BIGS 2023 Privacy Policy

BIGS 2023 Privacy Policy

The translation below is provided for your convenience only. If there is any discrepancy between the translation in English and the original Korean text (including due to the delay in translation), the original Korean text takes precedence.

MEGAZONECLOUD Corp.(hereinafter the ”Company”) collects and uses personal information for providing the BIGS 2023 service based on the consent of users. The Company complies with all relevant Korea laws and privacy protection regulations that apply to telecommunications service providers and establishes its own privacy protection policies in accordance with the relevant laws to better protect the rights and interests of users.

Article 1 (Purposes of Processing of Personal Information)

The Company shall use collected personal information for the following purposes. Purposes for collecting and using Personal Information and shall not exceed the following scope. If the purpose of collection and use is changed, separate consent is required in accordance with Article 18 of the Personal Information Protection Act.

1. Purpose of Collecting and Using Personal Information

Type Purpose of Collection and Use
User Managemen Sign up, membership management and user identity verification

Article 2 (Personal Information to be Collected)

The Company collects and processes the following personal information. The Company will always notify the user and obtain his or her consent before collecting a user’s personal information.

1. Personal information collected in BIGS 2023

Type Information collected Collected time Collection methods
Collection methods [Required] Name, Email, Phone Number When the users creat their own account Collects user information entered by the user account

2. Information automatically collected during service use

Type Information collected Collected time Collection methods
Automatically generated information IP address, cookies, service usage records, access records, records of illegal use, etc. Created automatically during service use Collected by automatic collecting device

3. The Company does not collect the personal information of the children under the age of 14 who require the consent of a legal representative.

Article 3 (Retention and Usage Period of Personal Information)

1. Retention period of personal information for BIGS 2033 operation

Retained Information Retention Period
User Management / Providing Service Delete without delay after membership withdrawal or end of the event

2. Reasons for personal information retention due to applicable laws and regulations

Retained Information Conservation Grounds Retention Period
Contract or subscription withdrawal records Act on the Consumer Protection in Electronic Commerce, Etc. 5 years
Records on payment or supply of goods and others 5 years
Customer complaints or dispute handling records 3 years
Display/advertisement records 6 months
Ledgers and evidentiary documents of all transactions under the tax laws Framework Act on National Taxes, Corporate Tax Act 5 years
Electronic transaction history Electronic Financial Transactions Act 5 years
Access records Protection of Communications Secrets Act 3 months

Article 4 (Provision of Personal Information to third-party)

The Company processes the personal information of data subjects only for the purposes stipulated in Article 1 (Purposes of Processing of Personal Information), and provides personal information to a third party only when applicable to Article 17 and 18 of the Personal Information Protection Act, such as where the consent is obtained from the data subjects, where special provisions exist, etc.

1. Personal information provided to third parties

subjects Information provided Information provided Retention Period
Neowiz Name, Email, Phone number Co operating service(event) Delete without delay after membership withdrawal or end of the event

Article 5 (Personal Information Destruction)

In principle, the Company will destroy, without delay, users’ personal information once the purpose for its collection and use has been satisfied.

1. In cases where the Company is required by a relevant law or regulation to retain personal information past the retention period consented by the information subject or the purpose of processing has been achieved, the Company retains the personal information by transferring it to a separate database or changing the storage location.

2. The following describes the procedures and methods used by the Company to destroy personal information.

1) Destruction Procedures : The Company selects the personal information to be destroyed and destroys the personal information after obtaining approval from the personal information protection manager.

2) Destruction Methods : The Company destroys personal information recorded and stored in electronic files by deleting the files beyond restoration, and personal information recorded and stored in paper documents by shredding or incinerating the documents.

Article 6 (Rights and Obligations of Data Subjects and Legal Representatives and Exercising thereof)

1. Data subjects may exercise their rights against the Company at any time.
1) Request for access to personal information
2) Request for correction of errors, if any
3) Request for deletion
4) Request for suspension of processing

2. Data subjects may exercise their rights stipulated in Paragraph 1 by submitting a writing, e-mail, FAX, etc. to the Company pursuant to Article 41-1 of the Enforcement Decree of the Personal Information Protection Act, and the Company will take action immediately.

3. In case of a request for the correction or deletion of personal information from an information subject, the Company does not use or disclose the relevant personal information until the correction or deletion is complete.

4. The rights stipulated in Paragraph 1 may also be exercised by the legal representatives of data subjects, those delegated by the data subjects, or other representatives. In such case, a power of attorney shall be submitted in the form of Attachment No. 11 of the Public Notice on Processing of Personal Information.

5. The rights of data subjects to have access to the personal information or request the suspension of processing may be restricted pursuant to Article 35-4 and Article 37-2 of the Personal Information Protection Act.

6. As for the edit or deletion of personal information, deletion cannot be performed if the piece of personal information is stated as an item to be collected in other laws.

7. In case of a request to have access to, edit, delete, or suspend the processing of personal information based on the rights of data subjects, the Company identifies if the requester is a data subject or a legitimate representative.

Article 7 (Measures to Ensure Safety of Personal Information)

The Company takes the following measures to ensure the safety of personal information.

1. Managerial measures : establishment and implementation of internal management plans, regular employee training, etc.

2. Technical measures : control on the access to the personal information processing system, etc., safety measures for archiving access records and preventing forgery and alteration, installation of an access prohibition system, encryption of personally identifiable information and installation of antivirus software

3. Physical measures : prohibition on the access to the computer room, data storage room, etc.

Article 8 (Installation, Operation, and Rejection of Automatic Collecting Device of Personal Information)

1. The Company uses ”cookies” that save and frequently retrieve Customer information to provide personalized and customized services.

2. Cookies are small text files sent to the Customer’s browser by the server(http) that hosts the Company website, and they are stored in the hard disk of the Customer’s computer.
1) Purpose of Cookies : The cookies are used to provide optimized information to users by identifying patterns in relation to their use of the website and its services, use of secure connections, etc.
2) Installation/operation and rejection of cookies : Users may reject enabling cookies by clicking on Tools > Internet Option > Privacy Option, located on the top of the browser.
3) Users who reject enabling cookies may have difficulties using tailored services.
4) How to specify whether or not to accept cookies
i. Chrome : Settings menu at the top right side of the web browser > Show Advanced Settings at the bottom of the screen > Content Settings in Privacy > Cookies
ii. Safari : choose Safari > Preferences, click Privacy, then manage cookies and website data
iii. Edge : Click on the More actions button in the top right corner and select Settings > Click Site permissions
ⅳ. Microsoft Edge : Settings menu > Click Site permissions > Cookies and site data

Article 9 (Personal Information Protection Manager)

The Company has a designated personal information protection manager as below to undertake tasks related to processing personal information, address complaints related to personal information of data subjects, provide damage remedies, etc.

1. Contact Information of the Personal information protection manager or the responsible department

Personal information protection manager Personal information protection department
Name : Joowan Lee
Position : CEO
Contact number : 1644-2243
Department Name : IRM
Contact number : 1644-2243
E-mail :

2. Inquiries related to personal information protection, complaint handling, damage relief, etc., arising from using the service provided by the Company can be inquired to the personal information protection manager and the responsible department. The Company will put in every effort to swiftly respond to the inquiries.

Article 10 ( Guarantee of Personal Information Rights )

Pursuant to Article 35, 36 and 37 of the Personal Information Protection Act, data subjects may request to have correction᛫deletion, suspension of processing, etc. to personal information to the appropriate designated department depending on the category of the inquiry as stated in Article 10. The Company will put in every effort to swiftly respond to the rights of the information.

Department in charge of access request
Department Name : Marketing Group
Contact number : 1644-2243:

Article 11 (Remedial Procedure for Infringement of Rights)

Data subjects may inquire at the following institutions about damage remedies, consultation, etc. for the breach of personal information.
Data subjects may contact the institutions below, which are separate from the Company, if they are not satisfied with the result of the Company’s processing of complaints regarding personal information or damage remedies, or need further support.

Personal Information Infringement Report Center
(operated by the Korea Internet & Security Agency)
Contact for Report on the breach of personal information and request for consultation
Phone 118 without area code
Address (58324) 3F, 9 Jinheung-gil, Naju-si, Jeollanam-do
Personal Information Dispute Mediation Committee
(operated by the Personal Information Protection Commission)
Contact for Application for dispute mediation and collective dispute mediation (civil mediation)
Address (03171) 12F, Government Complex-Seoul, 209, Sejong-daero, Jongno-gu, Seoul
Cyber Investigation Bureau of the Supreme Public Prosecutor’s Office 1301 without area code |
Cyber Bureau of Investigation, National Police Agency 182 without area code |

Article 12 (Links to Third Party Sites)

The Services may include links that direct users to other websites or services whose privacy practices may differ from the Company. Since the Company does not have any control over the third party sites, the Company cannot be held responsible for and cannot guarantee the usefulness of the services provided by them. If users submit information to any of those third party sites, the information is governed by their privacy policies, not this one. The Company encourages users to carefully read the privacy policy of any website you visit.

Article 13 (Obligation to Notify Prior to Amendment)

If any details are added, deleted, or modified in the privacy policy, then the Company will notify the Customers at least seven days in advance. Changes will be notified by being marked in the previous privacy policy with a strikethrough line or underline. However, the Company will notify Customers at least thirty days in advance if there is an important change in the Customers’ rights, and the Company can obtain the Customers’ consent again if necessary.
This Privacy Policy takes effect from 2023.08.10.