CONTACT

*We will contact you within one week through the email or contact information you entered, 

and introduction consultation is free.

DoWhat Inc. Privacy Policy

DoWhat Inc. (hereinafter referred to as the ‘Company’) establishes and discloses the following privacy policy in accordance with relevant laws to protect the personal information of users who use the Company’s website and services (hereinafter referred to as the ‘Services’) and to promptly and smoothly handle any concerns related to it.

Article 1 (Purpose of Personal Information Processing)

The Company processes personal information for the following purposes:
• Member Service Management: To manage member information, service usage, reservations, purchases, and other related purposes.
• Inquiry and Consultation: To verify the identity of the complainant, confirm the inquiry details, contact for fact-finding, notify, and report the results.

Article 2 (Personal Information Items Processed)

1. The Company processes the following personal information items (for both members and non-members):
• Service Usage (Required): ID (email), password, nickname, phone number
• Reservation/Purchase (Required):
• Common: Reservation details (date, payment amount, company name)
• For the reservationer and purchaser: Name, phone number, (if necessary) date of birth
• If the reservationer and visitor are different: Visitor’s and passenger’s name, phone number, (if necessary) date of birth
• For overseas accommodation: Email address of the reservationer, guest’s English name, (if the child is under 17 years old) the child’s age
• For reservation confirmation: Email address of the reservationer
• For cash refund requests (Required): Bank account number, account holder name
• Automatically Collected during Service Usage: IP address, cookies, service usage records (visit history, usage history, payment records, access logs, bad usage records, etc.)
• During Issue Resolution: Collection and processing of necessary items related to the complaint or any other specific data required for resolution
2. The Company collects personal information of minors under 14 years old with the consent of their legal guardian, only collecting the minimum necessary personal information to provide the service.

Article 3 (Personal Information Processing and Retention Period)

1. The Company processes and retains personal information within the period specified by relevant laws or the period agreed upon by the data subject when personal information is collected.
2. The retention periods for each category of personal information are as follows:
1. Service Usage and Membership Management: Until withdrawal from membership
• However, the retention period will continue until the conclusion of the investigation in cases involving legal violations or until the settlement of debts.
2. Provision of Goods or Services: Until the completion of the service supply and payment/settlement
• However, in the case of certain laws:
• Records related to advertisements, contracts, and transactions: 5 years
• Records related to consumer complaints or dispute resolution: 3 years

Article 4 (Provision of Personal Information to Third Parties)

1. The Company will only provide personal information to third parties with the consent of the user or in cases where there is a special provision in the Personal Information Protection Act or other relevant laws.
2. Accommodation Service Providers
• Purpose of Provision: To fulfill the reservation/purchase contract, resolve consumer disputes, etc.
• Information Provided: Reservation number, reservationer’s information (name, phone number) or visitor’s information (visitor’s name, phone number)

Article 5 (Outsourcing of Personal Information Processing)

The Company outsources the following personal information processing tasks for efficient operation:
2. The Company also outsources personal information processing to a third party abroad:
• Amazon Web Services Inc.
• Transferred Personal Information: All personal information collected for service provision
• Country: United States
• Method: Transferred regularly via the internet
• Purpose: Cloud server operation and management
• Retention Period: As per the retention periods mentioned in Article 3

Article 6 (Use and Provision of Personal Information Within a Reasonably Related Scope)

The Company may use or provide personal information without the user’s consent within a scope reasonably related to the initial collection purpose. This will be based on criteria such as:
• Whether the additional use is related to the original collection purpose
• Whether it is reasonable to expect the additional use based on the context or practice

Article 7 (Rights of Users and Legal Representatives, and Method of Exercise)

1. Users have the right to request access, correction, deletion, or suspension of processing of their personal information at any time.
2. Requests for the above rights can be made via written communication or email, and the Company will respond promptly.
3. These rights can also be exercised by legal representatives or authorized persons with a valid power of attorney.

Article 8 (Destruction of Personal Information)

1. The Company will destroy personal information when the retention period expires or when it is no longer necessary for processing.
2. The destruction process includes the selection of information to be destroyed and approval from the data protection officer.

Article 9 (Measures to Ensure the Security of Personal Information)

The Company takes the following measures to ensure the security of personal information:
• Administrative Measures: Establishment and implementation of internal management plans, regular employee training
• Technical Measures: Measures against hacking, encryption of personal information, access control to processing systems
• Physical Measures: Control of access to server rooms and data storage areas

Article 10 (Installation and Operation of Automatic Personal Information Collection Devices and Rejection)

1. The Company uses “cookies” to store and retrieve information to provide personalized services.
2. Users can reject the use of cookies through their browser settings, though this may affect the availability of certain services.

Article 11 (Collection, Use, and Rejection of Behavioral Information)

The Company collects behavioral information to provide optimized services and ads to users. Information collected includes browsing history, search history, and app usage.

Article 12 (Processing of Pseudonymized Information)

The Company processes pseudonymized information for purposes like statistical analysis and scientific research, ensuring that no personally identifiable information is used.

Article 13 (Personal Information Protection Officer)

1. The Company has designated the following personal information protection officer:
• Name: Kim Ju-young
• Position: CEO
• Contact: 010-8958-6689, CEO@dowhat.io
2. Users can contact the officer or the designated department for any privacy-related inquiries.

Article 14 (Methods of Redress for Rights Violation)

Users can file a complaint or seek redress through the Personal Information Dispute Mediation Committee or the Korea Internet & Security Agency, among other agencies.

Article 15 (Changes to the Privacy Policy)

The Company may modify the privacy policy to reflect changes in laws or services. Any changes will be posted at least 7 days prior to the effective date.

This Privacy Policy will be effective from January 1, 2024.