- Collection of Personal Information
Company collects the minimum personal information to provide the Services.
The following minimum personal information is collected when a user signs up for the Service or while the user uses the Services, through the home page, individual KYC submission pages and programs, and etc. If you do not wish to have Company to collect certain personal information, you may refuse to provide such information. However, there may be some limitations to the use of the Services.
Personal information collected by Company is as follows
Account Registration: Email address, password
Company collects the following information for KYC/AML service.
– Identity information such as name, date of birth and nationality;
– Contact information such as email address, phone number;
– Blockchain identifiers such as blockchain addresses and public keys;
– Identification information, such as passport photos, government-issued identification card, and driver’s license;
– Information automatically generated during the service provision process: connection IP information, service utilization log, access log, cookies;
- Use of Personal Information
Personal information is used to manage membership, to provide and improve Services and to develop new service. Personal information is collected to the minimum extent required to provide Services when the user signs up for the service or while the user uses the Services, through the homepage, individual KYC submission pages and programs, and etc.
Fulfill the Company’s legal, regulatory and contractual obligations
Member identification, confirmation of the user’s will to sign up, user and age verification, prevention of improper usage
Develop new services, provide diverse services, resolve inquiries or complaints, and deliver notices
Prevention and sanction of any act that interrupts normal service operation of the service
Share demographic features
Conduct market analysis and research
Process personal data for marketing purposes (You will receive a notice requesting your consent before carrying out this purpose.)
Statistics based on service usage record, frequency of visit and service use; development of service environment to protect privacy; development of customized services; service improvement.
Provide legal investigation data in accordance with legal obligations for investigation of incidents and accidents
- Retention and Use Period of Personal Information
Unless agreed otherwise, the Company keeps your personal data for up to 5 years. If demanded by applicable laws, Company may be required to retain some of your personal data for a certain period of time. At our discretion, Company may retain personal information for a period of time reasonably necessary to fulfill legal obligations. Furthermore, Company separately stores or deletes the personal information of users who have agreed to record-keeping for the contracted period of time. See the retention of personal information in accordance with applicable laws
Personal information storage under the relevant laws and regulations
Records to be retained
Books and supporting documents for all transactions specified by the Tax Act
Framework Act on National Taxes
Service visit records
Protection of Communications Secrets Act
Records on Service Provision
Act on the Consumer Protection in Electronic Commerce, etc.
- Storing Personal Information
The Company uses Amazon Web Services cloud computing services to encrypt and protect personal information.
1) Stored Information: Information collected when registering and providing KYC / AML service
2) Time and location of data storage
Country: Countries where Amazon Web Services are provided
Time: At signup and inputing/editing personal information
3) Cloud Service Provider
Company: Amazon Web Services, Inc.
Address: 1200 12th Avenue South, Suite 1200, Seattle, WA 98144, United States
- Destruction of Personal Information
The user’s personal information is to be destroyed immediately once the purpose of the collection and use of personal information is fulfilled. The procedure and method of destruction is as follows:
Personal information stored in electronic file formats is to be deleted using technical means which make the information unrecoverable. Personal information printed on paper records, printed matters and documents is to be destroyed through shredding or incineration.
However, any information that is destroyed after being stored for a certain period under the internal policies is as follows:
The following information is destroyed after being kept for the maximum one (1) year from the date of user’s withdrawal from the Service.
Email address to which a withdrawal notification is sent to correspond to CS inquires and to transmit announcements shall be encrypted and stored.
Improper usage records
- Duty of safeguards
Fullstack Inc. takes following measures as personal information controller.
Managerial measures: Establishment and implementation of internal management and regular employee training etc.
Technical measures: Management of access right to personal information processing system, implementation of access limitation system, encryption of information such as unique identification information, and implementation of safety software.
Physical measures: Limited access to data storage etc.
Fullstack Inc. is committed to protecting the user’s rights. Any user may view and edit his/her personal information at any time and may withdraw his/her consent to collection and use of personal information, or request for the withdrawal of the Service at any time. In particular, users can modify personal information or withdraw the membership. Upon any request via email, document, phone call, Company shall take measures without delay. If any user requests for the revision of personal information, such information shall not be used or provided until the revision is completed.
What is a Cookie?
A cookie is a small piece of text file usually set by the web server, sent from a website and stored in a User’s computer hard disk while the user is browsing that website. Cookies are used to support a faster and more convenient use of websites and to provide customized services.
Purpose of use
Third Party Cookies
Rejection of cookies
Cookie does not collect personally identifiable information automatically or actively, and a user has an option for setting a cookie. Hence, a user may allow all cookies by setting the option on the web browser; whenever a cookie is stored, the confirmation thereof shall be completed; or, otherwise, a user may reject the storage of all cookies. Provided, however, when a user rejects the storage of a cookie, then the user may have some difficulties in using a service.
Examples of Settings
1) Internet Explorer
Select “Tool” menu at the top of the browser. > “Internet Options” > “Personal Data” Tab > Settings
Select “Settings” menu at the top right side of the browser. > “Show advanced settings” > In the “Privacy” section, click “Content settings”. > Cookies
Fullstack Inc. complies with the General Data Protection Regulation (GDPR) as well as the domestic laws of each member country. The following may apply when Fullstack Inc. provides services to users in EU countries.
[Purpose/Basis of Personal Information Processing]
Company uses personal information collected from users only for purposes specified in “3. Use of Personal Information”, informs users prior to any use thereof and asks for agreement.
In addition, Fullstack Inc. may process personal information in accordance with applicable laws including GDPR in any of the following cases:
Consent of the data subject
Sign and fulfil a contract with the data subject
When personal information processing is necessary for the material benefit of the data subject
For the pursuit of legitimate interests of the company (except for cases where the benefits, rights or freedom of the data subject is more important than that of the company.)
[Guarantee of Users’ Rights in EU Countries]
As described in “7. Others”, Fullstack Inc. is committed to protecting your privacy. In accordance with applicable laws including GDPR, a user may request that his or her personal information be transferred to another manager and refuse the processing of his or her information. In addition, a user has a right to file a complaint with data privacy protection authorities. Fullstack Inc. may also use personal information for marketing purposes such as event promotion or advertisements, for which Fullstack Inc. obtains a prior agreement. A user may withdraw the agreement at any time if he or she doesn’t want it. A user may inquire the foregoing matters via document, phone or email. The request will be handled in a proper and timely manner. When a user requests for the correction of personal information, the concerned information shall not be displayed until such correction is completed.
Questions regarding Privacy Protection
For any inquiries, complaints, feedback or other matters related to personal information protection which arise while you use the Services, please contact the Privacy Protection Officer or the responsible department. Fullstack Inc. will do its best to listen to you and promptly answer any questions you may have.
Privacy Protection Officer and Responsible Department
Privacy Protection Officer: Jaejoon Lee
Department: Privacy Protection Part
Customer Service: 070-4351-0330
Email Enquiry: email@example.com
Please make inquiries to the following organizations if you need to report or consult in regard to the violation of personal information.
KISA Report Center for Personal Information Breach
Cyber Crime Investigation, Supreme Prosecutors’ Office
Cyber Terror Response Center, National Police Agency
Personal Information Dispute Adjustment Committee
(Toll free) 1833-6972
- Company Information
CEO Wonkyu Lee
Business License Number: 303-86-00956
Address: 3F, 13, Nonhyeon-ro 113-gil, Gangnam-gu, Seoul, Republic of Korea 06122
Fullstack Inc. always entreasures users’ information and continues to exert its utmost efforts for users to use our Service more safely.