Privacy Policy

Oryggi Technologies Pvt. Ltd. (hereafter “Company”) is committed to complying with applicable domestic and international data protection laws, including the Personal Information Protection Act (PIPA) and the General Data Protection Regulation (GDPR), to safeguard personal data and ensure effective complaint resolution.

To safeguard the personal data of data subjects and ensure efficient handling of related complaints, the Company has established and is disclosing its privacy policy as follows.

  • Purpose of processing personal information, processing items, processing and Retention period
  • Personal information collection method
  • Provision of Personal Data to Third Parties
  • Consignment of Personal Data Processing and Overseas Transfer
  • Personal Data Destruction Procedure and Method
  • Rights and Duties of Data Subjects and Exercise of Rights
  • Measures to Ensure the Safety of Personal Data
  • Installation, Operation, and Rejection of Automatic Personal Data Collection Devices
  • Contact Information for Privacy Officer and Relevant Department
  • Remedy for Infringement of Rights and Interests of Data Subjects
  • Privacy Policy of Other Websites
  • Changes in Personal Data Processing Policy and Obligation to Notify

1.   Purpose of processing personal information, processing items, Processing and retention period

The Company processes the personal data of data subjects as follows:

In addition to the personal information processing indicated in Paragraph 1, the Company may process and preserve personal information in accordance with other laws and regulations. Personal information processed in accordance with other laws will be stored for the period specified in the relevant laws.

 

2.   Personal information collection method

The company collects personal information in the following ways.

Ø  Website operated by the company (mobile web, Collection through apps (including apps)

Ø  Collection through generated information collection tools (access logs, cookies, etc.)

Ø  Collection of personal information directly provided by the information subject through offline events such as exhibitions

Ø  the information subject consults or inquires through email, phone, fax, etc.

When collecting personal information, personal information is collected to the minimum necessary, and the personal information being processed is not used for purposes other than those intended . If the purpose of use changes, we will take necessary measures, such as obtaining separate consent.

 

3.   Provision of Personal Data to Third Parties

The Company will not use or disclose the data subject’s personal data to third parties without consent, except when required by relevant laws or regulations.

However, personal data may be provided without separate consent in the following situations:

Ø  For the purpose of settling service fees;

Ø  When providing data in an anonymized form for statistical, research, or market survey purposes to research institutions, survey organizations, or other entities; or

Ø  When required by special provisions of relevant laws, such as the Personal Information Protection Act, Act on Promotion of Information and Communications Network Utilization and Information Protection, Protection of Communications Secrets Act, Framework Act on National Taxes, Act on Real Name Financial Transactions and Confidentiality, Credit Information Use and Protection Act, Framework Act on Telecommunications, Telecommunications Business Act, Local Tax Act, Act on Consumer Protection in Electronic Commerce, Criminal Procedure Act.

If personal data is provided to third parties without the data subject’s consent under special legal provisions, only the minimum necessary information will be provided, and it will not be used for purposes other than the intended ones.

4. Consignment of Personal Data Processing and Overseas Transfer

  • The Company entrusts and transfers (stores) personal data to domestic and overseas entities to ensure smooth information provision, marketing, and stable service delivery, where the personal data is retained by the systems of the entrusted company. The Company shall ensure that the entrusted company only manages the data physically and does not have access to it.
  • The Company manages and supervises the entrusted entity to ensure compliance with technical and administrative protection measures, as well as other relevant laws and regulations related to personal data, and prohibits them from processing the data for purposes beyond the scope specified.
  • In the event of a change in the content of the consigned processing or the entrusted company, the Company will promptly disclose such changes through this privacy policy.
  • The technical and administrative protection measures of cloud services shall comply with the policies of the cloud service provider. The cloud service provider shall solely manage the physical aspect of the outsourced personal data and shall not access it.
  • The data subject may choose to refuse the transfer of their personal data by contacting the Privacy Officer or the relevant department of the Company. However, please note that refusal to transfer personal data may result in limited access to the Company’s relevant services.