Notifications
Back

Please leave your inquiry and Our manger contact you as soon as possible.

Refusal to collect email addresses from Fittrix without permission

The collection of email addresses posted on this website using email collection programs or other technical devices is prohibited. Violators may be subject to penalties under the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.

Posted on: 2023.11.01

Fittrix Inc. (hereinafter referred to as the "Company") complies with the provisions of the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Personal Information Protection Act, and other related laws and regulations regarding personal information protection that information and communications service providers must comply with. The Company is committed to protecting user rights by establishing a personal information processing policy in accordance with relevant laws and regulations. This personal information processing policy (hereinafter referred to as "this policy") applies to the use of all related services provided by the Company through Fittrix FX and the mobile app (hereinafter referred to as "Services") and contains the following contents.
This policy may be amended due to changes in laws, notices, or the Company's terms and internal policies. If amended, the Company will post the changes on the service screen or notify users. Users can refuse to consent to the collection, use, provision, and consignment of personal information. However, if the user refuses to consent, they may not be able to use all or part of the Services.
Users are advised to check this policy frequently during service use.

Article 1 (Purpose of Collecting and Using Personal Information)
The Company processes personal information for the following purposes. The processed personal information will not be used for any purpose other than the following, and if the purpose of use is changed, the Company will obtain prior consent.
1. Member Management: Confirmation of user intention to join, identity verification, personal identification, confirmation of intention to join, sanctions for actions that hinder the smooth operation of services and fraudulent use of services, restriction on the number of sign-ups, verification of consent from legal representatives when collecting personal information from children under 14, subsequent verification of legal representatives, handling complaints, various notices and notifications, confirmation of user's intention to withdraw, grievance handling, and record retention for dispute resolution.
2. Providing Goods or Services: Processing personal information for service provision, content provision, customized service provision, identity verification, and delivery of products and prizes.
3. Utilizing for New Service Development, Marketing, and Advertising: Processing personal information for new service development, customized service provision, advertising based on statistical characteristics, provision and participation opportunities for event and advertising information, partnership service introduction, service effectiveness verification, access frequency analysis, and statistics on users' service usage.

Article 2 (Items of Personal Information Collected)
The Company processes the following personal information items:
1. Name, profile image, profile thumbnail URL, email, gender, date of birth (required for membership registration)
2. Mobile phone number (required for membership registration)
3. Name, address, mobile phone number, body size (required for point shop product purchase or prize delivery services)
4. Email, phone number, social ID (used for new service development, marketing, and advertising)
5. Service usage records (access time, types and number of exercises performed), access logs, cookies, access IP information (required for service improvement)
6. FX usage data (FX health and exercise information, required for service)
7. Mobile phone number (required for health and exercise information KakaoTalk transmission service)
8. Email address (required for health and exercise information email transmission service)
9. Height, weight, exercise goals, interests (used for new service development)

Article 3 (Methods of Collecting Personal Information)
1. The Company collects personal information through the following methods:
a. Membership registration for the service
b. Provided directly by the user during identity verification
c. Provided directly by the user when subscribing to content or entering prize contests
d. Collected through generated information collection tools
e. Provided directly by the user during paid service refunds
2. The Company collects the minimum necessary personal information required for the establishment and performance of service usage contracts through lawful and fair methods, and provides information on the consent to collect and use personal information before collecting information that can personally identify the user and obtains consent.
3. The Company automatically collects information related to service usage records during the service usage process.

Article 4 (Retention Period of Personal Information)
1. The retention period for users' personal information is 2 years, and in principle, the personal information is destroyed without delay once the purpose of collection and use is achieved. However, according to the Company's internal policies, if a customer withdraws or is expelled, the Company retains personal information for 1 year from the date of termination of the usage contract to prevent abuse of rights, misuse, various disputes, and cooperation with investigations.
2. The Company retains user information for a certain period as specified by relevant laws such as the Commercial Act and the Act on the Consumer Protection in Electronic Commerce, etc. In such cases, the Company separates the stored information and uses it only for the purpose of retention, and the retention period is as follows:
a. Personal information related to service usage (login records)
Retention basis: Communications Secret Protection Act
Retention period: 3 months
b. Records related to display/advertising
Retention basis: Act on the Consumer Protection in Electronic Commerce, etc.
Retention period: 6 months
c. Records related to contracts or withdrawal of offers, etc.
Retention basis: Act on the Consumer Protection in Electronic Commerce, etc.
Retention period: 5 years
d. Records related to payment and supply of goods, etc.
Retention basis: Act on the Consumer Protection in Electronic Commerce, etc.
Retention period: 5 years
e. Records related to consumer complaints or dispute resolution
Retention basis: Act on the Consumer Protection in Electronic Commerce, etc.
Retention period: 3 years
f. Records related to electronic financial transactions
Retention basis: Electronic Financial Transactions Act
Retention period: 5 years

Article 5 (Sharing and Provision of Personal Information)
1. The Company uses personal information within the scope notified in Article 1 (Purpose of Collecting and Using Personal Information) and does not, in principle, disclose users' personal information to external parties without prior consent. However, the following cases are exceptions where personal information may be used and provided with caution:
a. When the user has given prior consent
b. When necessary for the settlement of service fees
c. When required by law or requested by investigative authorities in accordance with legal procedures and methods
d. When necessary within the scope recognized as unavoidable for performing tasks stipulated by law for public institutions
e. When providing information to advertisers, partners, or research organizations in a way that does not identify individuals for statistical, academic research, or market research purposes

Article 6 (Entrustment of Personal Information Processing)
1. The Company specifies in writing, such as in contracts, the prohibition of processing personal information for purposes other than the purpose of performing entrusted tasks, technical and managerial protection measures, restrictions on re-entrustment, management and supervision of the trustee, and liability for damages in accordance with Article 25 of the Act on Promotion of Information and Communications Network Utilization and Information Protection when concluding an entrustment contract, and supervises whether the trustee safely processes personal information.
2. The entrusted institutions and the details of the entrusted tasks are as follows:
a. Trustee: Microsoft
- Entrusted task: Cloud services
- Retention period of personal information: Until the user requests deletion or the termination of the entrustment contract
b. Trustee: Naver Business
- Entrusted task: Sending emails, notification messages, and text messages
- Retention period of personal information: Until the user withdraws or the termination of the entrustment contract
3. If the content or trustee of the entrusted tasks is added or changed, the Company will disclose it through this personal information processing policy and obtain users' consent if necessary.

Article 7 (Rights of Users and Legal Representatives)
1. The Company protects the rights of users as follows:
a. Users can view and modify their personal information at any time.
b. Users can withdraw consent to the provision of personal information or request membership cancellation at any time.
c. When users request access, proof, or correction of their personal information, the Company will not use or provide the personal information until the correction or deletion is completed. If the Company finds that there is a need to correct or delete personal information due to errors or the expiration of the retention period, it will take action without delay.
2. The Company guarantees the following rights to legal representatives of users under 14 years old:
a. Legal representatives can withdraw consent to the collection, use, or provision of personal information of users under 14 years old and request access or correction of the provided personal information. (Rights to access, correct, delete, and suspend processing of personal information of children)
b. When a legal representative of a user under 14 years old requests access, proof, or correction, the Company may request proof of the representative relationship to verify the authenticity of the legal representative.

Article 8 (Procedures and Methods for Destroying Personal Information)
1. In principle, the Company destroys personal information without delay once the purpose of collection and use is achieved. However, the Company retains information for the period specified by relevant laws or internal policies such as the Act on the Consumer Protection in Electronic Commerce, the Electronic Financial Transactions Act, the Communications Secret Protection Act, etc.
2. If the retention period of personal information agreed upon by the user has expired or the purpose of processing has been achieved, the Company transfers the personal information to a separate database (DB) or stores it in a different location for continued retention as required by other laws.
3. The Company also processes destruction in accordance with this Article when the user directly requests information modification or deletion or requests membership cancellation as explained in Article 6 (Entrustment of Personal Information Processing).
4. Personal information inputted for temporary purposes such as surveys, events, and identity verification is destroyed in the same manner after achieving the purpose.
5. The Company securely processes users' personal information and prevents leakage by destroying personal information as follows:
a. Personal information printed on paper is destroyed by shredding or incineration.
b. Personal information stored in electronic file form is deleted using technical methods that make the record unrecoverable.

Article 9 (Technical and Managerial Measures for Personal Information Protection)
The Company takes the following measures to ensure the security of users' personal information against loss, theft, leakage, alteration, or damage:
1. Technical measures: network separation, password management, installation of security programs, access control system installation, and management of access rights to personal information processing systems.
2. Managerial measures: establishment and implementation of internal management plans, regular education of personal information handlers, minimization of personal information handlers, and obtaining security pledges.

Article 10 (Installation, Operation, and Rejection of Automatic Personal Information Collection Devices)
1. The Company uses "cookies" to provide specialized customized services to members and make the service more convenient for members. A cookie is a small amount of information sent by the server (HTTP) used to operate the website to the user's computer browser and stored on the user's PC, etc.
2. Users have the option to install cookies. Therefore, users can choose to allow all cookies, check each time a cookie is stored, or reject all cookies by adjusting the options in the web browser they use.
However, refusing to store cookies may cause difficulties in using customized services.
a. For Internet Explorer, you can select whether to allow cookies through the [Tools > Internet Options > Privacy > Advanced] menu in the web browser.
b. For Chrome, you can select whether to allow cookies through the [Settings > Privacy and Security > Cookies and other site data > Options] menu in the web browser.
c. For Safari, you can select whether to allow cookies through the [Safari] > Preferences > Security] menu in the menu bar at the top left of MacOS.

Article 11 (Collection of Opinions and Complaint Handling Regarding Personal Information)
The Company collects users' opinions regarding personal information protection and prepares all procedures and methods to handle complaints. Users can report complaints through the phone or email of the personal information protection officer and manager mentioned in Article 12, and the Company will provide prompt and sufficient answers to users' complaints.

Article 12 (Personal Information Protection Officer and Manager's Affiliation - Name and Contact Information)
1. The Company does its best to ensure that you can use good information safely. The personal information protection officer is responsible for any accidents that contradict the matters notified to you regarding personal information protection.
2. Users are responsible for maintaining the security of their ID and password related to their personal information. The Company never directly asks users for their password in any way, so please be careful not to let others know your password. Especially when accessing online in public places, be extra cautious.
3. The Company has designated a personal information protection officer and manager to handle opinions and complaints regarding personal information, and the contact information is as follows:
Personal Information Protection Officer: Director Taejang Park (tj@fittrix.io)
Personal Information Protection Manager: Manager Seunghwan Lee (shlee@fittrix.io)

Article 13 (Exclusion of Application of Personal Information Processing Policy)
The Company may provide links to other companies' websites or materials through the website. In this case, the Company has no control over external sites and materials and does not apply the Company's "Personal Information Processing Policy" to their acts of collecting personal information. Therefore, when clicking on a link included in the Company to move to another site's page, please check the privacy policy of the newly visited site.

Article 14 (Methods of Redress for Infringement of Rights)
Users can inquire about remedies for personal information infringement, consultation, etc. with the following institutions:
The following institutions are separate from the Company, and if you are not satisfied with the Company's own personal information complaint handling and damage relief results or need more detailed help, please inquire:
1. Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
Jurisdiction: Reporting personal information infringement facts / applying for consultation
Website: privacy.kisa.or.kr
Phone: (no area code) 118
Address: (58324) Korea Internet & Security Agency, 9 Jinheung-gil, Naju, Jeollanam-do
2. Personal Information Dispute Mediation Committee Secretariat
Jurisdiction: Applying for personal information dispute mediation, collective dispute mediation
Website: www.kopico.go.kr
Phone: 1833-6972
Address: 12th floor, Government Complex Seoul, 209 Sejong-ro, Jongno-gu, Seoul (Personal Information Protection Committee)
3. Supreme Prosecutors' Office Cyber Crime Investigation Division: area code+1301 (www.spo.go.kr)
4. National Police Agency Cyber Security Bureau: Police Civil Affairs Call Center 182 (https://ecrm.police.go.kr/minwon/main)

Article 15 (Obligation to Notify Before Amendment)
If the personal information processing policy is changed, the Company will notify in advance through the Fittrix app or website (https://fittrix.io) under "Notices".

Addendum
This policy is effective from January 1, 2023.
Submit