NeoLAB Service Privacy Policy

1.    What is Privacy Policy?

2.    Collection of Personal Information

3.    Use of Personal Information

4.    Provision of Personal Information

5.    Destruction of Personal Information

6. Others

1. What is Privacy Policy?

NeoLAB Convergence, Inc. (hereinafter “Company”) uses and provides the user’s personal information based on the user’s consent, and actively guarantees the user’s right(the right to control one’s own personal information).
The Company complies with applicable laws, personal information protection regulations and guidelines of the Republic of Korea, which must be obeyed by information communication service providers. NeoLAB Service’s Privacy Policy refers to guidelines on protecting the user’s valuable personal information which the Company is required to comply with, in order to ensure that users use its services with confidence. This Privacy Policy is applied to NeoLAB Service Account Services (hereinafter “the Services”).

2. Collection of Personal Information

The Company collects the minimum personal information to provide the Services.

The following minimum personal information is collected while the user uses the Services, through the home page, individual applications and programs, and etc.

[In the case that a user uses NeoLAB Service after verifying oneself through account of other platform]

●   Required: ID(email address), name, time of usage, URL of a profile picture

●   Optional: Date of birth, gender, nationality

Some services may collect personal information additional to those collected commonly by NeoLAB Service Account upon the user‘s consent in order to provide specialized services.

●       What is required information? : Information required to provide the fundamental features of the concerned service.

●       What is optional information? : Additional information which needs to be collected to provide more specialized services. (Users still can use the Services without agreeing to provide additional information.)

The method to collect personal information is as follows.

In case of collecting personal information, the Company informs the fact to a user in advance. Personal information is collected via the following methods:

●       The user agrees to the collection of personal information and enters relevant information while the user uses the Services

●       Personal information is provided through affiliated services or groups.

●       Personal information is provided via the home page, email, fax, phone, etc. during customer service calls.

●       The user participates in online and/or offline events.

The following personal information may be collected while the user uses the Service.

Information of a cell phone device during usage of PC web and mobile web and app(OS, screen size, device ID, phone type, phone model), IP address, cookie, time of visit, record of dishonest use, record of using service, time of amending account, information for logging in app, time of the most recent log in, number of log in, information of a smartpen device(handwriting data, file, Mac address of device, Inklink(url, time, location information, etc.), information regarding resource used(type, amount, time), data synchronization log(data type, specific data no., information regarding app that uploads data, result of synchronization, error log, number of re-trial, time for synchronization), etc. may be automatically created and collected while the user uses the PC web or mobile web & apps.

Data (including but not limited to handwriting, edited handwriting, recording, favorites, pen information, and editing) entered and recorded in the course of the user’s use of the service is stored on the third party security server of the Company. Stored member data can be used for the purpose of improving service quality and performance, upgrading and optimizing services to users.

In order to provide users with some functions within this Service, the Service can use mechanical algorithms to access metadata of content stored by users or scan and store user’s content for content pattern recognition using mechanical automatic technology methods.

3. Use of Personal Information

Personal information is used to manage membership, to provide and improve Services and to develop new service as follows. Personal information is collected to the minimum extent required to provide Services while the user uses the Services, through the homepage, individual applications and programs, and etc.

●       Member identification, user and age verification, prevention of improper usage

●       Develop new services, provide diverse services, resolve inquiries or complaints, and deliver notices

●       Prevention and sanction of any act that interrupts normal service operation of the service

●       Utilization for marketing

●       Statistics based on service usage record, frequency of visit and service use; development of service environment to protect privacy; development of customized services; service improvement.

●       May be used for utilization purpose of the Company’s apps (NeoLAB Service, Pen Manager, Grida board, PaperTube, etc.).

4. Provision of Personal Information

The Company does not provide personal information to any third party without your consent or unless demanded by applicable laws. The Company entrusts the following personal information to a third party to connect the Services to third-party services.

The Company shall provide no personal information to any third party without user’s prior consent; provided, however, that the Company provides the foregoing personal information to the third parties within a scope required to provide affiliated services to users, only upon user’s prior consent.

ServiceRecipientPurpose of ProvisionPersonal information to be provided

The following affairs are entrusted to provide the Services.

The Company provides personal information to third parties in the course of entrusting some parts of the affairs required for service provision. The Company also supervises and monitors the entrusted parties to abide by the relevant laws and regulations.

Consignment companyPurpose of consignment work

Some personal information is transferred overseas to perform the following affairs.

Entrusted PartyInformation Management OfficerPurpose for transferItems to be transferredCountry where personal data is transferred toTransfer DateUse Period

5. Destruction of Personal Information

The user’s personal information is to be destroyed immediately once the purpose of the collection and use of personal information is fulfilled. The procedure and method of destruction is as follows:

Personal information stored in electronic file formats is to be deleted using technical means which make the information unrecoverable. Personal information printed on paper records, printed matters and documents is to be destroyed through shredding or incineration.

Other personal information that shall be retained under the relevant laws and regulations are as follows:

Records to be RetainedApplicable LawRetention Period
Records of contract or withdrawal of subscriptionAct on the Consumer Protection in Electronic Commerce, etc.5 years
Records of payment and supplying goods5 years
Records of consumer’s complaint and the settlement of dispute3 years
Records of marks and advertisement6 months
Books and supporting documents for all transactions specified by the Tax ActFramework Act on National Taxes5 years
Records of electronic financial transactionsElectronic Financial Transactions Act5 years
Service visit recordsProtection of Communications Secrets Act3 months

6. Others

The Company is committed to protecting the user’s rights. Any user may by contacting the Company view and edit his/her personal information at any time, and may withdraw his/her consent to collection and use of personal information, or request for the withdrawal of the Service at any time. Upon any request via email, document, phone call, the Customer Center shall take measures without delay. If any user requests for the revision of personal information, such information shall not be used or provided until the revision is completed.

Cookies can be used to provide the web-based services.

Cookies are used to support a faster and more convenient use of websites and to provide customized services.

What is a Cookie?

●       A cookie is a small piece of text file usually set by the web server, sent from a website and stored in a User’s computer hard disk while the user is browsing that website.

Purpose of use

●       The Company uses cookies which save and retrieve user information in order to provide personal customized service. When a user visits the website, the website server reads cookies stored on the user’s device to maintain environment settings and customized services. Cookies help the user use the website easily and conveniently by finding out the user’s preferences. Also, they are used to provide customized marketing information by tracing the number of visiting to the website and use patterns.

Rejection of cookies

●       Cookie does not collect personally identifiable information automatically or actively, and a user has an option for setting a cookie. Hence, a user may allow all cookies by setting the option on the web browser; whenever a cookie is stored, the confirmation thereof shall be completed; or, otherwise, a user may reject the storage of all cookies. Provided, however, when a user rejects the storage of a cookie, then the user may have some difficulties in using a service.

Examples of Settings

1) Internet Explorer

●       Select “Tool” menu at the top of the browser. > “Internet Options” > “Personal Data” Tab > Settings

2) Chrome

●       Select “Settings” menu at the top right side of the browser. > “Show advanced settings” > In the “Privacy” section, click “Content settings”. > Cookies

The Company works hard to protect our users’ precious personal information.

The protection of our users’ personal information is our utmost priority. In order to protect users’ valuable personal information, we are making the following efforts.

Users’ personal information is encrypted.

●       Users’ personal information is transmitted through encrypted communication channels, and important information, including passwords, are encrypted when stored.

Personal information is protected from hacking attempts and computer viruses.

●       Systems are installed in areas restricted from external factors to prevent users’ personal information from being leaked or damaged by hacking or computer viruses. A 24-hour monitoring system has been installed to detect and block any hacking attempts, and vaccine programs are being used to protect the system from the latest malware and viruses. The Company is also continuously researching new security and anti-hacking technologies and applying the new technologies to our services.

The Company complies with the General Data Protection Regulation (GDPR) as well as the domestic laws of each member country.

The following may apply when the Company provides services to users in EU countries.

[Purpose/Basis of Personal Information Processing]

The Company uses personal information collected from users only for purposes specified in “3. Use of Personal Information”, informs users prior to any use thereof and asks for agreement.

In addition, the Company may process personal information in accordance with applicable laws including GDPR in any of the following cases:

●       Consent of the data subject

●       Sign and fulfil a contract with the data subject

●       Legal compliance

●       When personal information processing is necessary for the material benefit of the data subject

●       For the pursuit of legitimate interests of the company (except for cases where the benefits, rights or freedom of the data subject is more important than that of the company.)

[Guarantee of Users’ Rights in EU Countries]

As described in “The Company protects your personal information”, the Company is committed to protecting your privacy. In accordance with applicable laws including GDPR, a user may request that his or her personal information be transferred to another manager, and refuse the processing of his or her information. In addition, a user has a right to file a complaint with data privacy protection authorities. The Company may also use personal information for marketing purposes such as event promotion or advertisements, for which the Company obtains a prior agreement. A user may withdraw the agreement at any time if he or she doesn’t want it. A user may inquire the foregoing matters to the Customer Service via document, phone or email. The request will be handled in a proper and timely manner. When a user requests for the correction of personal information, the concerned information shall not be displayed until such correction is completed.

Questions regarding Privacy Protection

For any inquiries, complaints, feedback or other matters related to personal information protection which arise while you use the Services, please contact the privacy protection officer or the responsible department. The Company will do its best to listen to you and promptly answer any questions you may have.

Privacy Protection Officer

Name: Gongpil Sa

Company: NeoLAB Convergence, Inc.

Phone: +82 2-3462-2981

Please make inquiries to the following organizations if you need to report or consult in regards to the violation of personal information.

KISA Report Center for Personal Information Breach+82 118https://privacy.kisa.or.krCyber Crime Investigation, Supreme Prosecutors’ Office +82 1301cid@spo.go.krCyber Terror Response Center, National Police Agency+82 182

Amendment to the Privacy Policy

The Company may amend its Privacy Policy to reflect any legal or service changes. The Company shall notify such amendment in advance, and the amended Privacy Policy shall take effect seven (7) days after the foregoing notification. If you accept the most recent version of the Privacy Policy, it is deemed that you would have accepted all the previous versions of the Privacy Policy.

The Company always entreasures users’ information, and continues to exert its utmost efforts for users to use our Service more safely.

[1] NeoLAB Service includes Neo Studio, Gridaboard, Papertube, Pen Manager, Neolab Cloud and any other service offered by NeoLAB Convergence.