Better Step Privacy Policy

Consent to the Collection/Use and Provision of Personal Data(For BetterStep Service)

1.What is Better Step Privacy Policy?

1ZLABS Co., Ltd. (hereinafter the “Company”) uses and provides the user’s personal information based on the user’s consent, and actively guarantees the user’s right (the right to control one’s own personal information).
The Company complies with applicable laws, personal information protection regulations and guidelines of the Republic of Korea, which must be obeyed by information communication service providers.
Better Step Privacy Policy refers to guidelines on protecting the user’s valuable personal information which the Company is required to comply with, in order to ensure that users use its services with confidence.
This Privacy Policy is applied to Better Step Services (hereinafter “the Services'').

2.Collection of Personal Information

  1. 1.
    The Company collects the minimum personal information to provide the Services. The following minimum personal information is collected when the user signs up for the service or while the user uses the Services, through the home page, individual applications and programs, and etc.
    • Google account, Personal info in Google account(name, email, profile picture)
  2. 2.
    Some services may collect personal information additional to those collected commonly upon the user‘s consent in order to provide specialized services.
    1. 1.
      [What is required information?]: Information required to provide the fundamental features of the concerned service.
    2. 2.
      [What is optional information?]: Additional information which needs to be collected to provide more specialized services. (Users still can use the Services without agreeing to provide additional information.)
  3. 3.
    The method of personal information collection is as follows. When collecting personal information, The Company informs the user in advance and asks for an agreement. Personal information is collected using the following method:
    1. 1.
      The user agrees to the collection of personal information and enters relevant information when signing up for a service or while the user uses the Services.
    2. 2.
      Personal information is provided through affiliated services or groups.
    3. 3.
      Personal information is provided via the home page, email, fax, phone, etc. during customer service calls.
    4. 4.
      The user participates in online and/or offline events.
  4. 4.
    The following personal information may be collected while the user uses the Service.
    1. 1.
    2. 2.
      Google Advertising ID
    3. 3.
      UUID (TICKL service, Partner service)
    4. 4.
      Device information (manufacturer, model, OS, screen size)
    5. 5.
      IP address, cookies, date of visit, improper usage record and service usage record may be automatically created and collected while the user uses the PC web or mobile web & apps.

3.Use of Personal Information

Personal information is used to manage membership, to provide and improve Services and to develop new services. Personal information is collected to the minimum extent required to provide Services when the user signs up for the service or while the user uses the Services, through the homepage, individual applications and programs, and etc.
  1. 1.
    Member identification, confirmation of the user’s will to sign up, user and age verification, prevention of improper usage
  2. 2.
    Confirmation of age(over 14 years)
  3. 3.
    Analysis and service provision based on demographic characteristics
  4. 4.
    New service development, provision of various services, inquiry and complaint handling, delivery of notifications
  5. 5.
    Prevention and sanction of any act that interrupts normal service operation of the service
  6. 6.
    Confirmation of participation in events; marketing and advertising purposes
  7. 7.
    Customized service
  8. 8.
    Statistics based on service usage record, frequency of visit and service use; development of service environment to protect privacy; development of customized services; service improvement.
  9. 9.
    Gait data (biodata) to calculate stride length and gait speed
  10. 10.
    Accurate position data to calculate stride length and gait speed
  11. 11.
    Background location data to calculate stride length and gait speed
  12. 12.
    Accurate location data and background location data for step path recording

4. Provision of Personal Information

The Company does not provide personal information to any third party without your consent or unless demanded by applicable laws.
However, personal information may be provided to third parties upon the user's consent within the extent necessary for the user to use the services of the Company's Partner companies.
  1. 1.
    Google advertising ID: Advertisers, Partner companies

5. Destruction of Personal Information

The user's personal information is to be destroyed within (7) days after the membership withdrawal, and other information is destroyed immediately once the purpose of the collection and use of personal information is fulfilled.
The procedure and method of destruction is as follows: Personal information stored in electronic file formats is to be deleted using technical means which make the information unrecoverable.
Personal information printed on paper records, printed matters and documents is to be destroyed through shredding or incineration.
However, the following personal information is destroyed after being kept for a certain period in accordance with internal policies.
  1. 1.
    The following information is destroyed after being kept for (1) year from the date of the user’s unregistration from the service.
  2. 2.
    Google account and the email address to which a unregistration notification email was sent to send notifications and handle customer service inquiries after unregistration
  3. 3.
    Improper usage records
Furthermore, the Company separately stores or deletes the personal information of its members who have not used the Services for (1) year or longer in accordance with the expiration system of personal information. The stored information will be destroyed after being kept for (1) years.
Other personal information which are required to be retained by law and their respective provisions are as follows:
Records to be Retained
Applicable Law
Retention Period
Records of contract or withdrawal of subscription
Act on the Consumer Protection in Electronic Commerce, etc.
5 years
Records of payment and supplying goods
Act on the Consumer Protection in Electronic Commerce, etc.
5 years
Records of consumer’s complaint and the settlement of dispute
Act on the Consumer Protection in Electronic Commerce, etc.
3 years
Records of marks and advertisement
Act on the Consumer Protection in Electronic Commerce, etc.
6 months
Books and supporting documents for all transactions specified by the Tax Act
Framework Act on National Taxes
5 years
Records of electronic financial transactions
Electronic Financial Transactions Act
5 years
Service visit records
Protection of Communications Secrets Act
3 months
Sometimes cookies/sessions are used to provide services.
Cookies/sessions are used to support a faster and more convenient use of websites/apps and to provide customized services.
What is a Cookie?
A cookie is a small piece of text file usually set by the web server, sent from a website and stored in a User's computer hard disk while the user is browsing that website/app.
Purpose of use of cookie/session
The Company uses cookies/sessions which save and retrieve user information in order to provide personal customized service.
When a user visits the website/app, the website server reads cookies stored on the user's device to maintain environment settings and customized services.
Cookies/sessions help the user use the website/app easily and conveniently by finding out the user's preferences.
Also, they are used to provide customized marketing information by tracing the number of visiting to the website/app and use patterns.
Rejecting a cookie
Cookies do not collect personally identifiable information automatically or actively, and a user has an option for setting a cookie.
Hence, a user may allow all cookies by setting the option on the web browser; whenever a cookie is stored, the confirmation thereof shall be completed; or, otherwise, a user may reject the storage of all cookies.
Provided, however, when a user rejects the storage of a cookie, then the user may have some difficulties in using a service.

7.User’s right

The Company is committed to protecting the user’s rights.
Users under 14 cannot use the service.
Users are able to inquire or edit their personal information at any time, and may request to withdraw their consent to the collection · use, and provision of their personal information or cancel their membership.
In the case of children under 14, the legal representative is given the rights to inquire, edit and delete, suspend processing, collect and use, or withdraw consent in providing personal information.
Users may unregister from the service or withdraw his or her personal information provision by clicking the Unregister button in the Services, or contact the Customer Service via in writing, or through email.
If a user requests the revision of personal information, the user's information is not to be used or provided until the revision is completed.

8.Data Protection

The protection of our users' personal information is our utmost priority. In order to protect users' valuable personal information, we are making the following efforts.
  1. 1.
    Users' personal information is encrypted.
    1. 1.
      Users' personal information is transmitted through encrypted communication channels, and important information, including passwords, are encrypted when stored.
  2. 2.
    Personal information is protected from hacking attempts and computer viruses.
    1. 1.
      Systems are installed in areas restricted from external factors to prevent users' personal information from being leaked or damaged by hacking or computer viruses.
    2. 2.
      A 24-hour monitoring system has been installed to detect and block any hacking attempts, and vaccine programs are being used to protect the system from the latest malware and viruses.
    3. 3.
      The company is also continuously researching new security and anti-hacking technologies and applying the new technologies to our services.
  3. 3.
    Valuable personal information is handled by minimum personnel. Risk of personal information breach is minimized by assigning only a necessary handful of people to handle users' personal information and by blocking work computers from accessing external internet services.
    1. 1.
      Systematic standards are applied when creating and updating passwords in systems that store personal information databases and process personal information. Standards are also applied to authorizing access to systems and audits are conducted on a regular basis.
  4. 4.
    The Company employees receive regular training on personal information protection.
    1. 1.
      Training and campaigns on personal information protection and security are held for all the Company employees who handle users' personal information.
The Company complies with the General Data Protection Regulation (GDPR) as well as the domestic laws of each member country.
The following may apply when the Company provides services to users in EU countries.
[Purpose/Basis of Personal Information Processing]
The Company uses personal information collected from users only for purposes specified in "3. Use of Personal Information", informs users prior to any use thereof and asks for agreement. In addition, the Company may process personal information in accordance with applicable laws including GDPR in any of the following cases:
  1. 1.
    Consent of the data subject
  2. 2.
    Sign and fulfill a contract with the data subject
  3. 3.
    legal compliance
  4. 4.
    When personal information processing is necessary for the material benefit of the data subject
  5. 5.
    For the pursuit of legitimate interests of the company (except for cases where the benefits, rights or freedom of the data subject is more important than that of the company.)
[Guarantee of Users' Rights in EU Countries]
The Company is committed to protecting your privacy. In accordance with applicable laws including GDPR, a user may request that his or her personal information be transferred to another manager, and refuse the processing of his or her information.
In addition, a user has a right to file a complaint with data privacy protection authorities.
The Company may also use personal information for marketing purposes such as event promotion or advertisements, for which the Company obtains a prior agreement. A user may withdraw the agreement at any time if he or she doesn't want it. A user may inquire the foregoing matters to the Customer Service via document, phone or email.
The request will be handled in a proper and timely manner. When a user requests for the correction of personal information, the concerned information shall not be displayed until such correction is completed.
[Questions regarding Privacy Protection]
For any inquiries, complaints, feedback or other matters related to personal information protection which arise while you use the Services, please contact the Privacy Protection Officer or the responsible department.
The company will do its best to listen to you and promptly answer any questions you may have.
Privacy Protection Officer and Responsible Department
Privacy Protection Officer/DPO: Ken Kwak
Department: Privacy Protection Part

9. Amendment to the Privacy Policy

The company may amend its Privacy Policy to reflect any legal or service changes.
The company will notify such amendment in advance, and the amended Privacy Policy will take effect seven days after the notification of the amendment.
However, any major change in user rights, including personal information items to be collected and the purpose of collecting thereof, will be notified at least 30 days in advance
Last modified 3mo ago