1. SCOPE OF APPLICATION
Here we describe the privacy practices for our devices, applications, software, websites, APIs, products, and services (the “Services”). You will learn about the data we collect, how we use it, the controls we give you over your information, and the measures we take to keep it safe. When the Terms mention “Beflex”, “we,” “us,” or “our,” they refer to Beflex.
Last Updated: 12. 14. 2018.
If you have any questions, comments or suggestions, please contact us through the following contact information.
This policy will help you understand the following:
1. What information is collected and how we collect
2. How we use information
4. How we share, transfer, publicly disclose your personal information
5. Your rights to access and control your personal data
6. How we protect your information
7. How we retain data and when we destroy personal information
8. How we transfer data to oversea
9. How we handle children’s personal information
10. Rights of the legal representatives
11. How we make changes to this policy
12. Our contact information
We know the importance of personal information to you and will do our best to protect it. We are committed to maintaining your trust in us and abide by the following principles to protect your personal information: the principle of power and responsibility, the principle of clear purpose, the principle of choice consent, the principle of least enough use, the principle of ensuring safety, the principle of participation in the subject, the principle of openness and transparency, and any other applicable principles. At the same time, we promise that we will adopt appropriate safety protection measures to protect your personal information according to the industry's mature security standards.
3. HOW WE COLLECT AND USE YOUR PERSONAL INFORMATION
Personal information refers to various information that can be recorded electronically or otherwise and can be used alone or in combination with other information to identify the identity of a specific natural person or reflect the activity of a specific natural person. If any of features below is not provided, the corresponding personal information will not be collected unless the information is necessary for different feature. Beflex will only collect and use your personal information for the following purposes described in this policy:
A. EXERCISE INHANCEMENT
1) Create a user account:
To create an account, we need following information: your name, email address and password.
2) Analyze physical activities and provide personalized advice
Beflex detects user’s head motion signal data through Beflex Earphone and analyzes it alone and in combination with other information. The additional information we collect from you along with head motion signal are: your height, weight, age, sex, leg length, whether you are right footed or left footed, shoes you wear, locational information (including location and altitude), type of exercise, and wellness-related information such as heart rate, injury history, amount of alcohol usage, menstruation history, and device information such as your posture, the number of steps, distance traveled, burned calories, cadence, stride, interpolation, vertical amplitude, support time, impact, total time in air, ratio of time in air (flight-stance ratio), left-right balance, maximum force exerted from body, consistency, active minutes, step wide, step length and location. The device information is estimated value of data transmitted from acceleration censor in earphone and GPS censor in cell phone.
3) Provide statistics and progress
To further enhance your activity, we need to record and track your exercise records including: your location, time and other physical activity related records (eg. your wellness-related information and device information) from Section A.3) above.
B. INTERNAL AUDITS, DATA ANALYSIS AND RESEARCH
To improve our services and products, we receive certain usage data when you access or use our Services. This includes information about your interaction with the Services, for example, when you view or search content, install applications or software, create or log into your account, pair your device to your account, or open or interact with an application on your Beflex device.
We also collect data about the devices you use to access the Services, including IP addresses, browser type, language, operating system, Beflex or mobile device information (including device and application identifiers), the referring web page, pages visited, location (depending on the permissions you have granted us), and cookie information. followings: activity logs, your height, weight, gender, activity levels, device information, in-app usage information, location, and types of exercise.
C. INFORMATION FROM THIRD-PARTY SERVICES
If you choose to connect your account on our Services to your account on another service (such as bai-du or qq), we may receive information from the other service such as your name, profile picture, age range, language, email address, and friend list. You may also choose to grant us access to your exercise or activity data from another service. You can stop sharing the information from the other service with us by removing our access to that other service.
D. PAYMENT AND CREDIT CARD INFORMATION
Some features in Beflex Service support payments and transactions with third parties. If you activate this feature, you must provide certain information for identification and verification, such as your name, credit, debit or other card number, card expiration date, and CVV code. This information is encrypted and sent to your card network, which upon approval sends back to your device a token, which is a set of random digits for engaging in transactions without exposing your card number. For your convenience, we store the last four digits of your card number and your card issuer’s name and contact information. You can remove the token from your account using your account settings. We do not store your transaction history.
E. HEALTH AND OTHER SPECIAL CATEGORIES OF PERSONAL DATA
To the extent that information we collect is health data or another special category of personal data subject to any applicable laws, codes, and regulations including Personal Information Protection Act, we ask for your explicit consent to process the data. We obtain this consent separately when you take actions leading to our obtaining the data, for example, when you pair your device to your account, grant us access to your exercise or activity data from another service, or use the female health tracking feature. You can use your account settings and tools to withdraw your consent at any time, including by stopping use of a feature, removing our access to a third-party service, unpairing your device, or deleting your data or your account.
F. PERSONAL SENSITIVE INFORMATION
i) Notwithstanding to information collection methods listed above, we will ask your explicit consent prior to collecting any sensitive information. You may disagree to allow us to collect information; however, you must agree in order to allow us to provide you the core service. Disagreeing to provide sensitive personal information for any supplementary or additional services would not affect the function or quality of core service.
ii) Notwithstanding to Section 6. “Share, Transfer and Publicly Disclosure”, we will ask your separate, explicit and prior consent for sharing, transferring and/or publicly disclosing any personal sensitive information. You may choose to disagree; however, you must agree to allow us to provide you the core service in case where we need to share, transfer or disclose such information to provide such service.
iii) You may revoke your consent anytime by unchecking the applicable “agree” box or checking “disagree” box in Agreement to Collect and Use Personal Sensitive Information or Agreement to Share Transfer and Publicly Disclose Personal Sensitive Information which you may find in account settings.
iv) Please refer to Section 3. A. Exercise Enhancement to find out our core services and additional services and the corresponding sensitive personal information.
4. HOW WE USE INFORMATION
A. PROVIDE AND MAINTAIN THE SERVICES
By using the information, we are able to provide Beflex Services to you, honor our Terms and Conditions, and contract with you. For example, we need to use your information to provide you with your Beflex dashboard tracking your exercise, activity, and other trends; to enable the community features of the Services; and to give you customer support.
For the Services’ community features, we may use your information to help you find and connect with other users and to allow other users to find and connect with you. For example, your account contact information allows other users to add you as a friend or send messages. When another user has your email or mobile phone number in their contact list or in their friend network on a connected service, we may show that user that you are a user of the Services.
B. IMPROVE, PERSONALIZE, AND DEVELOP THE SERVICES
We use the information we collect to improve and personalize Beflex Services and to develop new features, such as troubleshooting, performing data analysis, updating and testing, researching and developing new features.
We use precise location information to provide and improve features of the Beflex Services such as mapping an activity route.
We also use your information to make inferences and show you more precise activity information. For example, information like your height, weight, gender, and age allows us to improve the accuracy of your daily exercise, activity statistics and timely progress like the number of calories you burned, the distance you traveled and the change of posture with respect to activity time.
We may also personalize exercise and activity goals for you based on the goals you previously set and your historical exercise or activity data.
C. COMMUNICATE WITH YOU
We use your information to send you Service notifications and respond to your suggestions and questions. If we have your explicit consent, we also use your information to promote new features or products that we think you would be interested in. You can control marketing communications and most Service notifications by using your notification preferences in account settings or via the “Unsubscribe” link in an email or in account setting menu.
D. IMPROVE SAFETY AND SECURITY
For personal data subject to the Act on the Protection and Use of Location Information and Personal Information Protection Act, we rely on several legal bases to process the data. These include when you have given your consent, which you may withdraw at any time using your account settings and other tools; when the processing is necessary to perform a contract with you, like the Terms and Conditions; and our legitimate business interests, such as in improving, personalizing, and developing the Services, marketing new features or products that may be of interest, and promoting safety and security as described above.
Our cookies may be session cookies (temporary cookies that identify and track users within our websites, applications or services which are deleted when you close your browser or leave your session in the application or service) or persistent cookies (cookies which enable our websites, applications or services to “remember” who you are and to remember your preferences within our websites, applications or services and which will stay on your computer or device after you close your browser or leave your session in the application or service).
A. TECHNOLOGIES WE USE
1) Strictly necessary cookies
These are cookies which are needed for our websites, applications or services to function properly, for example, these cookies allow you to access secure areas of our website or to remember what you have put into your shopping basket.
2) Performance cookies and analytics technologies
These cookies collect information about how visitors and users use our websites, applications and services, for instance which functionality visitors use most often, and if they get error messages from areas of the websites, applications or services. These cookies don't collect information that identifies a visitor or user. All information these cookies collect is aggregated and therefore anonymous. We only use these cookies to improve how our website, applications and services work.
3) Functionality cookies
These cookies allow our websites, applications and services to remember choices you make and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize. They may also be used to provide services you have asked for. The information these cookies collect may be anonymized and they cannot track your browsing activity on other websites.
4) Targeting or advertising cookies
These cookies are used to deliver ads more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operators’ permission. They remember that you have visited a website and this information is shared with other organizations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organization.
5) IP Address and traffic data
We keep a record of traffic data which is logged automatically by our servers, such as your Internet Protocol (IP) address, device information, the website that you visited before ours and the website you visit after leaving our site. We also collect some site, application and service statistics such as access rates, page hits and page views. We are not able to identify any individual from traffic data or site statistics.
Find out more about the individual cookies and analytics technologies that we use.
6) Web Beacons and Pixel Tags
In addition to cookies, we use other technologies such as web beacons and pixel tags on our websites. For example, the email we send to you may contain a click URL that links to the content of our website. If you click on this link, we will track this click to help us understand your product or service preferences and improve customer service. Web beacons are usually transparent images embedded in websites or emails. With the pixel tag in the email, we can tell if the email was opened. If you do not want your activity to be tracked this way, you can unsubscribe from our mailing list at any time.
B. HOW TO DISABLE COOKIES
Many web browsers have a ‘Do Not Track’ feature that can issue Do Not Track requests to websites. At present, major Internet standards organizations have not yet set up policies to specify how websites should respond to such requests. But if your browser has Do Not Track enabled, all of our sites respect your choice.
You may be able to configure your browser or our website, application or service to restrict cookies or block all cookies if you wish, however if you disable cookies you may find this affects your ability to use certain parts of our website, applications or services. For more information about cookies and instructions on how to adjust your browser settings to accept, delete or reject cookies, see the www.allaboutcookies.org website.
6. HOW WE SHARE, TRANSFER, PUBLICLY DISCLOSE YOUR PERSONAL INFORMATION
We do not share, transfer or disclose your personal information except in the limited circumstances described below.
1) We will not share your personal information with any companies, organizations or individuals except:
i) Share with explicit consent: We will share your personal information with other parties after obtaining your explicit consent.
ii) We may share your personal information externally, in accordance with laws and regulations, or according to the mandatory requirements of government authorities.
iv) Sharing with Authorized Partners: Some of our services will be provided by authorized partners only for the purpose of achieving the statements in this policy. We may share some of your personal information with our partners to provide better customer service and user experience. For example, when you purchase our products online, we must share your personal information with a logistics service provider to arrange delivery or arrange for partners to provide services. We will only share your personal information for legitimate, necessary, specific, and explicit purposes, and will only share the personal information necessary to provide the service. Our partners do not have the right to use the shared personal information for any other purpose.
2) Our authorized affiliate and partners include the followings:
i) Authorized partners for advertising and analysis services. Unless we have your permission, we will not use your personally identifiable information and provide advertising and analysis services. Partners to share. We will provide these partners with information about their advertising coverage and effectiveness, and will not provide your personally identifiable information, or we will aggregate this information so that it does not identify you personally. For example, only after advertisers agree to comply with our advertising guidelines, we may tell advertisers how effective their ads are, or how many people saw their ads or installed applications after seeing ads, or to cooperate with them. Partners provide demographic information that is not personally identifiable to help them understand their audience or customers.
ii) Suppliers, service providers and other partners. We send information to suppliers, service providers, and other partners that support our business globally. These include providing technical infrastructure services, analyzing how we use our services, measuring the effectiveness of advertising and services, and providing customers Services, payment facilities or academic research and investigation.
We will not transfer your personal information to any company, organization or individual, but except following:
i) Transfer with explicit consent: After obtaining your explicit consent, we will transfer your personal information to other parties;
C. Public disclosure
We will only publicly disclose your personal information in the following circumstances:
i) After obtaining your explicit consent;
ii) Legally based disclosures: We may disclose your personal information publicly, subject to legal, legal procedures, lawsuits, or mandatory requirements of government authorities.
D. FOR LEGAL REASONS OR TO PREVENT HARM
We may preserve or disclose information about you to comply with a law, code, and relevant regulation; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, threats to the security of the Services, the physical safety of any person or other criminal activities.
We may share non-personal information and anonymized information so that it cannot reversibly be used to identify an individual. We may disclose such information publicly and to third parties, for example, in public reports about exercise and activity, to partners under agreement with us, or as part of the community benchmarking information we provide to users of our subscription services.
If we are involved in a merger, acquisition, or sale of assets, we will continue to take measures to protect the confidentiality of personal information and give affected users notice before transferring any personal information to a new entity.
7. YOUR RIGHTS TO ACCESS AND CONTROL YOUR PERSONAL DATA
In accordance with relevant laws, regulations, standards, and common practices in other countries and regions, you may exercise the following rights with respect to your personal information:
A. ACCESS TO YOUR PERSONAL INFORMATION
You have the right to access your personal information, except for exceptions as provided by laws and regulations. If you want to exercise data access, you can access it yourself by:
1) Account Information - If you wish to access or edit personal information and payment information in your account, change your password, add security information, or close your account, you can do this in:
App à Settings à Account
2) Running History – You can access or clear your physical exercise history in:
App à History
Each set of history can be deleted separately.
3) Others – We will be happy to provide you with any other personal information we possess which arises from using of our services. If you want to exercise data access, please send an email to email@example.com.
If you experience trouble in accessing your personal information through the above link, you can contact us at any time using our web form or send an email to firstname.lastname@example.org.
B. CHANGE, CORRECT AND MODIFY YOUR PERSONAL INFORMATION
You have the right to ask us to make corrections. If you want to change your personal information due to inaccuracy or for any other reason you might have, you can do so by sending a request by email or by using our website URL.
C. DELETE YOUR PERSONAL INFORMATION
In the following situations, you can ask us to delete your personal information:
1. If we deal with personal information in violation of laws and regulations;
2. If we collect and use your personal information, we do not obtain your consent;
3. If we deal with personal information in violation of your agreement with you;
4. If you no longer use our products or services, or you cancel your account number;
5. If we no longer provide products or services for you.
If we decide to respond to your request for removal, we will also notify the entity that obtained your personal information from us and request that it be removed in a timely manner, unless otherwise required by laws and regulations, or these entities obtain your independent authorization.
When you delete information from our service, we may not immediately delete the corresponding information in the backup system but it will be removed from our system when backing up the update.
D. CHANGE THE SCOPE OF AUTHORIZATION
Each business function requires some basic personal information to be completed (see Part 1 of this policy). For the collection and use of additional collected personal information, you may give or withdraw your consent at any time and if you do not want to accept commercial advertisements that we have sent to you, you can unsubscribe at any time.
Upon your withdrawal of consent, we will no longer process the corresponding personal information. However, your decision to withdraw your consent will not affect the previous information that has been processed based on your authorization.
You can do this yourself here: App à Setting à Account
E. WITHDRAWAL OF ACCOUNT OF PERSONAL INFORMATION SUBJECT
You can delete your registered account at any time at: App à Settings à Account
Upon cancellation of the account, we will stop providing products or services for you and delete your personal information in accordance with your requirements, unless otherwise provided by laws and regulations.
F. OBTAIN A COPY OF PERSONAL INFORMATION
You have the right to obtain a copy of your personal information. You can do it by sending a request to email@example.com.
In the premise of technical feasibility, such as data interface matching, we can also directly transmit your personal information copy to your designated third party according to your requirements.
G. ASK FOR AN EXPLANATION
In some business functions, we may make decisions based only on non-artificial automatic decision mechanisms such as information systems and algorithms. If these decisions significantly affect your legal rights, you have the right to ask us for an explanation, and we will also provide appropriate remedies.
H. OUR RESPOND TO YOUR REQUEST
For security, you may need to provide a written request or otherwise prove your identity.
We may ask you to verify your identity before processing your request.
We will respond within thirty days. If you are not satisfied, you can also submit your any inconvenience, complain and/or suggestion to firstname.lastname@example.org.
For your reasonable request, we do not charge a fee in principle, but we will charge a certain amount of cost for the request that is repeated many times and exceeds a reasonable limit. For those that are duplicative, require excessive technical means (for example, need to develop new systems or fundamentally change current practices), pose risks to the legitimate rights of others, or are very impractical (for example, involving backup of information stored on tapes) Requests, we may reject it.
In the following situations, we will not be able to respond to your request as required by laws and regulations:
1. Directly related to national security and national defense security;
2. Being directly related to public safety, public health, and major public interests;
3, directly related to criminal investigation, prosecution, trial and execution of judgment;
4. There is sufficient evidence that you have a subjective or abuse of rights;
5. Responding to your request will result in serious damage to the legitimate rights of you or other individuals and organizations.
6, involving trade secrets.
8. HOW WE PROTECT YOUR INFORMATION
A. TECHNOLOGIES AND MEASURES WE ARE ADOPTING
1) We use industry-standard security safeguards to protect the personal information you provide to prevent data from unauthorized access, public disclosure, use, modification, damage, or loss. We will take all reasonably practicable steps to protect your personal information. For example, when data (such as credit card information) is exchanged between your browser and “service”, it is protected by SSL encryption; we also provide https secure browsing to Beflex websites; we use encryption technology to ensure the confidentiality of data; we will Use trusted protection mechanisms to prevent data from malicious attacks; we deploy access control mechanisms to ensure that only authorized personnel have access to personal information; and we conduct security and privacy protection training courses to strengthen the importance of employees in protecting personal information understanding.
2) We secure and maintain your personal information based on Personal Information Protection Act, Act on Protection and Use of Location Information, and other relevant codes and regulations to determine their own data security capabilities.
3) Any protocol of our server other than http(80) and https(443) is accessible only through intranet or VPN, and SSH root access to our server is limited to specified IP addresses only.
4) We will take all reasonably practicable steps to ensure that no irrelevant personal information is collected. We will only retain your personal information for the period required to achieve the purpose described in this policy, unless we need to extend the retention period or be allowed by law.
5) Any information stored in the local data base including personal information you’re your account password will be encrypted.
B. UPDATES AND MEASURES IN CASE OF INCIDENT
1) We will regularly update and disclose the contents of the reports on security risks, personal information security impact assessment, etc.
2) The Internet environment is not 100% secure. We will do our best to ensure or guarantee the security of any information you send to us. If our physical, technical, or management protective facilities are damaged, resulting in unauthorized access, public disclosure, alteration, or destruction of information, resulting in damage to your legitimate rights and interests, we will assume corresponding legal responsibilities.
3) After the unfortunate personal information security incident, we will promptly inform you in accordance with the requirements of laws and regulations: The basic situation and possible impact of the security incident, the disposal measures we have taken or will take, and you can take precautions and Risk reduction advice, remedial measures for you, etc. we
4) The relevant events will be informed in a timely manner by e-mail, letter, phone, push notification, etc. If it is difficult to notify the personal information subject one by one, we will issue a notice in a reasonable and effective manner.
5) At the same time, we will take the initiative to report on the handling of personal information security incidents in accordance with regulatory requirements.
9. RETENTION AND DESTRUCTION OF PERSONAL INFORMATION
1) We only retain your personal information within the period of treating personal information according to the law or during the period agreed upon when collecting personal information. However, we may retain following information for specific period:
- Records about markup and ads: 6 months
- Records on contract or withdrawal of subscription: 5 years
- Record of payment and goods supply: 5 years
- Record of complaints or disputes of consumers: 3 years
- Records on the collection, processing and use of credit information: 3 years
2) Other than required by relevant law or agreed otherwise, we will retain your personal information separately if you do not use the Beflex Service for 1 year or longer. It will be separately stored and managed from the personal information of other users until the period specified by other laws and regulations has elapsed.
3) We will destroy your personal information when personal information becomes unnecessary as its holding period expires, its management purpose is achieved and by any other ground, without delay, except where the personal information must be preserved pursuant to any other Act or subordinate statute.
4) We may retain information after above period only if the information is anonymized. In such case, through the technical processing of personal information, the anonymized information cannot be restored to identify the personal information subject.
10. INTERNATIONAL DATA TRANSFER
1) In principle, the personal information we collect and generate will be stored in the territory of the Republic of Korea.
2) Since we provide products or services through resources and servers all over the world, with your consent, your personal information may be transferred to different countries where you use the product or service.
3) The jurisdictions that we transfer your personal information to may have different data protection laws and do not even have relevant laws in place. In such cases, we will ensure that your personal information is protected adequately. For example, we will ask for your consent to cross-border transfer of personal information or implement data security measures such as marking before cross-border data transfer.
4) Please note that the countries where we operate may have privacy and data protection laws that differ from, and are potentially less protective than, the laws of your country. You agree to this risk when you create a Beflex account and click “I agree” to data transfers, irrespective of which country you live in. If you later decide to withdraw your consent, you can delete your Beflex account as described in Section 7. Your Rights to Access and Control Your Personal Data section.
11. CHILDREN’S INFORMATION
1) Our products, websites and services are mainly for adults. Children cannot create their own user accounts without the consent of their parents or guardians.
2) For the collection of children's personal information with parental consent, we will only use or publicly disclose this information if it is permitted by law, parental or guardian's explicit consent or protection of children is necessary.
3) Although local laws and customs have different definitions of children, we treat anyone under the age of 14 as a child.
4) Persons under the age of 14, or any higher minimum age in the jurisdiction where that person resides, are not permitted to create accounts unless their parent has consented in accordance with applicable law. If we learn that we have collected the personal information of a child under the relevant minimum age without parental consent, we will take steps to delete the information as soon as possible. Parents who believe that their child has submitted personal information to us and would like to have it deleted may contact us.
12. Rights of the Legal Representatives
1) If the User is 14 years old or under, we will ask for a consent from the User and the User’s legal guardian for the provision of Beflex Service that uses personal location information and providing personal location information to a third party.
2) We must gain consent from minors who are 14 years old or under and their legal guardian if their personal location information or data confirming the use and provision of location information is used for purposes other than that specified in the Terms and Conditions or notified otherwise. However, the information can be used if the information is reproduced so that the source of the information is unidentifiable and used in statistics, academic research and/or market research.
13. CHANGES TO THIS POLICY
3) Major changes to this policy include, but are not limited to:
A. When there is a major change in our service model. For example, the purpose of processing personal information, the types of personal information handled, the use of personal information, etc.;
B. When we have undergone major changes in ownership structure and organizational structure. Such as business adjustment, bankruptcy mergers and other changes caused by the owner;
C. When there are changes in the main objects of personal information sharing, transfer or public disclosure;
D. When there has been a major change in your rights to participate in the processing of personal information and in the way the information is used;
E. When we are responsible for handling personal information security, the responsible department, contact information, and complaints channel change;
F. The personal information security impact assessment report indicates that there is a high risk.
We will also archive the old version of this policy for your reference.
14. CONTACT US
Address: Room 2120, Changjo B/D,193 Munji-ro, Yuseong-gu, Daejeon 34051, Republic of Korea
We have established a Personal Information Protection Department (or Personal Information Protection Specialist). You can contact them by:
Address: Room 2120, Changjo B/D,193 Munji-ro, Yuseong-gu, Daejeon 34051, Republic of Korea
By selecting 'I agree', you confirm that you have carefully read and understood all terms and conditions of this Privacy Notice, and you hereby give your consent to the collection, use, storage, sharing, disclosure and other processing of your personal information, including your sensitive personal information, in accordance with the terms set forth in this Privacy Notice.