Orange Co., Ltd. (hereinafter referred to as the "Company") complies with the privacy protection regulations under relevant laws and regulations that the Company must follow regarding personal information, such as the Communications Privacy Protection Act, Telecommunications Business Act, Act on Promotion of Information and Communications Network Utilization and Information Protection, and Personal Information Protection Act. We are committed to protecting users' rights by establishing a Privacy Policy in accordance with relevant laws. The Company's Privacy Policy contains the following information. The Company's Privacy Policy may be changed according to changes in laws, notifications, or the Company's terms and internal policies. In case of amendment, the Company will post the changes on the service screen or notify users. Users may refuse to consent to the following matters regarding the collection, use, provision, and entrustment of personal information if they do not wish. However, please note that if a user refuses consent, they may not be able to use all or part of the service.
① The Company collects the following personal information for membership registration, smooth customer consultation, and provision of various services.
1. Name, ID, Nickname, E-mail, Mobile Carrier, Mobile Phone Number, SMS Verification, Gender, Age
2. As a service that can only be used by adults aged 19 or older, the Company does not intentionally collect personal information from users under the age of 19.
3. (When logging in with Naver or Kakao) Email, Phone Number, Gender
4. Information about User Content: The Company may process photos, videos, audio, and posts (hereinafter "User Content") uploaded or created by users. In doing so, the Company may collect images, videos, audio, and text that are part of the User Content. The Company may collect information related to the user's use of this service, i.e., information on how the user participates in the service. The Company promotes the user's content to other users and processes information related to the user's relationships with other users, blocks, and likes. When users use the service, the Company creates and stores log data including device information such as the type of device, IP address, OS type information, and specific electronic IDs automatically provided by the user's device such as cookie data, advertising partner information, and mobile application ID. This information is used to prevent unauthorized or fraudulent service use (or abuse). It is also used to provide services optimized for the user's device. Additionally, advertising identifiers may be linked to a user's account through the Company's internal ID (random unique value).
② The following information may be collected during the service use process or business processing process provided by the Company.
1. User's mobile phone type and OS
2. Service use records, access logs, cookies, access IP information, payment records, bad use records
③ The Company collects personal information in the following ways:
Receipt from applications, written forms, consultation bulletin boards, email, event entries, partners, etc.
① The Company processes collected personal information for the following purposes. Personal information collected, used, and processed by the Company will not be used for purposes other than the following, and if the purpose of use changes, necessary measures such as obtaining separate consent will be taken in accordance with Article 18 of the 「Personal Information Protection Act」.
1. Provision of service and fee settlement according to service provision: Provision of content, delivery of goods or invoices, identity verification, purchase and payment, fee collection, payment of fees and prices
2. Member management: Identity verification according to membership service use and limited identity verification system, personal identification value, prevention of fraudulent use and unauthorized use by bad members, confirmation of intention to join, age verification, record preservation for dispute mediation, complaint handling and civil petitions, delivery of notices
3. New service development and marketing, advertising: New service development and provision of customized services, provision of services and advertising according to demographic characteristics, confirmation of service validity, provision of event and advertising information, identification of access frequency, statistics on members' service use, delivery of advertising information such as events
4. Partnership services: To activate the service, the Company may share information such as the user's ID, nickname, feed content, comments, and reply content with third parties providing partnership services to the Company through legal procedures.
5. Performing other tasks related to the provision of tangible/intangible product information/sales services and additional services linked with the Company using a minimum range of information.
② For users using additional services other than common functions among service features, the Company may provide a separate Privacy Policy or appendix for additional services.
① In principle, users' personal information is destroyed without delay after the purpose of collection and use is achieved. However, the following information is preserved for the period specified for the following reasons.
1. Reasons for holding information under relevant laws: If it is necessary to preserve information in accordance with the provisions of relevant laws such as the Commercial Act and the Act on Consumer Protection in Electronic Commerce, etc., the Company keeps member information for a certain period set by relevant laws. In this case, the Company uses the kept information only for the purpose of its storage, and the reasons and periods of preservation are as follows.
<Records on contracts or withdrawal of subscription, etc.>
* Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc.
* Preservation period: 5 years<Records on payment and supply of goods, etc.>
* Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc.
* Preservation period: 5 years<Records on consumer complaints or dispute handling>
* Reason for preservation: Act on Consumer Protection in Electronic Commerce, etc.
* Preservation period: 3 years<Access records related to log records>
* Reason for preservation: Communications Privacy Protection Act
* Preservation period: 3 months<Preservation records related to electronic financial transaction records>
* Preservation basis: Electronic Financial Transactions Act
* Preservation period: 5 years
① In principle, the Company destroys the information without delay after the purpose of personal information collection and use is achieved.
② Notwithstanding the preceding paragraph, if personal information must be continuously preserved in accordance with other laws, the personal information (or personal information file) is moved to a separate database (DB) or preserved in a different storage location.
③ The procedure and method for destroying personal information are as follows:
1. Personal information output as documents, etc., is destroyed by shredding with a shredder or through incineration.
2. Personal information stored in electronic file format is deleted using technical methods that cannot reproduce the records.
3. Information entered by users for membership registration, etc., is moved to a separate DB after the purpose is achieved (separate filing cabinet in case of paper) and stored for a certain period according to internal policies and other information protection reasons under relevant laws (refer to retention and use period) and then destroyed.
In principle, the Company processes users' personal information within the range specified for the purpose of collection and use, and except in the following cases, does not process it beyond the scope of the original purpose or provide it to a third party without the user's prior consent.
1. When separate consent is obtained from the information subject
2. When there are special provisions in other laws or it is unavoidable to comply with legal obligations
3. When the information subject or their legal representative is unable to express their intention or their address is unknown, and it is clearly recognized as necessary for the urgent benefit of the life, body, or property of the information subject or a third party
4. When it is impossible to perform the tasks assigned by other laws unless personal information is used for purposes other than the intended purpose or provided to a third party, and it has undergone deliberation and resolution by the Personal Information Protection Committee under Article 7 of the 「Personal Information Protection Act」
5. When necessary for provision to a foreign government or international organization to fulfill a treaty or other international agreement
6. When necessary for criminal investigation and filing and maintaining public prosecution
7. When necessary for the court's performance of judicial duties
8. When necessary for the execution of sentences, custody, and protective disposition
The Company may entrust personal information processing to a third party for smooth personal information business processing and service improvement. In this case, the Company must notify the personal information entrustment processing agency and the details of the entrusted work.
| Trustee | Details of Entrusted Work |
|---|---|
| ITS Co., Ltd. | Processing tasks such as member information management, collection, and use for service operation |
① Information subjects may request inquiry, access, correction, deletion, or suspension of processing of their personal information at any time, and may request withdrawal from membership.
② For inquiry and modification of personal information, the 'Change Personal Information' or 'Modify Member Information' function within the app can be used. For withdrawal from membership (withdrawal of consent), users can proceed directly after identity verification through the 'Withdrawal from Membership' procedure.
③ Information subjects may contact the Company's personal information management officer in writing, by phone, or by email to exercise the rights in the preceding paragraph.
④ If an information subject requests correction for errors in personal information, the personal information will not be used or provided until the correction is completed. In addition, if incorrect personal information has already been provided to a third party, the result of the correction process will be notified to the third party without delay so that the correction can be made.
⑤ Personal information deleted or corrected by the Company at the request of the information subject or legal representative is processed in accordance with Article 3 of this policy and is processed so that it cannot be accessed or used for other purposes.
⑥ As a method of verifying the identity of a user claiming that personal information has been stolen, the resident registration card authenticity verification service implemented by the digital government or the driver's license authenticity verification service implemented by the National Police Agency can be used.
① The Company uses 'cookies' that store and periodically retrieve user information to provide specialized customized services to users.
② A cookie is a small amount of information sent by the server (HTTP) used to operate the website to the user's computer browser and is sometimes stored on the hard disk within the user's PC computer.
③ The purpose of use and operation matters of cookies are as follows:
1. Purpose of cookie use: The Company uses cookies to analyze each service and use pattern of the Company used by users, provide membership services, etc.
2. Installation/operation and refusal of cookies: Users have the option to install cookies. Therefore, users can allow all cookies, go through verification every time a cookie is stored, or refuse storage of all cookies by setting options in the web browser.
3. To provide suitable and more useful services and advertising services (including customized advertisements) to users, the user's advertising identifier may be automatically collected if the advertising-related function is activated in the smartphone and tablet OS settings owned by the user.
[Blocking Personalized Advertisements]
- Android: [Settings > Google > Privacy > Ads] Uncheck "Opt out of Ads Personalization"
- iOS: [Settings > Privacy > Apple Advertising] Uncheck "Personalized Ads"
① The Company has designated a personal information management officer and person in charge of collecting opinions and handling complaints regarding personal information, and the contact information is as follows.
Personal Information Protection and Management Officer
Name: Shin Dong-yoon
Email: mangotalk2002@gmail.com
② Information subjects may report all complaints related to personal information protection occurring while using the Company's services to the personal information management officer or the department in charge.
③ The Company will provide prompt and sufficient answers to users' reports.
④ If you need to report or consult about other personal information infringements, please contact the institutions below.
Personal Information Infringement Report Center (privacy.kisa.or.kr / 118 without area code)
Supreme Prosecutors' Office Cyber Investigation Division (www.spo.go.kr / 1301 without area code)
National Police Agency Cyber Bureau (cyberbureau.police.go.kr / 182 without area code)
The Company is taking the following measures to protect personal information.
1. Technical measures
* The Company safely protects users' personal information through security functions in accordance with relevant laws and internal policies.
* The Company is taking measures to prevent damage from computer viruses by using anti-virus programs. Anti-virus programs are updated periodically, and when a sudden virus appears, it is applied as soon as the vaccine is available to prevent personal information from being infringed.
* The Company encrypts and stores and manages users' passwords and adopts security devices that can safely transmit personal information on the network.
2. Administrative measures
* The Company limits access rights to users' personal information to a minimum number of personnel, and those who fall under the minimum number of personnel are as follows:
- Personnel performing marketing, events, customer support, and service operation tasks directly dealing with users
- Personnel performing personal information management tasks such as personal information management officers
- Personnel whose handling of personal information is unavoidable for other business reasons
② The Company is striving to correct problems immediately if discovered by checking compliance with the Privacy Policy and internal regulations in the department dedicated to personal information protection tasks.
③ The Company is not responsible for problems caused by the leakage of personal information such as names and passwords due to the user's own negligence or problems on the internet.
In case of amendment of the Privacy Policy, the Company will notify users through notices within the app, pop-ups, or push notifications 7 days in advance.
① In case of change in this Privacy Policy, the Company will specify the reason for change and application date and notify it on the service screen from 10 days before the application date to the day before the application along with the current Privacy Policy. However, if there is a change in important content regarding the user's rights or obligations, it will be notified at least 30 days in advance.
② If a user does not explicitly express refusal even though the Company has notified that it will be deemed as an expression of intent if refusal is not expressed by the application date while notifying the change according to paragraph 1, the user is deemed to have agreed to the change.
③ Notwithstanding paragraph 2, if the Company additionally collects personal information from a user or provides it to a third party, it undergoes a separate consent procedure from the user themselves.
Date of Enforcement of Privacy Policy: December 31, 2025