Effective: 2020-04-10

The safe handling of the personal information of our customers is one of the most important things for us when providing our Service. Shiftee Inc. (hereinafter referred to as ‘Shiftee’, ‘we’, ‘our’, ‘us’) shall protect personal information of Users (hereinafter referred to as ‘users’, ‘you’, ‘your’) in accordance with the relevant laws and regulations such as the Promotion of Information and Communication Network Utilization and Information Protection Act, the Personal Information Protection Act. To handle such matter promptly and smoothly we establish a privacy policy as follows. The collected personal information of the user will be utilized to provide more convenient service to the user.

Shiftee collects personal information about you that is required to provide a smooth service and a convenient user experience. In other words, in order to provide the basic functions of the service or various specialized functions according to the terms and conditions agreed to by the user, it may be necessary to confirm the user's identity, name, gender, age, account. Your personal information may also be used to distinguish you from other users that may occur when you use the Service, to register, or to notify you. In addition, it is also needed when we have an individual notice or disputes related to the use of the service, or when we settle the usage charge for you. In addition to this, it is also used to develop and specialize new services, to provide customized services, to improve functions, to provide services according to demographic characteristics, to provide various events and advertisement information, to fulfill obligations stipulated in laws and regulations, and to prevent misuse.

The privacy policy is disclosed to the user through the Shiftee website, can be viewed at any time, and may be subject to changes to comply with the privacy laws, guidelines, notices, or the mobile app and web application service policies.

1. Collecting Personal Information

  1. When a user first joins a service or when using a mobile app or a web app service, Shiftee collects the user's first and last name, email, password, and device information(OS version, etc.). In this process, when Naver or Google account is used to authenticate the user’s identity, the user must sign in to Naver or Google and agree to provide personal information to Shiftee Inc. After the authentication and the agreement, Shiftee uses the Access Token to receive and store user’s personal information. The Access Token is used only once at the time of registration and will not be saved after the registration is completed. When you authenticate via e-mail, only the e-mail address and the other personal information that you entered are collected and authenticated. In addition, individual mobile number, photo (including meta information), store location information is selectively collected.
  2. Wi-Fi IP address information and cookies can be generated and collected by a user's action. Shiftee checks if User's device is connected to the Wi-Fi IP address of the location only when a user initiates an activity such as clocking in/out or break then disposes it immediately.
  3. GPS coordinates information and cookies can be generated and collected by a user's action. Shiftee checks if User's device is within a certain radius of the location only when a user initiates an activity such as clocking in/out or break then disposes it immediately.
  4. When a user subscribes to the paid service, information necessary for payment such as credit card information, carrier information, business registration number for issuing tax invoice, etc. may be collected.
  5. Service usage records, access logs, access IP information, store sales records, payroll records, sanctions and suspension records, and failure information may be created and stored. Such personal information may be collected during the use of the service or collected through third-party partners or tools for collecting user-generated information.

2. Handling and Using Personal Information

  1. Shiftee shall provide the Service upon consent of a user for us to collect personal or corporate information. Shiftee will never provide User’s personal information to third parties unless the law requires and we have user’s special consent.
  2. Shiftee will not provide user's personal information to a third party other than the Customer or the User authorized by the Customer, except when there is a separate consent of the Customer or User, or as provided for by law.
  3. When National Authority Tax Office or National Insurance Office requires, Shiftee obtains the User's consent before releasing the information.
  4. Personal information is used for service provision, membership management, new service development, marketing and advertising, and provision of opportunities for event participation.
  5. Personal information may be used to fulfill contracts related to the provision of services and settling the charges accordingly. This includes content delivery, delivery of customized services, shipment of goods or invoices, identity verification, purchase and payment, a collection of charges, and facilitation of transactions between sellers and users.
  6. Personal information is also used for various member management such as identity verification, personal identification, prevention of illegal and unauthorized use, identifying duplicate registrations, record keeping for dispute settlement, complaint and claim handling, and sending notices.
  7. Personal information can be used for a statistical purpose on usage.
  8. Personal information is used only within the scope of this notice and is not disclosed to the outside without prior consent of the user.

Shiftee uses the personal information of the user within the scope of the purpose of collection and use of personal information. However, except for the cases where the user agrees to provide personal information in advance, and when there is a request from the investigating agency in accordance with procedures and methods prescribed in laws and ordinances for purposes of investigation pursuant to the provisions of laws and regulations. Details about the consent to provide personal information are described below, and the company receiving the information may be changed later. If the company is changed or added, Shiftee will notify you of the change through notice or privacy policy page and obtain consent before proceeding to the Service.

The Customer or the User authorized by the Customer

- employee number
- first and last name
- e-mail
- phone number

Purpose of Use of the Recipient
Administration of Shiftee Service

Retention and Availability
Upon end of the Service or contract or as specified in a separate contract

In order to improve our service, we have defined the necessary items to be managed safely when consigning the management of personal information.
Please be assured that Shiftee has the necessary policy to ensure that your personal information can be safely handled during the contract of consignment in accordance with the relevant laws and ordinances. The entrusted and consignment responsibilities are as below:

1. Customer Support
- Agent: The White Communication (더화이트커뮤니케이션(주))
- Scope of Consignment: Customer Support via phone, chat, and email

3. Archiving and Destroying Personal Information Records

Personal information is destroyed without delay when the period of use and retention is achieved, and the procedure and method of destruction are as follows. In principle, the information entered by the user for membership etc. is destroyed without delay when the purpose of collecting and using the personal information is achieved. However, when it is necessary to preserve it in accordance with the relevant laws and regulations, the member information is kept for a certain period set by the related laws and regulations.

Retention Items Conservation Grounds Retention Period
Service history, access log, access IP information Communications Privacy Protection Act 3 months
Records about display/advertising Consumer Protection Act in E-Commerce etc. 6 months
Records on contracts, withdrawals, etc. Consumer Protection Act in E-Commerce etc. 5 years
Records on payment and supply of goods Consumer Protection Act in E-Commerce etc. 5 years
Records of consumer complaints or disputes Consumer Protection Act in E-Commerce etc. 3 years

The collected and used personal information of which the purpose of use achieved is transferred to a separate DB (separate document cabinet in case of paper), stored for a certain period according to the internal policy and other relevant laws and regulations (refer to personal information processing and retention period). At this time, the corresponding personal information will not be used for any other purpose other than that held by law. In the event of the destruction of collected information, personal information printed on paper will be destroyed by shredding or incineration, and personal information stored in electronic file format will be deleted using a technical method that cannot reproduce the record.

In addition, in order to protect the personal information of the member, Shiftee will destroy the personal information of the user who has not been active for more than one year. We will notify related users about the use of personal information through e-mail at least one month before the processing. Users can view and modify their personal information at any time and can request removal.

4. Accessing, Removing and Responsibility of User's Personal Information

You may view or modify your personal information at any time. If you disagree with the handling of personal information by Shiftee, you may refuse your consent or request withdrawal. However, in such cases, some or all of the services may be difficult to use. To view or modify your personal information during use, you can view, edit, or withdraw yourself directly by clicking on ‘Account Settings’ in the application. You also can request for withdrawal via phone or e-mail.

Also, if the user-entered incorrect personal information is provided to a third party for the purpose of service operation, we will notify the third party without delay the result of the correction process given we realize that there is any incorrect information.

Shiftee will process personal information that has been terminated or deleted at the user's request, in accordance with the terms and conditions of use of the personal information, and will not use or view for any other purpose.

5. Personal information encryption, backup, security

Various technical and administrative measures are taken to ensure the safety of personal information.

In order to secure the privacy of users' personal information and prevent loss, theft, leakage, alteration or damage, Shiftee encrypts and stores personal information securely according to related legal regulations or internal policies. We also do our best to prevent personal information from being leaked or damaged by hacking or computer viruses. To prevent personal information from being compromised, we are backing up the data from time to time. We use the latest vaccine program to prevent personal information or data from being leaked or damaged. We also securely transmit personal information on the network through encrypted communication.

Shiftee strives to have all the technical equipment available to ensure security in other systems. In addition, the personal information processing staff is limited to the person in charge, and a separate password is assigned which is periodically updated. In addition, through the implementation of regular education for the person in charge and the in-house personal information protection department, we are making every effort to check the implementation and the implementation of the person in charge, and to correct and rectify the problem if it is found. However, Shiftee will not be held responsible for any problems caused by leakage of personal information such as passwords or business information due to user negligence or problems on the Internet.

We have designated the person in charge of personal information management and the person in charge and will share the changes in advance. You can report all issues related to personal information protection that occurs when you use Shiftee's services to your personal information manager or its department. Shiftee will respond promptly to your claims.

Personal information manager
Name: Seung Won Shin
Position: CEO
e-mail: legal@shiftee.io
Phone: 02-6261-5318

If you need to report or consult about other privacy infringement, please contact the following organizations:
Personal Information Infringement Notification Center (www.118.or.kr / +82-118 without area code)
Cyber ​​Crime Division of Supreme Prosecutors' Office (www.spo.go.kr / +82-2-3480-3571)
Cyber ​​Terror Response Center (www.ctrc.go.kr / +82-1566-0112)

Please note that the Shiftee's “Privacy Policy” does not apply once User is redirected to third-party websites.