ONENSIX Privacy Policy

Article 1 (Purpose of Personal Information Collection and Use)

ONENSIX (hereinafter referred to as "Company") processes personal information for the following purposes. The personal information being processed is not used for purposes other than the following, and when the purpose of use is changed, necessary measures such as obtaining separate consent will be implemented in accordance with Article 18 of the Personal Information Protection Act.

Service Provision: Providing location-based services, place recording and management, content provision
Member Management: Identity verification, personal identification, prevention of unauthorized use by problematic members in connection with membership service use
Service Improvement: Development of new services, provision of customized services, statistical compilation
Customer Support: Customer center operation, complaint handling, notification delivery

Article 2 (Personal Information Items Collected)

The Company collects the following personal information:

Category	Collected Items	Collection Method
Required Information	Email address, password, nickname	During membership registration
Location Information	GPS coordinates, visited place information	During service use
Optional Information	Profile photo, date of birth, gender	Provided by user choice

Article 3 (Personal Information Processing and Retention Period)

① The Company processes and retains personal information within the personal information retention and use period according to laws or the personal information retention and use period agreed upon when collecting personal information from data subjects.

② The processing and retention periods for each personal information are as follows:

Item	Retention Period	Legal Basis
Member Information	Until membership withdrawal	Service provision
Location Information	Immediately destroyed after service use (but usage history kept for 1 year)	Location Information Protection Act

Article 4 (Provision of Personal Information to Third Parties)

① The Company processes personal information only within the scope specified in Article 1 (Purpose of Personal Information Processing) and provides personal information to third parties only when it falls under Article 17 of the Personal Information Protection Act, such as data subject consent or special provisions of laws.

② The Company is currently not providing personal information to third parties.

③ If third-party provision becomes necessary in the future, we will notify in advance and obtain consent regarding the recipient, purpose of provision, items provided, and retention period.

Article 5 (Consignment of Personal Information Processing)

The Company is currently not consigning personal information processing tasks to external parties.

If consignment of personal information processing becomes necessary in the future, we will notify in advance and obtain consent regarding the consignee, consigned tasks, and personal information retention period.

Article 6 (Rights and Obligations of Data Subjects and Exercise Methods)

① Data subjects may exercise the following personal information protection-related rights against the Company at any time:

Request for notification of personal information processing status

Request for access to personal information

Request for correction or deletion of personal information

Request for suspension of personal information processing

② The exercise of rights under paragraph 1 may be made to the Company in writing, by telephone, email, fax, etc., and the Company will take action without delay.

③ When a data subject requests correction or deletion of errors in personal information, the Company will not use or provide the relevant personal information until the correction or deletion is completed.

Article 7 (Destruction of Personal Information)

① The Company destroys personal information without delay when personal information becomes unnecessary due to expiration of the retention period, achievement of processing purposes, etc.

② The procedures and methods for destroying personal information are as follows:

Destruction Procedure: The Company selects personal information for which destruction reasons have occurred and destroys personal information with approval from the personal information protection officer.

Destruction Method: Electronic files are deleted using technical methods that make records irreproducible, and paper documents are shredded or incinerated.

Article 8 (Measures to Ensure Personal Information Security)

The Company takes the following measures to ensure the security of personal information:

Administrative measures: Establishment and implementation of internal management plans, regular employee training

Technical measures: Access authority management for personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs

Physical measures: Access control to computer rooms, data storage rooms, etc.

Article 9 (Personal Information Protection Officer)

① The Company designates a personal information protection officer as follows to take overall responsibility for personal information processing and handle complaints and damage relief related to personal information processing for data subjects.

Personal Information Protection Officer

Name	Hyunjin Roh
Position	Developer
Email	onensix23@gmail.com

Article 10 (Remedies for Infringement of Data Subject Rights)

Data subjects may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee, Personal Information Infringement Report Center, etc. to receive relief for personal information infringement.

Personal Information Dispute Mediation Committee: (toll-free) 1833-6972 (privacy.go.kr)
Personal Information Infringement Report Center: (toll-free) privacy.go.kr
Supreme Prosecutors' Office: (toll-free) 1301 (www.spo.go.kr)
National Police Agency: (toll-free) 182 (ecrm.cyber.go.kr)

Article 11 (Changes to Privacy Policy)

① This privacy policy is applied from the effective date, and when there are additions, deletions, and corrections of changes according to laws and policies, it will be notified through announcements 7 days before the implementation of changes.

② When the Company revises the privacy policy, it will notify through website announcements (or individual notices).