hoy(호이)
Privacy policies

Team Sparta Inc. (hereinafter referred to as "the Company") complies with personal information protection regulations in relevant laws that information and communication service providers must adhere to, such as the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc., Protection of Communications Secrets Act, Telecommunications Business Act, and Personal Information Protection Act. The Company is committed to protecting the rights of users by establishing a personal information processing policy in accordance with relevant laws.

This privacy policy applies to users who use the service "Hoi" (including web, mobile web, and app, hereinafter referred to as "the Service") managed and operated by the Company, and contains the following information:

Types of Personal Information Collected and Method of Collection

1. The Company collects the following personal information from users for membership registration and management, various service provisions, smooth grievance handling, and provision of personalized services:
(1) Personal information collected at the time of service registration
- Purpose of processing: Service provision and operation, improvement
- Collected items: Mandatory
- Mandatory/Optional: Email, name, email, company name, team size, position
- Processing and retention period: Until withdrawal or contract termination
(2) Information automatically generated and collected during service use
- Purpose of processing: Service provision and operation, improvement
- Collected items: Service access and usage records
- Mandatory/Optional: Generated and collected during service use
- Processing and retention period: Until withdrawal or contract termination

2. In addition to the personal information items mentioned in paragraph 1, IP Address, cookies, visit date and time, service usage records, bad usage records, and device information may be collected during the service usage or app execution process, and email addresses or phone numbers may be collected during the customer inquiry reception and processing.

3. During the use of the Company's services, if identification and verification of the user's identity, age verification are necessary, name, date of birth, gender, information on whether the user is a domestic or foreign national, mobile phone number or i-PIN number, encrypted unique identification linking information (CI), and duplicated registration check information (DI) may be automatically generated and collected. In the case of minors, legal guardian information may be automatically generated and added.

4. The Company does not collect sensitive personal information that may infringe on the basic human rights of users (race, creed, political inclinations, criminal records, medical information, etc.).

5. The Company will not use the collected personal information for any purposes other than those for collection and will obtain separate prior consent from users if the purposes of collection and use change.

6. The Company may collect personal information of users through the following methods:
- Website, mobile devices, written forms, fax, telephone, consultation boards, email, event entry, delivery requests
- Collection through generation information collection tools

Purpose of Using Collected Personal Information
The Company utilizes the information collected from users for the following purposes:

1. To use personal information for membership registration, smooth customer consultation, provision of services promised to users, identity verification following service provision, purchase and fee payment, provision of the Company’s service usage history, registration of payment methods, etc.

2. To use personal information for confirming the intention to register as a member, age verification and proceeding with legal representative consent, verification of the user and legal representative, user identification, confirmation of the intention to withdraw membership, handling inquiries or complaints, etc., for member management.

3. To use personal information for restricting users who violate laws and the Company's policies (including service terms of use), preventing and sanctioning acts that interfere with smooth service operation and unauthorized actions, including fraudulent use, preventing account misuse and fraudulent transactions, delivering notices, and preserving records for dispute resolution to protect users and ensure a stable service environment.

4. To use personal information for providing services according to demographic characteristics, analyzing access frequency, improving functions, using statistics on service use, and reflecting analysis of purchase (payment) of paid services and service usage trends, interests, and usage records of users in new service offerings based on service analysis and statistics.

5. To use personal information for providing event information, promotional information, etc., for the purposes of events and promotions (with consent to marketing and promotional information provision).

Retention and Use Period of Personal Information
In principle, the Company retains users' personal information until membership withdrawal. However, the Company retains personal information for a specified period even after membership withdrawal in the following cases for dispute resolution, etc.:

1. Reasons for personal information preservation according to the Company's internal policies include records of misuse (misuse refers to transactions that violate the Company's policies, infringe on the rights or interests of the Company, members, third parties, or transactions similar to these).

2. Preservation reason: Management and measures against misuse

3. Preservation period: 1 year

4. In the case of ongoing investigations or inquiries due to violations of related laws by users: Until the end of the investigation or inquiry

5. If there is a remaining creditor-debtor relationship between the Company and the user: Until the settlement of the creditor-debtor relationship

5. In cases where preservation is necessary according to the provisions of related laws such as the Commercial Act, Consumer Protection in Electronic Commerce, etc., the Company retains users' information for a certain period as prescribed by related laws.

6. The Company uses the preserved information only for its preservation purpose, and the preservation periods are as follows:
- Records on consumer complaints or dispute resolution
(1) Preservation reason: Consumer Protection in Electronic Commerce, etc.
(2) Preservation period: 3 years
- Records on contracts or withdrawal of subscriptions
(1) Preservation reason: Consumer Protection in Electronic Commerce, etc.
(2) Preservation period: 5 years
- Records on payment and supply of goods, etc.
(1) Preservation reason: Consumer Protection in Electronic Commerce, etc.
(2) Preservation period: 5 years
- Log records related to service use and access
(1) Preservation reason: Protection of Communications Secrets Act
(2) Preservation period: 3 months

Rights and Duties of Users
1. Users have the right to request access to, correction of, deletion of, and suspension of processing of their personal information at any time, and can withdraw consent to the use of personal information through the membership withdrawal process. The Company verifies whether the requester is the user or a legitimate representative when such requests are made.

2. The exercise of the rights mentioned in 1. can be done through written documents, email, fax, etc., to the Company, which will take immediate action. However, names, resident registration numbers, and foreign registration numbers cannot be corrected, except for name changes due to legal name changes and changes in resident (business) registration numbers due to administrative issues.

3. The Company may refuse a request for suspension of processing personal information if:
- It is inevitable to comply with special regulations of laws or legal obligations,
- There is a risk of harming another person's life or body, or unfairly infringing on another person's property and other interests,
- It is difficult to perform the contract with the information subject, such as providing contracted services, without processing personal information, and the information subject has not clearly expressed the intention to terminate the contract.

4. The exercise of rights mentioned in 1. can be done by a legal representative or a delegated person of the user. In this case, a power of attorney according to the form No. 11 of the enforcement rules of the Personal Information Protection Act must be submitted.

5. Requests for access and suspension of processing personal information can be limited according to related laws.

6. Requests for correction and deletion of personal information cannot be made if the personal information is specified as a collection target in other laws. Also, if a correction for personal information errors is requested, the Company will not use or provide the personal information.


Efforts for Personal Information Protection by the Company

1. The Company is implementing technical and managerial measures to ensure the security of users' personal information to prevent it from being lost, stolen, leaked, altered, or damaged in the processing of users' personal information as follows:
a. Encryption of Personal Information: The Company encrypts users' personal information such as passwords and payment methods according to the standards required by law and is using devices to block external intrusions to prevent attacks and hacking from outside. In particular, servers storing users' personal information are maintained securely by being managed separately and not directly connected to the external internet line.
b. Measures Against Hacking: The Company is doing its best to prevent the leakage or damage of members' personal information due to hacking or computer viruses. It is preventing the leakage or damage of users' personal information or data by using the latest antivirus programs and ensuring the safe transmission of personal information over the network through encrypted communication. The Company is striving to equip all possible technical devices to secure security systematically.
c. Minimization and Training of Processing Staff: The Company limits the number of employees who handle personal information to a minimum, focusing on designated personal information management personnel, and emphasizes compliance with the personal information processing policy through periodic training for these personnel.

2. Notwithstanding paragraph 1, the Company is not responsible for any issues arising from the user's personal information being leaked or exposed due to the user's own intention or negligence or problems on the Internet.

Personal Information Protection Officer and Contact Information
The Company has designated a personal information protection officer to collect opinions and handle complaints regarding personal information as follows. Users can report any inquiries, complaints, and remedies related to personal information protection encountered while using the Company's services to the personal information protection officer or the responsible department. The Company will respond and handle the inquiries and reports promptly.

- Responsible Officer Name: Lee Beom-Gyu
- Position: Representative
- Email: contact@hoy.im

‍For reports or consultations regarding personal information infringement, please contact the following organizations:

- Personal Information Infringement Report Center (www.1336.or.kr / 118 without area code)
- Korea Internet & Security Agency (KISA) Privacy Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533~4)
- Supreme Prosecutors' Office Cybercrime Investigation Center (www.spo.go.kr/minwon / 1301 without area code)
- National Police Agency Cyber Terror Response Center (www.ctrc.go.kr / 02-392-0330)
- Personal Information Dispute Mediation Committee (cyberbureau.police.go.kr / 1833-6972)

Duty of Notification
The Company will notify through platform announcements at least 7 days prior to any additions, deletions, or modifications to the current personal information processing policy. However, in the case of significant changes affecting members' rights, such as collection and use of personal information and provision to third parties, the notice will be made at least 30 days in advance.

Article 12 (Miscellaneous)
The personal information processing policy of the Company does not apply to web pages linked to the services provided by the Company regarding their collection of personal information.

Announcement Date: December 7, 2023
Effective Date: December 13, 2023