Platform enjoyed by all.
Kona I platform connects various worlds and enhances the value of life.

Privacy Policy

KONA I Co., Ltd. (Hereinafter the “Company”) values the personal information of users and complies with privacy regulations of relevant statutes such as the Personal Information Protection Act. The Company makes its privacy policy available to be viewed via the Company website, among other channels, at all times and, in the event of any revision to the privacy policy, the Company will provide notification regarding the rationale and modifications via an announcement or individual notifications on its website in accordance with the procedures prescribed under relevant statutes.

  • Article 1 (Personal Information Collected and Method of Collection)


  • The Company collects the minimal personal information necessary for the provision of the following services:


    • 1. Collected items

      • ① Required items: Name, mobile number, email address, and company name
      • ② Optional items: Affiliation and position

    • 2. Collection method: Collected via the inquiry menu for the KONA CARD and partnership on the website



  • Article 2 (Purpose of Collection and Use of Personal Information)


  • The Company uses the collected personal information for the following purposes:


    • 1. Notification of inquiry results for the KONA CARD

    • 2. Notification of inquiry results for partnership


  • Article 3 (Provision of Personal Information to Third Parties)


  • The Company uses the personal information of users within the scope delineated under Article 2 (Purpose of Collection and Use of Personal Information) above, and, in principle, the Company does not use the information outside of this described scope nor does it provide such information to any external agency without grounds for such provision according to relevant laws or the prior consent the user.


    • ① Partnerships

    • The Company may provide or share the personal information of users to external subcontractors (hereinafter referred to as “Partners”) so as to render better services to users. In the event that the personal information will be provided or shared, the Company will first obtain prior consent from users via electronic mail or letter by specifying the Partners that will be receiving the information, the provided items of personal information, the purpose of the personal information use by the Partners, the fact that users have the right to refuse to consent to the information provision, and the disadvantages they may face by refusing to consent. If any alteration occurs to the partnership relationship, the Company will notify or obtain user consent via the same procedure.

    • ② Grounds according to the law

    • If a request is made by an investigatory authority in accordance with the procedures and methods prescribed under the law for investigation purposes or in accordance with the relevant statutes;

    • ③ Transfer of the Company's rights and duties

    • In the event that the rights and duties of the Company are acquired or transferred due to a merger or transfer of the business, the Company shall notify the transfer of personal information in advance under the procedure and method stipulated in the relevant statutes, including the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc., and grant users the right to withdraw their consent to transfer their personal information.


  • Article 4 (Outsourcing the Handling Personal Information)


  • The Company outsources some tasks, which are necessary to provide services, to external Partners (hereinafter referred to as “Outsourcees”), and at the time of an outsourcing contract conclusion, the Company specifies necessary terms and conditions in the contract so as to ensure that personal information is securely handled pursuant to relevant laws, such as the Personal Information Protection Act, and provides supervision to ensure that the Outsourcee securely handles personal information. In the event of any alteration to the details of the outsourced tasks or the Outsourcee itself, the Company shall notify such facts to users without delay via the Privacy Policy posted on the application screen, etc., or via electronic email. As for the outsourcing of giveaway promotional mailing tasks for marketing and events, additional user consent agreements will be obtained in order to handle the information. The tasks currently outsourced are as follows:


    Outsourcee Outsourced tasks Period of retention and use of personal information
    Narae Internet Co., Ltd. 080 ARS block sender Until the termination of relevant services or the outsourcing contract
    humusOn Inc. SMS/email/notification talk transmission Until membership cancellation or the termination of the outsourcing contract
    BGF Networks Co., Ltd. SMS transmission Until membership cancellation or the termination of the outsourcing contract


  • Article 5 (Period of Retention and Use of Personal Information)


  • Subsequent to the fulfillment of the purpose of the collection and use of personal information as consented to by users, the Company shall, as a rule, destroy such information without delay. However, where it is necessary to preserve such information due to internal policies or the provisions in relevant laws, the Company will retain the personal information of users for a certain period provided below:


    • 1. Records regarding use of the inquiry board

      • - Reason(s) for preservation: Internal control of answers to inquiries for Company services
      • - Preservation period: 1 year

    • 2. Website visiting records

      • - Preservation Grounds: Protection of Communications Secrets Act
      • - Preservation period: 3 months


  • Article 6 (Destruction of Personal Information)


  • Subsequent to the fulfillment of the purpose of the collection and use of personal information, the Company shall, as a rule, destroy such information without delay. The procedure and method of destruction are as follows:


    • ① Destruction procedure

    • The information entered by users for service subscriptions, etc., is transferred to a separate database (or a separate filing cabinet for paper documents) subsequent to the fulfillment of their purpose and stored for a certain period, as specified under Article 5, for information protection matters pursuant to the Company's internal policies or other pertinent statutes before they are destroyed. The personal information transferred to a separate database shall not be used for any purpose other than its original retention purpose unless otherwise specified under the law.

    • ② Destruction method

    • Personal information printed on paper is shredded with a shredder or destroyed through incineration. Personal information stored in an electronic file format is deleted using a technical method that does not allow record restoration.


  • Article 7 (Rights of Users and their Legal Representatives and Methods to Exercise Such Rights)


  • ① Users or their legal representatives may access or modify their own personal information of that or minors less than 14 years of age for which they are responsible at any time, and may withdraw their consent to the collection, use, and provision of the personal information via canceling of the service subscription (membership cancellation). However, as the Company only collects and uses essential information necessary to provide services, partial withdrawal of consent is not possible.


  • ② If a user wishes to cancel their subscription, he/she may directly unsubscribe via the “Membership cancellation” menu in the application, and anyone who finds it difficult to unsubscribe directly via the method in question, he/she may contact customer support or the privacy officer via a letter, telephone call, or electronic mail and prompt measures will be enforced without delay.


  • ③ If a user wishes to access or receive information on the status of the user's consent to the collection, use, and provision of personal information, personal information collected via consent, the use of such personal information, or the status of provision to third parties, the Company will take action without delay once the user contacts customer support or the privacy officer.


  • ④ If a user requests the correction of a personal information error, the personal information shall not be used or provided to any third party until the correction is completed. In addition, in the event that incorrect personal information has already been provided to a third party, the Company will notify the third party of the results of the correction without delay to ensure that the correction is made.


  • ⑤ The Company handles personal information that has been canceled or deleted at the request of users or their legal representatives as specified in Article 5 (Period of Retention and Use of Personal Information) and ensures that such information is not accessed or used for any other purposes.



  • Article 8 (Installation and Operation of the Automatic Personal Information Collection Device and Pertinent Rejection)


  • The Company may use cookies that store and retrieve user information from time to time so as to provide personalized and tailored services. A cookie is a very small text file sent to the browser from the server used to operate the service, which is stored on the computer's hard disk or on an internal storage device on other access media (including mobile devices, such as smartphones and tablet PCs). The Company uses cookies for the following purposes, and users may refuse such use via settings.


    • ① Purpose of using cookies, etc.

    • The Company uses cookies to provide customized information to individuals, such as targeted marketing and personalized services, by analyzing users' frequency of access or visiting hours, identifying users tastes and interests, and tracking their traces to determine their degree of participation in various events, and the number of visits made.

    • ② How to reject cookie settings

    • A user has options regarding cookie settings. Users may allow all cookies, check each time a cookie is saved, or reject the storage of all cookies by modifying the option settings. However, if the user refuses to install cookies, he/she may have difficulty using the service.


  • Article 9 (Technical and Administrative Measures to Protect Personal Information)


  • The Company implements the following technical and administrative measures to ensure stability in handling the personal information of users so that the personal information is not lost, stolen, leaked, tampered with, or damaged.


    • ① Encryption of personal information

    • The Company encrypts and stores all fields of personal information in accordance with the relevant laws and the guidelines of relevant administrative agencies.

    • ② Technical measures against hacking, etc.

    • The Company installs and operates intrusion prevention systems and the latest security software to prevent the leakage of users' personal information via hacking of servers, networks, etc.

    • ③ Minimal handling staff and implementation of training

    • In order to minimize the leakage of users' personal information, the Company makes every effort to minimize the number of employees who have access to personal information by limiting them to those in charge, providing regular training on the importance of security, and verifying the implementation of the Privacy Policy and the compliance by personnel in charge so as to immediately modify and correct any issues upon discovery.


  • Article 10 (Privacy Officer and Responsible Department)


  • The Company has designated the following privacy officer and responsible department to protect users’ personal information and handle complaints related to personal information. The Company will take prompt actions and give full answers to any complaints filed by users.


    • ① Privacy officer and responsible department

      • - Officer: Kim Nana
        - Responsible department: Business Strategy Group
        - Telephone No.: +82-2-2168-7520
        - Email: myhan@konai.com

    • ② Privacy infringement reporting and consultation

    • If you need to report or discuss any other personal information infringement related matters, please contact the organization provided below.

      • - Personal Information Infringement Report Center/Personal Information Dispute Mediation Committee (privacy.kisa.or.kr / 118 with no area code)
        - Cybercrime Investigation Division, Supreme Prosecutors’ Office (www.spo.go.kr / 1301 with no area code)
        - Cyber Bureau, National Police Agency (www.ctrc.go.kr / 182 with no area code)


  • Article 11 (Applicable Scope)


    • ① This Privacy Policy is applicable to the scope of services provided by the KONA I website, and the Company's other brand services may be subject to separate privacy policies.

    • ② The Company may expose links to a third party's website, application, or data (hereinafter "Application, etc.”) to the users, but in this case, the Company shall not be held liable for the usefulness of the services and data provided by those links as the Company has no control over the external application, and the said application shall not be subject to this Privacy Policy. If a user clicks on the link to go to a third-party application, the privacy policy for the said Application, etc. is unrelated to the Company, thus we request that you please review the policy of the newly visited Application, etc.


  • Article 12 (Duty to Notify)


    • If any modification is to be made to this Privacy Policy, the Company will provide notification of this fact via an announcement on its website at least seven days prior to the revision. However, in the event of any modification to the Privacy Policy in terms of the collection, use, and third-party provision of personal information in which the change is adverse to users, the Company will notify such modification with a grace period of at least thirty days in advance.

    • - Notified on: January 20, 2020
      - Effective from: February 17, 2020