The World Arts Award Organisation (hereinafter referred to as the 'Company') complies with relevant laws such as the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (hereinafter referred to as the 'Information and Communications Network Act') to protect the information (hereinafter 'Personal Information') of individuals (hereinafter 'Users' or 'Individuals') who use the services the Company intends to provide (hereinafter 'Company Services'), and establishes this Privacy Policy (hereinafter 'this Policy') to promptly and smoothly handle grievances related to the protection of service users' personal information.
In accordance with personal information-related laws and this Policy, the Company may collect users' personal information, and the collected personal information may be provided to a third party only with the individual's consent. However, if legally compelled by regulations, the Company may provide the collected user's personal information to a third party without prior consent from the individual.
1. The Company discloses this Policy through the first screen of the company homepage or a connected screen from the first screen so that users can easily check it at any time.
2. When disclosing this Policy in accordance with Paragraph 1, the Company uses font size, color, etc., to enable users to easily check this Policy.
1. This Policy may be amended according to changes in personal information-related laws, guidelines, notices, or the policies or contents of the government or Company Services.
2. When the Company amends this Policy in accordance with Paragraph 1, it will announce it through one or more of the following methods:
a. Announcement through the notice board on the first screen of the internet homepage operated by the Company or through a separate window.
b. Notifying users by written form, fax, e-mail, or similar methods.
3. The Company will make the announcement under Paragraph 2 at least 7 days before the effective date of the amendment to this Policy. However, in case of important changes to user rights, it will be announced at least 30 days in advance.
When the consent of a legal guardian is required, the Company collects the following information to obtain the legal guardian's consent:
1. Required Information: Guardian's name and relationship to the individual.
The Company collects the following information to provide its services to users:
1. Required Information: Email address, name, date of birth, and contact number.
2. Optional Information: Curriculum Vitae (CV).
The Company collects the following information for statistics/analysis of user service use and for the verification/analysis of fraudulent use. (Fraudulent use refers to acts of illegally or improperly obtaining economic benefits such as services and event benefits provided by the Company, such as repeatedly re-using the service after suspension, re-participating after disqualification, acts prohibited by the terms of use, and illegal acts such as identity theft.)
1. Required Information: Service usage records, cookies, access information, and device information.
The Company collects information as follows:
1. Purpose of Collection: Payment of prize money to winners and tax processing.
2. Collected Information: Information for prize money payment and tax processing (account information, copy of ID card, etc.).
The Company collects users' personal information in the following ways:
1. A method where the user enters their personal information on the Company's homepage.
2. A method where the user enters their personal information through services other than the homepage provided by the Company, such as future applications.
3. A method of entering personal information through the Company's application form.
4. A method where the user enters information in the course of using the Company's services, such as counseling at the customer center or activities on the bulletin board.
The Company uses personal information in the following cases:
1. When necessary for company operations, such as delivering notices.
2. For service improvement for users, such as responding to inquiries and handling complaints.
3. To provide the Company's services.
4. For imposing usage restrictions on users or participants who violate laws and company terms, and for preventing and sanctioning acts that interfere with the smooth operation of the service, including fraudulent use.
5. For marketing purposes, such as event and promotion announcements.
6. For demographic analysis, and analysis of service visits and usage records.
The Company entrusts the processing of personal information as follows for the smooth provision of services and effective business processing:
1. Entrustment to Google for receiving competition application forms and inquiries, and for the operation and maintenance of related systems, until the termination of the entrustment contract or the completion of service provision.
2. Entrustment to Eximbay for processing participation fee payments and preventing payment fraud, for the retention period stipulated by relevant laws such as the Act on Consumer Protection in Electronic Commerce, etc.
1. The Company retains and uses the user's personal information for the period necessary to achieve the purpose of collecting and using the personal information.
2. Notwithstanding the preceding paragraph, the Company's internal policy retains records of fraudulent service use for up to one year from the time of disqualification or termination of the user contract to prevent fraudulent registration and use.
The Company retains and uses personal information as follows in accordance with relevant laws:
1. Information and retention period under the Act on Consumer Protection in Electronic Commerce, etc.
a. Records on contracts or subscription withdrawal: 5 years
b. Records on payment and supply of goods: 5 years
c. Records on consumer complaints or dispute resolution: 3 years
d. Records on display/advertisement: 6 months
2. Information and retention period under the Communications Secrets Protection Act
a. Website log records: 3 months
3. Information and retention period under the Electronic Financial Transactions Act
a. Records on electronic financial transactions: 5 years
4. Act on the Protection and Use of Location Information
a. Records on personal location information: 6 months
In principle, the Company destroys the user's personal information without delay when it is no longer needed, such as when the purpose of processing personal information has been achieved or the retention/use period has expired.
1. Information entered by the user for participation applications, etc., is transferred to a separate DB (or a separate filing cabinet in the case of paper) after the purpose of processing personal information is achieved and is stored for a certain period according to internal policies and other relevant laws for information protection reasons (see retention and use period) before being destroyed.
2. The Company destroys personal information for which a reason for destruction has occurred after obtaining approval from the personal information protection manager.
The Company deletes personal information stored in electronic file format using a technical method that cannot reproduce the record, and personal information printed on paper is destroyed by shredding or incineration.
1. When transmitting commercial advertising information using electronic transmission media, the Company obtains the user's explicit prior consent. However, prior consent is not obtained in any of the following cases:
a. When the Company, having collected the contact information directly from the recipient through a transaction of goods, etc., intends to transmit commercial advertising information of the same type of goods, etc., that the Company processed and transacted with the recipient, within 6 months from the date the transaction ended.
b. When a telemarketer under the 「Act on Door-to-Door Sales, Etc.」 notifies the recipient of the source of personal information collection by voice and makes a telemarketing call.
2. Notwithstanding the preceding paragraph, if the recipient expresses an intention to refuse reception or withdraws prior consent, the Company will not transmit commercial advertising information and will inform the recipient of the processing results of the refusal and withdrawal of consent.
3. When transmitting commercial advertising information using electronic transmission media between 9 PM and 8 AM the next day, the Company obtains separate prior consent from the recipient, notwithstanding Paragraph 1.
4. When transmitting commercial advertising information using electronic transmission media, the Company specifically states the following in the advertising information:
a. Company name and contact information
b. Indication of matters concerning the expression of intention to refuse reception or withdraw consent.
5. When transmitting commercial advertising information using electronic transmission media, the Company does not take any of the following measures:
a. Measures to evade or interfere with the recipient's refusal of reception or withdrawal of consent for advertising information.
b. Measures to automatically generate the recipient's contact information, such as a phone number or e-mail address, by combining numbers, symbols, or letters.
c. Measures to automatically register a phone number or e-mail address for the purpose of transmitting commercial advertising information.
d. Various measures to conceal the identity of the sender of the advertising information or the source of the advertisement transmission.
e. Various measures to induce a response from the recipient by deception for the purpose of transmitting commercial advertising information.
1. Users and their legal guardians can view or modify their registered personal information at any time and can request the withdrawal of consent for the collection of personal information.
2. To withdraw consent for the collection of their registration information, users and their legal guardians should contact the personal information protection manager or the person in charge by mail, phone, or e-mail, and the Company will take action without delay.
1. Users can request correction of errors in their personal information through the methods of the preceding article.
2. In the case of the preceding paragraph, the Company will not use or provide the personal information until the correction is completed, and if incorrect personal information has already been provided to a third party, the correction result will be notified to the third party without delay so that the correction can be made.
1. Users must keep their personal information up-to-date, and the user is responsible for any problems arising from the input of inaccurate information.
2. Applying for participation by stealing another person's personal information may result in disqualification or punishment under relevant personal information protection laws.
3. Users are responsible for maintaining the security of their e-mail address, password, etc., and cannot transfer or lend them to a third party.
In processing users' personal information, the Company devises necessary technical and managerial protective measures to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged.
Personal information that has been terminated or deleted at the request of the user or legal guardian is processed as specified in the "Retention and Use Period of Personal Information" collected by the Company and is processed so that it cannot be viewed or used for other purposes.
The user's password is stored and managed with one-way encryption, and confirmation and changes to personal information can only be made by the person who knows the password.
1. The Company does its best to prevent the leakage or damage of users' personal information due to hacking, computer viruses, or other intrusions into the information and communication network.
2. The Company uses the latest antivirus programs to prevent the leakage or damage of users' personal information or data.
3. The Company does its best to ensure security by using an intrusion prevention system in preparation for any eventuality.
4. The Company ensures that sensitive personal information (if collected and held) can be transmitted securely over the network through encrypted communication, etc.
The Company limits the number of staff handling personal information to a minimum and emphasizes compliance with laws and internal policies through managerial measures such as education for personal information processors.
When the Company becomes aware of the loss, theft, or leakage (hereinafter "leakage, etc.") of personal information, it will notify the relevant user of all of the following matters without delay and report to the Korea Communications Commission or the Korea Internet & Security Agency:
1. The items of personal information that were leaked, etc.
2. The time when the leakage, etc., occurred.
3. Measures the user can take.
4. Response measures of the information and communication service provider, etc.
5. The department and contact information where users can file for counseling, etc.
Notwithstanding the preceding article, if there is a valid reason, such as not knowing the user's contact information, the Company may take measures to substitute the notice of the preceding article by posting on the Company's homepage for 30 days or more.
1. The Company will not enter into an international contract that contains provisions violating relevant laws such as the Personal Information Protection Act regarding the user's personal information.
2. The Company obtains the user's consent to provide (including cases of being viewed), entrust processing of, or store (hereinafter "transfer") the user's personal information abroad. However, if all of the matters in each item of Paragraph 3 of this Article are disclosed in accordance with relevant laws such as the Personal Information Protection Act or notified to the user by a method prescribed by presidential decree, such as e-mail, the consent procedure for the entrustment of processing and storage of personal information may be omitted.
3. To obtain consent under the main text of Paragraph 2 of this Article, the Company must notify the user of all of the following matters in advance:
a. The items of personal information to be transferred.
b. The country to which the personal information is transferred, the date and time of transfer, and the method of transfer.
c. The name of the person receiving the personal information (in the case of a corporation, its name and the contact information of the information management manager).
d. The purpose of use and the retention/use period of the personal information by the person receiving it.
4. When transferring personal information abroad with consent under the main text of Paragraph 2 of this Article, the Company takes protective measures as prescribed by relevant laws such as the Presidential Decree of the Personal Information Protection Act.
1. The Company uses an automatic personal information collection device (hereinafter 'cookie') that stores and frequently retrieves usage information to provide individual customized services to users. A cookie is a small amount of information that the server (http) used to operate the website sends to the user's web browser (including PC and mobile) and is sometimes stored in the user's storage space.
2. Users have the option to install cookies. Therefore, users can allow all cookies, confirm each time a cookie is saved, or refuse to save all cookies by setting options in their web browser.
3. However, if you refuse to store cookies, you may have difficulty using some of the Company's services that require login.
You can set cookie permission, cookie blocking, etc., through web browser option settings.
1. Edge: Settings menu in the upper right corner of the web browser > Cookies and site permissions > Manage and delete cookies and site data
2. Chrome: Settings menu in the upper right corner of the web browser > Privacy and security > Cookies and other site data
3. Whale: Settings menu in the upper right corner of the web browser > Privacy > Cookies and other site data
1. The Company has designated the relevant department and personal information protection manager as follows to protect users' personal information and handle complaints related to personal information.
a. Personal Information Protection Manager
1) Name: Seyun Nam
2) Position: CEO
3) Phone Number: 010-5030-1711
4) Email: waao.manager@gmail.com
1. The data subject may apply for dispute resolution or counseling to the Personal Information Dispute Mediation Committee, the Korea Internet & Security Agency's Personal Information Infringement Report Center, etc., to receive relief for personal information infringement. For other reports and counseling on personal information infringement, please contact the following organizations:
a. Personal Information Dispute Mediation Committee: (without area code) 1833-6972 (www.kopico.go.kr)
b. Personal Information Infringement Report Center: (without area code) 118 (privacy.kisa.or.kr)
c. Supreme Prosecutors' Office: (without area code) 1301 (www.spo.go.kr)
d. National Police Agency: (without area code) 182 (ecrm.cyber.go.kr)
2. The Company guarantees the data subject's right to self-determination of personal information and strives for counseling and damage relief for personal information infringement. If you need to report or consult, please contact the department in charge in Paragraph 1.
3. A person whose rights or interests have been infringed by a disposition or omission made by the head of a public institution in response to a request under Article 35 (Reading of Personal Information), Article 36 (Correction/Deletion of Personal Information), and Article 37 (Suspension of Processing of Personal Information, etc.) of the Personal Information Protection Act may file an administrative appeal as prescribed by the Administrative Appeals Act.
a. Central Administrative Appeals Commission: (without area code) 110 (www.simpan.go.kr)
Article 1 This policy will be effective from November 29, 2025.