact: Kids Note Customer Center Chat (Click) / 1644-6734

Privacy Protection Officer and Request for Access to Personal Information

1. The Company has designated the Privacy Protection Officer as shown below to oversee and take responsibility for personal information processing, and handle complaints and remedies of information subjects in relation to personal information processing.
2. Information subjects may request access to personal information in accordance with Article 35 of the Personal Protection Act. The Company will do its best to promptly process a request to access personal information by Information Subjects.

3. Information subjects may contact the Privacy Protection Officer of the responsible department with respect to all inquiries relating to personal data protection, handling of complaints, remedy, etc. that have occurred while using Kids Note’s service (or business). The Company will answer and deal with the inquiries of Information Subjects inquiries without delay.

Remedies for Infringement on Rights and Interests of Information Subject

The Company guarantees the right for information subjects to control their own personal information, and does its best to provide consultation and relieve damages caused by personal information breach. Please contact the department in charge of privacy protection for reporting or consultation.

1. Information subjects may contact the Personal Information Dispute Mediation Committee, KISA Report Center for Personal Information Breach, etc. to inquire about dispute resolution or consultation, etc. in terms of damage relief related to personal data infringement. For other reports and consultation on personal information breach, please contact the following organizations.
   1. Personal Information Dispute Mediation Committee : (Toll-free) 1833-6972 (www.kopico.go.kr)
   2. KISA Report Center for Personal Information Breach : (Toll-free) 118 (privacy.kisa.or.kr)
   3. Supreme Prosecutors' Office : (Toll-free) 1301 (www.spo.go.kr)
   4. National Police Agency : (Toll-free) 182 (ecrm.cyber.go.kr)
2. Where any persons whose rights and interest have been infringed on due to the act or omission of the head of a public institution regarding requests prescribed in Article 35 (Access to Personal Information), Article 36 (Rectification or Erasure of Personal Information) and Article 37 (Suspension of Processing of Personal Information) of the Personal Information Protection Act, they may request an administrative appeal under the Administrative Appeals Act.
   • Central Administrative Appeals Tribunal : (Toll-free) 110 (www.simpan.go.kr)

Matters related to the processing of personal location information

The Company processes personal location information. Regarding the items from the third to seventh clause of Article 21-2 of the Act on the Protection and Use of Location Information, please refer to the Terms and Conditions for Location-based Services published by the Company.

1. Purpose and retention period for processing personal location information

   Service Name	Description and Purpose of Service	Retention Period for Personal Location Information
   Location-Based Search Results Service	When a search request is made, or the location information of an individual or a mobile device with mobility is provided, the search results using the location information are presented.	Until membership withdrawal ※ However, if it is necessary to retain the information under the applicable laws and regulations, it will be retained until the end of such period.
   Provision of advertisement information using the member's location	While using search results or other services, advertisement materials will be presented based on the location of the individual or the mobile device with mobility.

2. Matters regarding the provision of personal location information to third parties: None
3. Basis and period for retaining verification information regarding the collection, use, and provision of personal location information
4. Procedure and method for destroying personal location information
5. Matters regarding protective measures for location information
6. Matters related to the notification of using or providing personal location information
7. Rights and responsibilities of guardians or protectors of children aged eight (8) or below in relation to the use of location information and the procedures for exercising these rights and responsibilities
8. Contact details of the individual responsible for managing location information, such as their name, phone number, and the name and contact information of the department responsible for safeguarding personal location information and addressing related grievances

Change of Personal Information Processing Policy

When the content of this Policy is added, deleted or amended, the amendments will be notified to users through Service Notice seven days before the effective date. However, major amendments regarding the users’ valuable rights or obligations will be notified to users at least 30 days before the effective date. In addition, in the case that the Company must amend its Privacy Policy inevitably due to applicable laws or company policies, the amendments will be notified to users as early as possible through Service Notice. The Privacy (Location) Policy shall be applicable as of the effective date.

1. This Privacy Policy takes effect on February 6, 2024.
2. You can see the previous versions of the Privacy Policy below.
   2023. 7. 11. ~ 2024. 2. 5. Privacy Policy (Click)
   2023. 04. 30. ~ 2023. 7. 10. Privacy Policy (Click)
   2022. 10. 30. ~ 2023. 4. 29. Privacy Policy (Click)
   2022. 7. 23. ~ 2022. 10. 29. Privacy Policy (Click)