Smart ID Card Privacy Policy

This privacy policy (“Privacy Policy”) governs how Smart ID Card (“us”, “we” or “our”) collects, uses and shares personal information about you that we collect from you, or that you provide to us. It covers personal information that could identify you and information that could not (collectively “Personal Information”). In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on data.

We understand that the privacy of your Personal Information is important to you. Therefore, only information that is described in this Privacy Policy shall be collected and used in a manner, which is consistent with our obligations and your rights under the applicable law.

Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of our Privacy Policy is deemed to occur upon your first use of our products and services. We refer to (i) all products and services offered by us on our website and mobile app, including its content and functionality, and (ii) our devices installed with our software; as the “Services.” If you do not accept and agree with this Privacy Policy, please refrain from using and/or accessing the Services immediately.

Personal Information we collect

When you visit or use our Services, we collect and retain information from three sources:

(i)       Personal Information you provide to us voluntarily;

(ii)      Personal Information we collect automatically; and

(iii)     Personal Information we receive passively about you from your device, browser and/or third parties.

The Personal Information we may collect includes the following:

  • Information about your use of our Services. This may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your use. The source of this data is obtained from our analytics tracking system, which is processed for the purposes of analysing your use of our Services.
  • Information pertaining to your personal data, namely your first name, last name, title, email address, and any other identifiers. This data may be processed for the purposes of operating and providing our Services, ensuring the security of our Services, maintaining back-ups of our databases and communicating with you.
  • Information contained in any enquiry you submit to us regarding our Services. This data may be processed for the purposes of offering, marketing and selling relevant Services to you.
  • Information relating to transactions, including purchases of the Services, that you enter into with us and/or through our website. This transaction data may include your contact details, your card details and communications to and from you as well as data about the Services you have subscribed for. The transaction data may be collected for the purpose of supplying the purchased Services and keeping proper records of those transactions.
  • Information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters. This notification type data may be collected for the purposes of sending you the relevant notifications and/or newsletters.
  • Any of your personal data identified in this Privacy Policy may be collected and/or processed where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
  • Any of your personal data identified in this Privacy Policy may be collected and/or processed where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice.

In addition to the specific purposes, listed above, we may also collect and/or process any of your Personal Information where such collection and/or processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

How we use your Personal Information

Our use of your Personal Information will always have a lawful basis, being either that (i) we have a contractual obligation with you or (ii) because you have consented to the our use of your Personal Information or (iii) for our legitimate interests or (iv) we have a legal obligation to divulge your Personal Information. More specifically, we may use your Personal Information for the following purposes:

(i)      Data we process because we has a contractual obligation with you:

When you create an account on our website and/or mobile app and subscribe to our Services, or otherwise agree to our terms and conditions (the “Terms”), a contract is formed between you and us. In order to carry out our obligations under that contract we must process the Personal Information you provide to us. We may use your Personal Information to: verify your identity for security purposes; sell Services to you; and/or provide you with our Services. We shall continue to process your Personal Information until the contract between us ends or is terminated by either party under the Terms.

(ii)     Personal Information we process with your consent:

Through certain actions when otherwise there is no contractual relationship between us, such as when you browse our website and mobile app or ask us to provide you with more information about our Services, you provide your consent for us to process your Personal Information. Wherever possible, we aim to obtain your explicit consent to process this Personal Information. We may continue to process your Personal Information on this basis until you withdraw your consent. You may withdraw your consent at any time by sending us an email at [privacy@smartidcard.com]. However, if you do so, please note that you may not be able to use our Services further.

(iii)    Personal Information we processes for the purposes of legitimate interests:

We may process Personal Information on the basis that there is a legitimate interest (for example, for recordkeeping purposes, obtaining insurance and professional advice, etc.) either to you or to us. Where we processes your Personal Information on this basis, we shall do so after having given careful consideration to: whether the same objective could be achieved through other means; whether processing (or not processing) might cause you harm; and whether you would expect us to process your Personal information, and whether you would, consider it reasonable to do so.

(iv)    Personal Information we process because we have a legal obligation:

We may have to process your Personal Information in order to comply with a statutory obligation. For example, we may be required to give Personal Information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.

Providing your Personal Information to Third Parties

We may disclose your Personal Information to our insurers and/or professional advisers and/or our third party service providers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage; managing risks; obtaining professional advice; or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure; or for the purposes of communicating with you.

SMART ID CARD AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY OF THE INFORMATION CONTAINED IN THE DOCUMENTS AND RELATED GRAPHICS PUBLISHED AS PART OF THE SERVICES FOR ANY PURPOSE. ALL SUCH DOCUMENTS, SERVICES AND RELATED GRAPHICS ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. SMART ID CARD AND/OR ITS RESPECTIVE SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION, INCLUDING ALL WARRANTIES AND CONDITIONS OF MERCHANTABILITY, WHETHER EXPRESS, IMPLIED OR STATUTORY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT.

YOU ACKNOWLEDGE THAT THE DOCUMENTS AND RELATED GRAPHICS PUBLISHED ON THE SERVICES COULD INCLUDE (I) TECHNICAL INACCURACIES OR TYPOGRAPHICAL ERRORS AND (II) CHANGES, WHICH ARE PERIODICALLY MADE TO THE SERVICES AND/OR THE DOCUMENTS HEREIN.

Information from Third Parties

We may collect or receive information that third-party service providers may provide about you when using our Services, or obtain information from other sources and combine that with information we collect through the Services. The following information is collected and/or obtained from third parties:

  • Analytics: We use certain analytical tools, including but not limited to Google Analytics, Facebook Business Manager, MailChimp, and/or Chatbot so as to help us analyse how users use our website, mobile app and the Services by noting: when you use our website, mobile app and the Services, the events that occur within our website, mobile app and the Services, and to further analyse usage data and performance data. The information collected will be disclosed to or collected directly by the applicable analytical tool we are using.  Such information is collected as a means to provide, improve, and develop our website, mobile app and the Services we offer, so as to create a safer and trusted environment when you use our website, mobile app and the Services; and to improve our advertising and marketing initiatives / campaigns.

 

In addition to the specific disclosures of Personal Information as set out above, we may disclose the information you have provided to us and information that is automatically collected:

  • as required by law, such as to comply with a subpoena, or similar legal process; and/or

 

when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Securing and Storing your Personal Information

We understand that the security of your personal information is important. We therefore provide appropriate administrative, technical, and physical security controls to protect your Personal Information. We use appropriate security measures on our websites, mobile apps and in our Services to protect against the loss, misuse, and alteration of the information in our control. These security measures include use of Secure Socket Layer, firewalls, intrusion detection and prevention, network monitoring, physical and site security, encryption, and passwords.

However, the Internet is an open environment and information may flow across various networks, some of which employ inadequate security measures, resulting in unauthorised access to information. Transmission of such information is therefore entirely at your own risk. While it is impossible to protect a website, mobile app or an online product or service completely, we work hard to keep your information safe.

If a password is used to help protect your accounts and Personal Information, it is your responsibility to keep your password confidential. Do not share this information with anyone. If you are sharing a computer with anyone, you should always log out before leaving a site or service to protect access to your information from subsequent users.

International transfers of your Personal Information

If you are from the European Economic Area (EEA), the Personal information that we collect from you, may be transferred to, and processed by our service providers who are located outside the EEA for the purposes described under this Privacy Policy.

The hosting facilities for our website and mobile app are situated in the Republic of Korea, France and the United States of America. The European Commission has made an “adequacy decision” with respect to the data protection laws of each of these countries. The transfer of Personal Information to each of these countries will be protected by appropriate safeguards, namely the use of standard data protection clauses as adopted and approved by the European Commission, namely, the EU General Data Protection Regulation (“GDPR”).

We have taken all reasonable steps to ensure that your Personal Information is treated as safely and securely as it would be within the Republic of Korea, France and the United States of America including but not limited to, complying with the same laws that are in place within the European Union to your data security; and only using verified security-hosting companies who have the applicable security and safety measures in place.

Retention and Deletion of Personal Information

All Personal Information is stored for no longer than is necessary and used for only the purpose it was intended for when first collecting the Personal Information. By your use of the Services, you are deemed to accept and agree to the former.

Notwithstanding the above paragraph, we may retain your Personal Information where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Your Rights

Your principal rights under the GDPR and relevant data protection laws include the following:

(i)      The right to access – you can ask for copies of your Personal Information;

(ii)     The right to rectification – you can ask us to rectify inaccurate Personal Information and to complete incomplete Personal Information;

(iii)    The right to erasure – you can ask us to erase your Personal Information;

(iv)    The right to restrict processing – you can ask us to restrict the processing of your Personal Information;

(v)     The right to object to processing – you can object to the processing of your Personal Information;

(vi)    The right to data portability – you can ask that we transfer your Personal Information to another organisation or to you;

(vii)   The right to complain to a supervisory authority – you can complain about our processing of your Personal Information; and

(viii)  The right to withdraw consent – to the extent that the legal basis of our processing of your Personal Information is consent, you can withdraw that consent.

You may exercise any of your rights in relation to your Personal Information by written notice to us, using the contact details set out below.

Cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Cookies do not typically contain any information that personally identifies a user, but personal data that we store about you may be linked to the information stored in and obtained from cookies.

We use cookies for the following purposes:

(i)      Authentication and status – we use cookies to identify you when you visit and navigate through our website and mobile app, and to determine if you are logged into the website and mobile app;

(ii)     Personalisation – we use cookies to store information about your preferences and to personalise our website and mobile app for you;

(iii)    Security – we use cookies as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website, mobile app and the Services;

(iv)    Advertising – we use cookies to help us to display advertisements that will be relevant to you;

(v)     Analysis – we use cookies to help us to analyse the use and performance of our website, mobile app and the services; and

(vi)    Cookie consent – we use cookies to store your preferences in relation to the use of cookies more generally.

We may from time to time use cookies which are placed by software operated by third parties such as Google Analytics, Google AD code, Facebook tracking code, MailChimp and Chatbot whose services we use to collect information about your activity on our website and mobile app.

When you first visit our website and mobile app, we may ask you to confirm whether you wish that we use cookies. If you choose not to accept them, we shall not use them for your visit except to record that you have not consented to their use for any other purpose. However, please note that should you choose not to use cookies or you prevent their use through your browser settings, you might not be able to use all the functionality on our website and mobile app.

Privacy of Children

We do not sell our Services for purchase by children, nor do we market to children. If you are under 18 years of age, you may use our Services only with the consent of a parent or guardian. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at privacy@smartidcard.com. We will delete such information from our files within a reasonable time.

Amendments to this privacy Policy

We reserve the right to modify this Privacy Policy at any time. We may update this Privacy Policy from time to time by publishing a new version on our website and/or mobile app. You should check this page occasionally to ensure you are happy with any changes to this Privacy Policy. Your continued use of any portion of this website and/or mobile app after the “last update” date, which is the effective date of any such changes, will constitute your acceptance of those changes. Please check our website and/or mobile app for the most current version.

Contact Details

We welcome any queries, comments or requests you may have regarding this Privacy Policy. If you wish to contact us, you can do so via email, using privacy@smartidcard.com.

For European Union citizens, you can reach our Data Protection Officer at privacy@smartidcard.com.

Effective Date: 27th September 2019

Severability

If any of the provisions or portions of these ToU are held to be invalid under any applicable statute or rule of law, they are to that extent deemed to be omitted from these ToU without in any way invalidating or impairing the other provisions of these ToU.

Applicable law

These ToU, and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims), shall be governed by, and construed in accordance with the Republic of Korea law, and the parties irrevocably submit to the exclusive jurisdiction of the courts of Seoul, Republic of Korea.

Entire agreement

These ToU constitute the entire agreement between you and Smart ID Card as it relates to the Website, Software Products and the Services, and supersedes all oral or written proposals, and all communications between the parties relating to its subject-matter.

Contact Us

Should you have any questions concerning this Agreement, you may contact us at:

Phone:           +82 2 6925 0471

Address:        Namsung Plaza 13F GeumChen-Gu, Seoul, Republic of Korea.

Email:             legal@smartidcard.com