**Privacy Policy**
Privacy Policy ‘Vision Bridge Partners Corp.’(Hereinafter referred to as “Company”) values user’s online privacy, and is committed to protect the user’s personal information provided to the Company during the use of the Company’s mobile service ‘Higher’ (Hereinafter referred to as “Service”).
This Privacy Policy may be changed from time to time due to changes in government laws and guidelines or changes in Vision Bridge Partners Corp. internal policy. In cases where there are changes to the contents of this Privacy Policy, Vision Bridge Partners Corp. will promptly reflect the changes in the Privacy Policy found in the APP Service > Settings, and on the initial page of the Homepage.
**1. Collection of Information**
The Company require certain information to provide the service to the users (Hereinafter referred to as “Member”). Members do not have to create an account to use some of the service features, such as searching and viewing the charts or artist’s channel. If a member chooses to register and create an account, he or she must provide the Company with some personal data so that the Company can provide the Service. When creating an account, a member can sign up or connect to the Service with an account from another service like Google, Facebook. In addition, in order to provide the Member with convenient and various services, the Company can use the personal information collected from the Member to carry out advertising or marketing activities of the services provided by the Company through methods like E-mail or push notifications. In such cases, the Member can refuse unwanted services any time through E-mail, etc.
1.1 Method of Collection
By selecting and clicking the "Agree" button for the Company's Terms of Service at the time of signing up, the Member agrees to this Privacy Policy, and accordingly, the Company collects personal information based on the information entered in the registration form.
The Company collects the information of the member in the following ways:
• Information collected during the registration for the Service or in the course of the use of the Service • Information provided by the third parties and business partners of the Company • Information collected during the 1:1 inquiry and information provided directly by the user
**2. What We Collect**
2.1 Basic Account Information
For account registration, log-in service, and seamless customer support, and to verify the user’s age for the content use, the Company collect and use the following personal information:
(1) Log in via Higher account: user ID (E-mail address), password, gender, user nickname, country, and phone number
(2) Log in via Apple account (only when the user is set as a public user profile): Apple ID, E-mail address, and name
(3) Log in via Facebook account: Facebook ID, E-mail address, and user nickname
(4) Log in via Twitter account: Twitter ID, E-mail address, and user nickname
(5) Log in via Kakao account: Kakao ID, E-mail address, and user nickname
In the course of using other services, the following information may be generated and collected:
- Higher services related activities, such as video selection, watch history, and search terms.
- Additional collection of E-mail addresses and giveaway shipping information during the processing of events and customer inquiries.
2.2 Technical information
To securely and reliably set up and maintain the account of Members and to operate our Service, the Company use technology like application program interfaces (APIs) and embeds to make websites, the application, and others to collect certain types of, but are not limited to, the information addressed below:
(1) Log data: The Company receives information when Members use the Service, which we refer to as “Log Data,” even if users have not created an account. This Log Data includes information such as Member’s IP address, unique device identifier (UUID), operating system, mobile carrier, and device information (including device language settings). The Company uses information the Members provide and the data provided, including log data and data from third parties, to make inferences like what contents the Members might be interested in, age, what languages they speak and etc. This helps us better design our service.
(2) Links: To operate our Service, the Company keeps track of how Members interact with the share links of video clips from the Service on other websites.
**3. Purpose of the Use**
The Company may use the collected information of users for any of the following purposes:
(1) To provide the Service in a seamless manner and to facilitate, manage, and improve the user experience
(2) For Member identification and to detect and deter unauthorized use of or abuse of the Service
(3) To make statistics on the user’s Service usage
(4) To conduct user surveys and statistical analysis for the improvement of the Service
(5) To verify and respond to any requires made by the user
(6) To notify the user of any other important notifications (through push notification, E-mail, online message channel), if necessary and to provide promotional events and advertising information (through push notification, E-mail, online message channel)
(7) To provide personalized service and information (including advertisements) provided by the Company
※ The Company collects minimal behavioral data in order to transmit personalized online ad information.
(8) To identify members for offline audience ticket events including the show SBS "INKIGAYO”
※ SBS INKIGAYO is for 15 years old and older. People under that age cannot enter even when accompanied by their parents.
To provide personalized ad information, behavioral data collected through ad identifiers is stored for up to 6 months and is then destroyed. When destroyed, a technical method is used such that recovery or restoration is impossible. Members can block personalized ads at any time, and if they do, they will no longer be shown personalized ads.
How to decline collection of behavioral data
(1) Android Phone
- Google Settings → Ads → Opt out of Ads Personalization
(2) iPhone
- Settings → Privacy → Advertising → Limit Ad Tracking
**4. Sharing of Information**
The Company will not share personal information to a third party without the user’s content, unless one of the following circumstances applies:
(1) Affiliates and service providers that support the seamless provision of the Service
(2) With companies that perform services on the Company’s behalf (including both third parties and our affiliates), such as providers of technical infrastructure (such as servers) or engineering or other support, technical services and features developers, research and analytical companies, and E-mail providers
When the Members consent to the sharing in advance, it is required to be disclosed by the relevant laws and regulations, and when we believe in good faith that such sharing is permitted by law or is reasonably necessary in order to investigate, prevent, or take action regarding possible illegal activities and suspected fraud, and in situations involving potential threats to the physical safety of any person, violations of this Privacy Policy or the Terms of Service, and for operational purposes or or the collective benefit of our affiliate’s business, the Company shares Member’s data with ad technology providers. These ad technology providers may collect Member's behavioral data and use data about users for the purposes of ads personalization and measurement.
4.1 Public Information
When a Member creates an account, the user nickname and profile image information are always public and shared with other Members of the Service. When a Member uploads postings in the artist community, the contents are shown to the public. Any comments posted on another Member’s postings will also be public. The Member is responsible for all the information they provide through the Service, and so should think carefully about what he or she makes public, especially if it is sensitive information.
**5. Personal Data of Children**
(1) The Company does not knowingly collect or solicit personal data from anyone under the age of 16 in countries that implement the EU GDPR amendment. If you are under the required minimum age, please do not attempt to register for the Service or send any Personal Data about yourself to the Company. If we learn that we have collected Personal Data from a child under the required minimum age, we will delete that information as quickly as possible. If you believe that a child under the required minimum age may have provided us Personal Data, please contact us at cs@vbptr.com.
(2) According to each country's law, it may lower the age limit for children requiring the consent of their legal representatives, such as parents, down till the age of 13. For children under 13 years old, they can do so through their legal representative or authorized representative. In this case, the legal representative has all the rights of the Member. A Member under 16 or where applicable should only sign up after fully understanding the purpose of the collection and use of personal information and after obtaining the consent of a legal representative or parents. In addition, legal representatives, such as parents, may request to view, correct, or renew the personal information of children, or withdraw their consent for membership, and in such cases, the Company shall take necessary measures without any delays. If you believe that a child under the required minimum age who needs parental guidance is providing personal information, please contact cs@vbptr.com.
**6. User’s Rights to Access and Control**
The user may exercise his/her right to access or modify the registered personal information, or request to delete the user account. Through the account settings, a member may access, edit or in some cases delete the following information that he or she has provided to the Company: ID, Password, E-mail address, Profile image, Community and wall postings, including text, images, and links that Members have uploaded on the Service. Members who wish to correct or delete the above information or other data, please send the following information to cs@vbptr.com.
- Higher Email address and ID
- Detailed information regarding the request
The information members can view, update, and delete may change as the Service change. When the user requests the errors in personal information to be rectified, the personal information will not be used or provided before the rectification is completed. The Company manages the deactivated or deleted personal information as set out under the ‘Period of use of personal information’ section below, and such personal information is not viewable or used for any other purposes.
**7. Retention and Use Period of Personal Information**
Members' personal information is retained and utilized only during the period (use period) or dispute settlement period (retention period), and personal information is destroyed using technical methods that cannot be reproduced without delay after achieving the purpose of collecting or receiving personal information.
The membership information gets destroyed under this cases.
- When Member withdraws from membership or is expelled from membership;
- In the case of (Commercial Transactions) payment information, the date of completion of the payment or the expiration date of the extinctive prescription period of the claim.
- In the case of prize delivery information, after the prize or services are delivered or provided.
However, if it is stipulated by laws such as the Commercial Act, the Company has received Member’s consent, or if the retention period notified in advance has not elapsed, because a lawsuit or dispute may arise, and if it is necessary to legally respond, personal information may be retained for the necessary period.
The following are the cases where laws and regulations stipulate the storage of information for a certain period of time, such as the Consumer Protection Act, the Electronic Financial Transactions Act, and the Communications Secret Protection Act in e-commerce. During this period, the Company shall keep personal information in accordance with the provisions of laws and regulations and shall never use this information for any other purpose.
- Records concerning the withdrawal, etc. of contracts or subscriptions for consumer protection in e-commerce, etc.: five years of storage
- Records of payment settlement and supply of goods, etc.: five years of storage
- Records concerning the handling of consumer complaints or disputes: three years of storage
- Electronic Financial Transactions Act Records on Electronic Finance: Five years of storage
- Service Usage History: Communications Secret Protection Act
- Login History: 3 months of storage
However, during this period the Company may only use the information for the relevant purposes. If the Company needs to keep the information after this period, the Company will notify the user and obtain the individual consent.
For personal information that is provided for disclosed temporary purposes(events, surveys, etc.), after the purpose has been fulfilled, that personal information will be, according to the Member's intention, processed as information necessary for membership registration or deleted completely from the disk in a way that cannot be read or used.
Even if the Member withdraw from membership, records of service use such as posts and votes on the account and records of participation in specific events may be kept for reasons such as management and reporting of service and event operations.
Event participation data of Members who have withdrawn is managed in the following ways.
- Members who withdraw from membership are excluded from the event.
- Even if membership is withdrawn, records of results for participation in events such as voting will not be deleted.
If a Member ceases to use the Service as a Member for a long time, the company can notify the Member through the Service screen or e-mail for a certain period of time and suspend the Member's membership if there is no objection from the Member.
**8. Personal Information Destruction Procedure and Method**
The following is the Company’s procedure and method of personal information destruction.
8.1 Destruction Procedure
After fulfilling the purposes of collection outlined in this Privacy Policy, user’s personal information is stored as stated in ‘7. Period of Use of Personal Information’, and then destroyed according to internal policies and relevant laws. Such personal information will not be used for purposes other than retention except when required by law.
8.2 Destruction method
Paper records will be shredded by a shredder and electronic records will be discarded in an irreversible manner using technical methods.
8.3 Notice on Personal Information of Inactive Accounts
In accordance with the [Korea’s Information and Communication Network- Personal Information Protection Act], in the case of inactive users who have not used Higher’s service for one year, the account will be converted to Inactive account, and the user’s personal information will be stored separately. The company notifies users of the Inactive account 30 days before the expiration date, and the details of the notification are as follows.
- Content of Notification: the fact that the Inactive account is scheduled to be converted, the scheduled date of the separate storage of personal information, and the personal information subject to be stored separately.
- Subject of Notification: Users registered with email.
- Method of Notification: Email.
- Date of Notification: 00:00 (KST), 30 days before the transition to an Inactive account.
8.4 Restoring Inactive Accounts
When a user with an Inactive account reuses the Higher service by activating the account, the personal information will be restored.
**9. Technical/Administrative Protection Measures for Personal Information**
The Company is taking the following technical/administrative measures to ensure stability so that personal information is protected safely.
(1) Minimization and training of employees handling personal information: The Company implements measures to manage personal information by designating employees who handle personal information and limiting access to those in charge to protect personal information by minimizing access to personal information.
(2) Regular self-audit: Self-audit is conducted on a regular basis (once a quarter) to ensure the stability of handling personal information.
(3) Establishment and implementation of internal management plan: Internal management plan is established and implemented for safe processing of personal information.
(4) Encryption of personal information: Personal information of Member(s) is encrypted before being stored and managed, so only the Member can know. For important data, separate security functions such as encrypting file and transmission data or file locking functions are used.
(5) Technical countermeasures against hacking: To prevent personal information leakage or damage caused by hacking or computer viruses, the Company installs security programs, periodically updates/checks, installs systems in areas with restricted access from outside, and technically/physically monitors and blocks them.
(6) Access to personal information restriction: Access to the database system that manages the personal information is given, changed, and deleted in order to limit access to personal information. Unauthorized access from outside is controlled using the intrusion prevention system.
(7) Storage of access records and prevention of forgery: Access records of the personal information processing system are kept and managed for at least 6 months, and security functions prevent access records from being fabricated, falsified, stolen, or lost.
**10. Person in Charge of Personal Information Protection**
To take responsibilities for handling of personal information and to handle complaints or damages related to personal information, the Company appoints and operates the person and department in charge, as mentioned below, of personal information protection.
- Personal Information Processing Officer Name: Park Seoung Joo
- Affiliation / Position: Vision Bridge Partners Corp.
- E-mail: cs@vbptr.com
- Phone: 07077752024
All inquiries, complaints, damage relief, etc related to personal information that occurred during use, can be made to the person or department in charge of personal information protection. The Company will answer and process the user’s inquiries.
**11. Changes to the Privacy Policy**
When we make any material changes to this Privacy Policy, we will notify the user by displaying a notice within the Service, and the updated Privacy Policy will become effective 7 days from the day on which the notice is posted.
**12. Handling of Complaints and Disputes Related to Personal Information**
If you want to receive damage relief due to personal information infringement, please contact the Company's personal information management manager or person in charge. Alternatively, you can inquire about reporting or consulting on personal information infringement, damage relief, and dispute settlement at the institution below.
Personal Information Infringement Report Center
- Works: Receives reports of personal information infringement and receives applications for counseling
- Homepage: http://privacy.kisa.or.kr
- Phone: (without country code) 118
- Address: (58324) 3rd floor, 9, Jinheung-gil, Naju-si, Jeollanam-do, Republic of Korea
Personal Information Dispute Mediation Committee
- Works: Receives application for personal information dispute settlement and collective dispute settlement (civil settlement)
- Homepage: http://www.kopico.go.kr
- Phone: 02-2100-2499
- Address: (03171) 4th floor, 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea
Supreme Prosecutors’ Office of the Republic of Korea Cybercrime Investigation Center: 02-3480-3573 (www.spo.go.kr)
Korean National Police Agency Cyber Terror Response Center: 182 / https://ecrm.police.go.kr/
Addendum The following Privacy Policy will take effect from July 19, 2024