"Feel-Good Corporation" (hereafter referred to as "the Company") values the personal information of the members using services provided by the "K-PASS&D-CAS Website", "Feel-Good Group Manager Center," and "K-PASS App" (hereafter referred to as "Services") including "group member" and "group manager" (hereafter referred to as "members"). In accordance with Article 30 of the "Personal Information Protection Act" enforced in Korea, the Company hereby publishes this Privacy Policy to protect the personal information of data subjects and to promptly and smoothly handle any related grievances.
The Privacy Policy is made readily accessible to all by being published at the bottom of the homepage of the "K-PASS&D-CAS Website" and "Feel-Good Group Manager Center". The Company's Privacy Policy may change periodically due to modifications in government laws and guidelines or internal policy changes. Should the Privacy Policy be revised or changed, notification will be provided through the Privacy Policy link on the first page of the "K-PASS&D-CAS Website" and "Feel-Good Group Manager Center". Members are advised to check the policy frequently during site visits.
The Company provides a procedure that allows group managers to select an 'Agree' button when registering, which pertains to the Company's Privacy Policy or Terms of Use. By selecting the 'Agree' button, it is considered that the member has consented to the collection of personal information.
Group members cannot register independently; instead, a group manager must enter the group member's personal information in the "Feel-Good Group Manager Center" to register the member, after which the services can be used.
The Company does not generally collect sensitive information that could infringe on members' privacy. If necessary, the Company will collect such information only with the member's explicit consent and use it solely for the agreed purpose.
The Company collects the following personal information for the registration of group managers and group members.
| Purpose of Collection and Use | Types of Personal Information Collected | Method of Collection |
Group manager At the time of registration |
Mandatory items: ID (email address), password, mobile number Optional items: date of birth, gender, address |
Website |
|
When a group manager creates a group |
Mandatory items: affiliation name, type of affiliation (category) | Website |
When a group manager registers a group member |
Mandatory items: name, date of birth, gender, country, district, address Optional items: nickname, country code, contact number, state, postal code, detailed address |
Website |
2) Common items for all members
① Information generated and collected during the use of services or in the process of business handling.
② Information automatically generated and collected during the service use or business process.
③ Information automatically collected through the installation/execution or use of a program.
④ Usage records, access logs, cookies, access IP information, payment records, suspension of use records, etc.
3) When paying for a subscription, the following personal information is collected.
① Depending on the payment method, bank account information, credit card information, and mobile phone number.
② In the case of payment cancellation and refunds, account information (bank name, account holder's name, account number).
The Company collects personal information of members and non-members in the following ways. Information generated through customer consultations on the "K-PASS&D-CAS Website" is collected using a data collection tool.
The Company collects personal information to provide members with enhanced service benefits through various methods (e.g., email, SMS, etc.) by delivering service-related information. However, if a member explicitly opts out of receiving service benefit information, the Company will not provide such information. In such cases, the Company is not responsible for any disadvantages that may occur due to the non-provision of information.
The Company does not disclose personal information without the prior consent of the member, and uses the collected information as follows.
1) For the establishment, maintenance, and termination of the K-PASS&D-CAS service contract, including identity verification, real name verification, confirmation of membership intent, and delivering notifications to members.
2) To provide a unified ID for K-PASS&D-CAS services, operate customer service centers, prevent misuse by problematic members and unauthorized use, manage voucher allocation and limit the number of allocations, handle complaints, deliver notifications, confirm intent to unsubscribe, plan/manage events and marketing, conduct research/surveys for service upgrades, and research/develop services.
3) For marketing activities such as sending emails and SMS to provide information about various events and promotions related to K-PASS&D-CAS services.
4) To use payment services for purchasing K-PASS&D-CAS subscriptions and for billing settlements.
The Company, as a rule, processes members' personal information within the scope specified in the Privacy Policy and does not exceed this scope or provide it to third parties (other individuals, companies, or institutions) without the prior consent of the member. However, personal information may be used for purposes other than those originally intended or provided to third parties in the following cases.
1) If the member has given prior consent
2) When necessary for statistics and academic research, market research, etc., and the information is provided in a form that does not allow identification of specific individuals
3) When there is a specific provision in other laws
4) When the Company must provide the personally identifiable information collected to comply with legal obligations, within the scope of the collection purpose
5) To facilitate the handling of personal information tasks, the Company has outsourced personal information processing tasks as follows
| Recipient | Purpose of Use | Information Provided | Duration of Personal Information Retention and Use |
| Amazon Web Services | Infrastructure for service systems | All member information | Until the member withdraws and the outsourcing contract is terminated |
6) When entering into an outsourcing contract, the Company specifies in documents such as the contract, in accordance with Article 26 of the Personal Information Protection Act, that the personal information shall not be processed for purposes other than those of the entrusted tasks, and includes details on technical and managerial protection measures, restrictions on re-entrusting, supervision and management of the trustee, and liability for damages. The Company also supervises the trustee to ensure the safe processing of personal information.
7) Should the content of the outsourced tasks or the trustee change, the Company will promptly disclose such changes through this Privacy Policy.
The Company adheres to the principle of promptly destroying the collected personal information of members once the purpose of collection has been achieved. However, in the following cases, some or all of the collected member information may be retained for a certain period of time as an exception.
The Company uses the retained information solely for the purpose of its retention, and the preservation period is as follows.
1) Reasons for retaining information as mandated by relevant laws
| Legal Basis for Retention | Types of Personal Information Retained | Duration of Personal Information Retention and Use |
| Consumer Protection on Electronic Commerce etc. Decree |
Records related to contracts or withdrawal of subscriptions Records related to payment and provision of goods etc. |
5 years |
| Records related to consumer complaints or dispute resolutions | 3 years | |
| Records related to advertising | 6 months | |
| Electronic Financial Transactions Act | Records related to electronic financial transactions | 5 years |
| Protection of Communications Secrets Act | Service visit records | 3 months |
2) Reasons for retaining information according to internal company policy
① To prevent confusion and misuse in the provision of events and DM (gifts/prizes) services.
② Types of Personal Information Retained: Name, result of identity verification (Duplicate registration information (DI), Encrypted identifier (CI)), ID (email address), password, mobile phone number, refund account (bank name, account holder, account number), receipt of text services (marketing), child's name, date of withdrawal, consultation information, misuse records.
③ Retention Period: 3 years after withdrawal (up to 5 years in case of electronic commerce transactions).
3) Reasons for retaining information to prevent duplicate registrations of IDs (email addresses)
① Types of Personal Information Retained: ID (email address), date of withdrawal, reason for withdrawal.
② Retention Period: 5 years after withdrawal.
The Company will promptly destroy personal information when it is no longer necessary, such as after the retention period has expired or the purpose for processing has been achieved.
1) Destruction Procedure
Information entered for membership registration and subscription purchases will be retained for a certain period according to internal policies and other relevant legal reasons (as stated in 5. Retention and Use Period of Personal Information) and then destroyed once the purpose has been achieved.
This personal information will not be used for any purposes other than retention, unless required by law.
2) Method of Destruction
Personal information stored in electronic file formats will be deleted using technical methods that make records irrecoverable and unreproducible, or the physical media will be destroyed to make recovery impossible.
Personal information printed on paper will be shredded using shredders or similar devices to make reassembly impossible, or it will be incinerated.
1) Group managers can at any time view or modify their own or their group members' personal information and can request to withdraw membership.
2) Group managers can directly access, modify, or withdraw consent for selected terms (such as receiving event notifications) via the 'Edit Member Information' page. However, for group managers to withdraw membership, they must contact customer service directly for management transfer and settlement of remaining accounts before withdrawal can be processed.
3) Group members must go through their manager to access or modify their personal information.
4) On the 'Edit Member Information' page, group managers cannot modify their ID (email) or nationality information. The company will verify the identity of the individual through a systematic process if modification of such information is necessary for the protection of personal information.
5) If group managers forget their ID/password, they can use the "Find ID/Password" feature. However, the ID (email) cannot be changed under any circumstances without a specific and acceptable reason to the company. If a change is absolutely necessary, the member must withdraw using the current ID (email) and re-register with a new ID (email).
The Company uses 'cookies,' which frequently store and retrieve member information.
A cookie is a very small text file sent by the server operating the Company’s website to the member's browser. It transmits small amounts of information to the member's browser when using web or mobile services, and is stored on the hard drive of the member's device (PC, smartphone, tablet, etc.).
Use of Cookies for the Following Purposes
1) Purpose of Using Cookies
The Company uses cookies to analyze the frequency of visits and visit duration, track members' preferences and interests, and monitor participation in various events and the number of visits for targeted marketing and personalized services.
Members have the choice to install cookies. Therefore, you can set options in your web browser to allow all cookies, to be notified each time a cookie is stored, or to reject the storage of all cookies.
2) How to Refuse Cookie Settings
You can refuse cookie settings by choosing options in your web browser to allow all cookies, to be notified each time a cookie is stored, or to reject the storage of all cookies.
However, if you refuse cookie settings, there may be difficulties in providing services.
3) How to Specify Cookie Settings
① For Microsoft Edge: Go to the top of the web browser, click [Settings and more ...] → [Settings] → [Cookies and site permissions] → [Manage and delete cookies and site data].
② For Chrome: At the top of the web browser, click [... menu] → [Settings] → [Privacy and security] → [Cookies and other site data].
③ For other web browsers: Please contact the customer service center of the respective browser.
The Company is implementing the following technical and physical measures to secure personal information.
1) Regular Self-Audits
We designate employees responsible for handling personal information and restrict access to these individuals to minimize risk. We conduct regular (annual) information security training and self-audits.
2) Establishment and Implementation of Internal Management Plans
We have established and are implementing an internal management plan to ensure the safe processing of personal information.
3) Technical Measures Against Hacking
The Company installs security programs to prevent leakage and damage of personal information caused by hacking or computer viruses, performs regular updates and checks, and installs systems in areas controlled for access from outside, monitoring and blocking access.
4) Encryption of Personal Information
Personal information and passwords of data subjects (users) are encrypted and stored and managed so that only the individual can access them. Important data is secured using additional security functions such as encrypting files and transmission data or using file locking mechanisms.
5) Restricting Access to Personal Information
Necessary measures are taken to control access to personal information, including granting, changing, and revoking access rights to the database system that processes personal information, and unauthorized access from outside is controlled using an intrusion prevention system.
6. Use of Locks for Document Security
Documents containing personal information are kept in a secure location.
7. Control of Entry for Unauthorized Persons
Physical storage locations containing personal information are separately established, and access control procedures are in place and operated.
1) Operation of the Feel-Good Customer Center
The Company collects opinions related to members' personal information and handles complaints through the designated processes available at the personal information manager and the Feel-Good Customer Center via chat consultation or email as specified below. The Company will provide prompt and adequate responses to members' reports.
① Responsible Person: CS Manager
② Chat consultation is available only on weekdays from 10:00 to 16:00 Asia(+09:00 KST) time (closed on Saturdays, Sundays, and public holidays).
③ Lunch hour is from 13:00 to 14:00 Asia(+09:00 KST).
④ Email address: contact@feel-good.io
If contacted by email, we will respond diligently within 24 hours. However, it is our policy to handle inquiries received after working hours or on weekends and public holidays on the next business day.
Members can report all complaints related to the personal information processing policy while using the Company’s services to the personal information manager or the Feel-Good Customer Center. The Company will provide prompt and sufficient responses to the reports from the members.
1) Detailed information about personal information protection, including this Privacy Policy, is readily accessible to members by being published at the bottom of the initial screen or a linked screen of the "K-PASS&D-CAS Website" and "Feel-Good Group Manager Center." The contents of this Privacy Policy are subject to change, so please check it each time you visit the site.
2) If the Company revises the Privacy Policy, it will notify members at least 7 days before the implementation date using one or more of the following methods.
① Email notification
② Pop-up notification on the K-PASS&D-CAS Website
③ Pop-up notification at the Feel-Good Group Manager Center
Addendum
These terms and conditions will take effect from April 1, 2024.