Orblit Privacy Policy

Article 1 (Purpose)

Reversemountain (hereinafter referred to as the "Company") establishes this Privacy Policy (hereinafter referred to as the "Policy") in order to comply with applicable laws such as the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection (hereinafter the "Network Act"), and to promptly and appropriately handle any privacy-related issues of individuals (hereinafter referred to as "Users") who use the services provided by the Company (hereinafter referred to as the "Company Services").

Article 2 (Principles of Personal Information Processing)

In accordance with applicable laws and this Policy, the Company may collect users’ personal information. Such information will only be shared with third parties with the user's explicit consent, unless otherwise required by law or regulation, in which case the Company may lawfully provide such information without prior consent.

Article 3 (Disclosure of This Policy)

1. The Company discloses this Policy on the main page of its website or through a direct link from the homepage to ensure that users can easily access it at any time.
2. The Company uses legible font sizes, colors, and formatting to ensure this Policy is easily recognizable and understandable.

Article 4 (Amendments to This Policy)

1. This Policy may be revised in accordance with amendments to applicable laws, guidelines, notifications, or changes in government policies or Company services.
2. When revised, the Company will announce the changes using one or more of the following methods:
   1. Posting on the notice board or a separate pop-up window on the Company’s homepage;
   2. Notification by written document, fax, email, or other similar means.
3. The Company shall provide such notice at least 7 days before the effective date of the amendment. However, if the changes significantly impact users' rights, the notice shall be given at least 30 days in advance.

Article 5 (Information Collected for Membership Registration)

To enable user registration for Company Services, the Company collects the following required information:

1. Required: Email address, password, and nickname.

Article 6 (Information Collected for Identity Verification)

To verify the identity of users, the Company collects the following required information:

1. Required: Email address

Article 7 (Methods of Personal Information Collection)

The Company collects personal information using the following method:

1. When the user enters personal information directly into the Company’s website

Article 8 (Use of Personal Information)

The Company uses personal information for the following purposes:

1. For delivering announcements and notices necessary for service operation
2. For responding to user inquiries and handling complaints
3. For providing the Company’s services
4. For developing new services
5. For marketing purposes such as promotions and event notifications
6. For demographic analysis and analysis of service usage patterns
7. For fostering connections between users based on personal interests and information
8. For preventing and responding to actions that hinder the proper operation of services, including violations of laws and Company terms, abuse of services, or other malicious behavior

Article 9 (Transmission of Marketing and Promotional Information)

1. The Company shall obtain the user’s explicit prior consent before sending advertising or promotional information for commercial purposes via electronic transmission. However, consent is not required in the following cases:
   1. When the Company has collected the recipient's contact information through a transaction and intends to send promotional messages related to similar goods or services within six months of the transaction;
   2. When a telemarketing agent makes a voice call and clearly informs the recipient of the source of data collection, as required under the Door-to-Door Sales Act.
2. Despite the above, if the recipient opts out or withdraws consent, the Company shall not send promotional information and will notify the user of the result of processing their opt-out request.
3. For marketing messages sent between 9:00 PM and 8:00 AM, the Company must obtain separate prior consent from the user, regardless of prior general consent.
4. When sending promotional messages, the Company shall clearly include the following:
   1. The Company name and contact information
   2. A method for the recipient to refuse further messages or withdraw consent
5. The Company shall not engage in the following practices when sending promotional messages:
   1. Hindering or avoiding the recipient’s opt-out or consent withdrawal
   2. Automatically generating contact information using random combinations of numbers, symbols, or letters
   3. Automatically registering email addresses or phone numbers for sending messages
   4. Concealing the sender's identity or the source of the message
   5. Deceptively inducing responses from recipients for the purpose of sending commercial messages

Article 10 (User Responsibilities)

1. Users must ensure that their personal information is accurate and up to date. They are responsible for any issues caused by the provision of incorrect information.
2. If a user registers using someone else’s personal information, their membership may be terminated and they may be subject to penalties under applicable privacy laws.
3. Users are responsible for maintaining the confidentiality of their email address and password and must not transfer or lend their login credentials to any third party.

Article 11 (User’s Right to Manage Cookie Installation)

1. Users have the right to choose whether or not to allow cookies. Users can configure their web browser settings to: Allow all cookies, Be prompted each time a cookie is saved, or Refuse all cookies.
2. However, refusing to store cookies may result in limited access to some services that require login.

Article 12 (How to Set Cookie Preferences)

To set cookie preferences (for example, in Internet Explorer):

1. Click the [Tools] menu and select [Internet Options].
2. Click the [Privacy] tab.
3. Adjust settings under [Advanced].

Article 13 (Sharing and Disclosure of Google User Data)

The Company does not share, transfer, or disclose Google user data to third parties, except in the following cases:

1. When required by law or legal proceedings;
2. When the user has given explicit consent;
3. When necessary to protect the rights, property, or safety of the Company, users, or the public.

Article 14 (Data Protection Mechanisms for Sensitive Data)

The Company implements the following data protection mechanisms to safeguard sensitive data, including Google user data:

1. Encryption of data during transmission and storage
2. Regular security audits and vulnerability assessments
3. Access control and authentication to prevent unauthorized access
4. Staff training on data protection and privacy practices

Article 15 (Retention and Deletion of Google User Data)

1. The Company retains Google user data only for the duration necessary to provide the service or as required by law.
2. Users may contact the Data Protection Officer at any time to request the deletion of their Google user data.
3. Upon receiving a deletion request, the Company will delete the relevant data within 30 days, unless retention is required by law.
4. The Company regularly reviews stored data and deletes unnecessary information in accordance with its data retention policy.

Article 16 (Designation of Personal Information Protection Officer)

1. To protect users’ personal information and handle related complaints, the Company designates the following departments and officers:
   1. Chief Privacy Officer

      Name: Gyeongmin Kim

      Phone: +82-10-3505-6267

      Email: reversemountain.palette@gmail.com

   2. Privacy Manager

      Department: Planning Team

      Name: Dongyoung Kim

      Phone: +82-10-3554-5526

      Email: kdy5526@yonsei.ac.kr