Privacy Policy of MoneyBox Co., Ltd. (‘www.skypay.co.kr’, hereinafter referred to as ‘MoneyBox Co., Ltd.’)

MoneyBox Co., Ltd. complies with the Personal Information Protection Act, Article 30, and the Act on Promotion of Information and Communications Network Utilization and Information Protection, Article 27-2, to protect customers' personal information and rights and to address grievances related to personal information. This privacy policy is established as follows. The company will notify any changes to this policy through its website or the MoneyBox app (or individual notices).

1. Purpose of Processing Personal Information
The company processes personal information for the following purposes. The processed information will not be used for purposes other than those stated below, and in the event of changes in usage purposes, the company will take necessary measures, such as obtaining separate consent as required by the Personal Information Protection Act, Article 18.

Membership Registration and Management
Personal information is processed for purposes such as membership registration, use of membership-based services, identity verification, prevention of misuse, unauthorized use prevention, verification of consent for collecting personal information of children under 14, verification of legal guardians, accident investigation, dispute resolution, complaint handling, and notification delivery.

Non-Face-to-Face Transactions
Personal information is processed for purposes such as tracking and searching transaction details, and statistical data for security policy formulation under the Electronic Financial Transactions Act, Articles 21 and 22.

Promotion and Marketing of Products or Services
Personal information is processed for purposes such as customer satisfaction surveys for new service development, service quality improvement, provision of tailored services, demographic-specific advertising, event participation opportunities, usage frequency analysis, notification of exchange rate and financial benefits, and statistical analysis of service usage.

Compliance with Legal Requirements
Personal information is processed for purposes such as anti-money laundering, detection of unusual transactions, reporting to financial authorities, and providing legally required investigation materials in the event of hacking or fraud-related incidents.

2. Retention and Processing Period of Personal Information
Personal information related to non-face-to-face transactions is retained and processed for up to 5 years from the end of such transactions. After this period, information may only be retained for purposes such as financial accident investigations, dispute resolution, complaint handling, and compliance with legal obligations.
Personal information collected for credit information inquiries is retained until the validity of consent for the inquiry ends. After the consent expires, the data may only be retained for the purposes mentioned in Article 1.
Personal information related to product/service promotion and provision is retained until membership withdrawal or withdrawal of consent.
Personal information collected for membership management is retained until the member withdraws their membership.
Personal credit information for non-face-to-face transactions is retained as stipulated by the Enforcement Decree of the Electronic Financial Transactions Act, Article 12.
(Additional specific retention periods for various types of information are provided in the detailed text above.)

3. Notice of Source of Collected Personal Information
If personal information is collected from a third party, the company will notify the data subject within three days of the collection.
4. Provision of Personal Information to Third Parties
The company processes personal information only within the stated purposes and does not share it with third parties without prior consent unless legally required.

5. Delegation of Personal Information Processing
The company entrusts personal information processing to external entities as needed, with strict guidelines for security and compliance.

6. Rights and Responsibilities of Customers and Legal Representatives
Customers have the right to access, correct, delete, and stop the processing of their personal information and can exercise these rights in accordance with the Personal Information Protection Act.

7. Items of Personal Information Processed
The company collects essential and optional information, including identification information, contact details, and transaction information, as specified in the detailed text.

8. Destruction of Personal Information
Personal information is destroyed promptly when retention periods expire or purposes are fulfilled unless otherwise required by law.

9. Measures to Secure Personal Information
The company implements regular audits, minimizes access, encrypts data, and uses security programs to protect personal information.

10. Use of Cookies
The company uses cookies to provide customized services and allows users to opt out of cookie storage via browser settings.

11. Changes to the Privacy Policy
This policy is effective from November 1, 2020. Changes will be announced 7 days prior to implementation.

12. Contact Information for Privacy Protection
Privacy Protection Officer: Won-kyu Cho
Position: Team Leader
Phone: 02-757-0000
Email: support@skypay.co.kr
For further inquiries, please contact the officer or relevant department.