Privacy Policy
Privacy Policy
Last Updated: 11/13/2024(UTC-7)
This privacy policy ("Policy") describes how COLOSO as Day1 Company Inc.’s CIC ("COLOSO ", "we", "us" or "our") collects, uses, shares and protects the personally identifiable information ("Personal Information") you ("User", "you" or "your") may provide on the COLOSO website and any of its products or services (collectively, "Website" or "Services").
It also describes the choices available to you regarding our use of your Personal Information and how you can access, update and restrict this information. This Policy does not apply to the practices of companies that we do not own or control or to individuals that we do not employ or manage.
This Privacy Policy applies to all users, including both users who are simply viewing the content available via the Servies and users who have registered as members of COLOSO. By using any part of our Websites or our Services, you acknowledge that you have read this Policy and agree to this entire Privacy Policy and any other agreement that governs your use of the Websites and Services.
1. Definitions
Undefined terms in this Privacy Policy have the same definition as in our Terms of Use (“Terms”).
2. Informations of be Collected & Methods of Collection
We collect certain information from you directly and indirectly. The information we directly gather from you would be something like the information you enter yourself, data about your consumption of content, and data from third-party platforms you connect with Coloso. We also collect some data indirectly and automatically, like information about your device and what parts of our Services you interact with or spend time using.
2.1 Personal information items to be collected
Personal information items to be collected by the Company are as follows:
Information provided by the users
a) The Company may collect the information directly provided by the users such as:
b) Information to be collected while the users use services through automated methods The Company may collect the following information in the course that the users use the service provided by the Company such as:
2.2 Methods of Collection
The Company collects the information of users in the following ways:
Provided by you: Webpage, written form, fax, telephone calling, e-mailing, and more.
Provide by Partners: Cookies and Data Collection Tools.
The Company may collect collective and impersonal information through data collection tools such as cookies, web beacons, tags, scripts, customized links, device and browser fingerprints.
Cookies are very small text files to be sent to the browser of the users by the server used for the operation of the websites of the Company and will be stored in hard disks of the users' computer.
A web beacon is a small quantity of code that exists on websites and e-mails. By using web beacons, we may know whether a user has interacted with certain websites or the contents of the email.
These functions are used for evaluating, improving services, and setting-up users' experiences so that many improved services can be provided by the Company to the users.
The items of cookies to be collected by the Company and the purpose of such collection are as follows:
The users have an option to either opt-in or opt-out from using Cookies. So, they may either allow all cookies through web browser settings, make each cookie checked whenever it is saved, or refuse all cookies to be saved: Provided that, if the user rejects the installation of cookies, it may be difficult for that user to use the parts of services provided by the Company.
3. How we use Infomation We collect
3.1 Use of Collected Information
We use the information we collect through your use of the Service to:
- Create, manage and identify user accounts.
- Fulfill and manage orders.
- Deliver products or services.
- Improve products and services.
- Send marketing and promotional communications.
- Respond to inquiries and offer support.
- Request user feedback.
- Improve user experience.
- Deliver targeted advertising.
- Administer prize draws and competitions.
- Enforce terms and conditions and policies.
- Update users on changes of company sites, applications, terms and more.
- Protect from abuse and malicious users.
- Respond to legal requests and prevent harm.
- Use users information with prior consent.
- Run and operate our Website and Services.
Processing your Personal Information depends on how you interact with our Website, where you are located in the world and if one of the following applies:
a) You have given your consent for one or more specific purposes. This, however, does not apply, whenever the processing of Personal Information is subject to California Consumer Privacy Act or European data protection law.
b) Provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.
c) Processing is necessary for compliance with a legal obligation to which you are subject.
d) Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us.
e) Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.
Note that we may be allowed to process information until you object to such processing (by opting out) under some legislations, without having to rely on consent or any other of the following legal bases below. In any case, we will be happy to clarify the specific legal basis that applies to the processing, particularly whether the provision of Personal Information is a statutory or contractual requirement or a requirement necessary to enter into a contract.
3.2 Lawful processing of personal information under GDPR
Processing personal information by the Company shall be lawful only if and to the extent that at least one of the following applies:
a) A user has given consent to the processing of his or her personal information.
b) Processing is necessary for the performance of a contract to which a user is party of or in order to take steps at the request of a user prior to entering into a contract:
i) Member management, identification, etc.
ii) Performance of a contract in relation to providing the services required by users, payment and settlement of fees, etc.
c) Processing is necessary for compliance with a legal obligation to which the Company is subject.
i) Compliance with relevant law, regulations, legal proceedings, requests by the government.
d) Processing is necessary in order to protect the vital interests of users, or other natural persons.
i) Detection of, prevention of, and response to fraud, abuse, security risks, and technical issues that may harm users or other natural persons.
e) Processing is necessary for the performance of a task carried out in the public interest or in the excise of official authority vested in the Company.
f) Processing is necessary for the purposes of the legitimate interests pursued by the Company or by a third party (except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child).
4. Sharing & Disclosure
We share certain data about you with instructors, companies performing services for us, COLOSO affiliates, our business partners, analytics and data enrichment providers, your social media providers, companies helping us run promotions and surveys, and advertising companies who help us promote our Services. We may also share your data as needed for security, legal compliance, or as part of a corporate restructuring. Lastly, we can share data in other ways if aggregated or de-identified or if we get your consent.
4.1 Sharing With Your Consent or at Your Direction
Where you provide consent, we share your information as described at the time of consent, such as when authorizing a third-party application or website to access your COLOSO account or participating in promotional activities by COLOSO partners or third parties.
a) when the user agrees to receive the information and updates of products and services of certain companies by sharing his or her personal information.
b) when the user selects to allow his or her personal information to be shared with the sites or platform of other companies such as social networking sites.
c) other cases where the user gives prior consent for sharing his or her personal information.
4.2 Service Providers
We share personal information with affiliated and unaffiliated service providers to help us run our business, including service providers that help us:
a) process payment.
b) conduct background or police checks, fraud prevention, and risk assessment.
c) perform product development, maintenance and debugging.
d) allow the provision of the COLOSO Services through third-party platforms and software tools.
e) perform data analysis.
f) provide customer service, advertising, and marketing services.
These providers are contractually bound to protect your personal information and have access to your personal information only to perform these requested services.
4.3 Corporate Affiliates
To support us in providing, integrating, promoting, and improving the COLOSO Platform, Payment Services, and our affiliates’ services, we may share personal information within our corporate family of companies related by common ownership or control.
4.4 Data Analytics and Enrichment Services
As part of our use of third-party analytics tools and data enrichment services, we share certain contact information, Account Data, System Data, Usage Data (as detailed in Section 2), or de-identified data as needed. “De-identified data” means data where we’ve removed things like your name and email address and replaced it with a token ID. This allows these providers to provide analytics services or match your data with publicly-available database information (including contact and social information from other sources). We do this to communicate with you in a more effective and customized manner.
4.5 Administer Promotions and Services
We may share your data as necessary to administer, market, or sponsor promotions and surveys you choose to participate in, as required by applicable law (e.g. providing a winners list or making required filings), or in accordance with the rules of the promotion or survey.
4.6 Advertisement
We may display online advertisements, and we may share aggregated and non-identifying information about our customers that we collect through the registration process or online surveys and promotions with certain advertisers. We do not share personally identifiable information about individual customers with advertisers. In some instances, we may use this aggregated and non-identifying information to deliver tailored advertisements to the intended audience.
4.7 Complying with Law, Responding to Legal Requests, Preventing Harm, and Protecting our Rights
We may disclose your information to courts, law enforcement, governmental or public authorities, tax authorities, or authorized third parties, if and to the extent we are required or permitted to do so by law or where disclosure is reasonably necessary:
a) to comply with our legal obligations.
b) to comply with a valid legal request or to respond to claims asserted against COLOSO.
c) to respond to a valid legal request relating to a criminal investigation to address alleged or suspected illegal activity, or to respond to or address any other activity that may expose us, you, or any other of our users to legal or regulatory liability.
d) to enforce and administer our Terms.
e) to protect the rights, property or personal safety of COLOSO, its employees, its Users, or members of the public.
Where appropriate, we may notify Users about legal requests unless:
providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law.
we believe that providing notice would be futile, ineffective, or create or increase a risk of fraud upon or harm to COLOSO, our Users, or expose COLOSO to a claim of obstruction of justice.
4.8 Business Transfers
Suppose COLOSO undertakes or is involved in any merger, acquisition, reorganization, sale of assets, bankruptcy, or insolvency event. In that case, we may sell, transfer or share some or all of our assets, including your information in connection with such transaction or contemplation of such transaction. In this event, we will notify you before your personal information is transferred and becomes subject to a different privacy policy.
4.9 After Aggregation or De-identification We may disclose or use aggregated or de-identified data for any purpose.
5. Other Important Information
5.1 Third-Party Partners & Integrations
Parts of COLOSO may link to third-party services, not owned or controlled by COLOSO, Use of these services is subject to the privacy policies of those providers, COLOSO does not own or control these third parties and when you interact with them you are providing your information to them. We encourage you to be aware when you leave our Website and to read the privacy statement of each and every website that may collect Personal Information.
5.2 Do Not Track signals
Some browsers incorporate a Do Not Track feature that signals to websites you visit that you do not want your online activity tracked. Tracking is not the same as using or collecting information in connection with a website. For these purposes, tracking refers to collecting personally identifiable information from consumers who use or visit a website or online service as they move across different websites over time. How browsers communicate the Do Not Track signal is not yet uniform. As a result, this Website is not yet set up to interpret or respond to Do Not Track signals communicated by your browser. Even so, as described in more detail throughout this Policy, we limit our use and collection of your personal information.
6. Your Rights
You have certain rights around using your data, including managing, restricting, and deleting the information you previously provided. You can update or terminate your account from within our Services, choose the information you provide, and can also contact us for individual rights requests about your data. Parents who believe we’ve unintentionally collected personal data about their underage child should contact us for help deleting that information.
6.1 Decisions around the User of Your Data
You can choose not to provide certain data to us, but you may not be able to use relevant features of the Services. You can also make temporary suspension of treatment of your data. If you have any questions about your data, our use of it, or your right, contact us at privacy@coloso.global.
6.2 Managing Your Information
You can access, correct, delete and update some of your personal information through your Account settings. If you connected your COLOSO Account to a third-party service, like Facebook or Google, you can change your settings and unlink from that service in your Account Settings. You are responsible for keeping your personal information up to date.
6.3 Data Erasure
In certain jurisdictions, you can request that your personal information be deleted. To request to delete your personal information, please contact our customer support by emailing privacy@coloso.global. Please allow up to 30 days for a response. For your protection, we require that the request be sent through the email address associated with your account, and we may need to verify your identity before processing your request. Please note that even after you request the erasure of your personal information:
We may retain your data for legitimate purposes and/or in accordance with applicable law, including assisting with legal obligations, resolving disputes, and enforcing our agreements.
We may retain and disclose such data pursuant to this Privacy Policy after your account has been terminated.
6.4 Privacy of children
We recognize the privacy interests of children and encourage parents and guardians to take an active role in their children’s online activities and interests. With this said, individuals younger than 16 years of age may not set up an account on the Coloso website. If we learn that we’ve collected personal data from a child under 16, we will take reasonable steps to delete the account.
Parents who believe that Coloso may have collected personal data from an individuals under 16 can submit a request that it be removed to privacy@coloso.global.
6.5 User’s right when applying GDPR
The users or their legal representatives, as main agents of the information, may exercise the following rights regarding the collection, use and sharing of personal information by the Company:
a) The right to access to personal information:
The users or their legal representatives may access the information and check the records of the collection, use and sharing of the information under the applicable law.
b) The right to rectification:
The users or their legal representatives may request to correct inaccurate or incomplete information.
c) The right to erasure:
The users or their legal representatives may request the deletion of the information after the achievement of their purpose and the withdrawal of their consent.
d) The right to restriction of processing:
The users or their legal representatives may make temporary suspension of treatment of personal information in case of the disputes over the accuracy of information and the legality of information treatment, or if necessary to retain the information.
e) The right to data portability:
The users or their legal representatives may request to provide or transfer the information.
f) The right to object:
The users or their legal representatives may suspend the treatment of personal information if the information is used for the purpose of direct marketing, reasonable interests, the exercise of official duties and authority, and research and statistics.
g) The right to automated individual decision-making, including profiling:
The users or their legal representatives may request to cease the automated treatment of personal information, including profiling, which has critical impact or cause legal effect on them.
If, in order to exercise the above rights, you, as a user, use the menu of 'amendment of member information of webpage or contact the Company by sending a document or e-mails, or using telephone to the Company (person in charge of management of personal information or a deputy), the Company will take measures without delay: Provided that the Company may reject the request of you only to the extent that there exists either proper cause as prescribed in the laws or equivalent cause.
7. Security
While no organization can guarantee perfect security, we continuously implement and update administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. However, it is always recommended to protect your password and contact us if you suspect any unauthorized access to your account.
7.1 Information Security
We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and our Website cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third-party, despite best efforts.
7.2 Data breach
In the event we become aware that the security of the Website has been compromised or users Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice on the Website, and send you an email.
8.Others
8.1 Data Transfer to Other Countries
Considering it engages in global businesses, the Company may provide the users' personal information to the companies located in other countries for the purpose as expressly stated in this Policy. For the places where the personal information is transmitted, retained or processed, the Company takes reasonable measures for protecting those personal information.
8.2 Third-Party’s sites and services
The website, product or service of the Company may include the links to the ones of a 3rd party and the privacy protection policy of the site of 3rd party may be different. Thus, it is required for the users to check additionally that policy of a 3rd party site linked to the site of the Company.
8.3 Users in California
Users who are California residents have certain rights under the California Consumer Privacy Act, (“CCPA”). If you are an eligible California user, included in these rights are:
You have the right to request to know more about the categories and specific pieces of personal information that we have collected about you and access a copy of your personal information.
You have the right to request the deletion of personal information that we have collected about you.
If you choose to exercise any of your rights under CCPA, Coloso will treat you like all other users. In other words, there is no penalty for exercising your rights under CCPA.
You have the right to opt-out of the sale of your personal information.
We will not collect and provide any personal identification information through services without consent of users. We do not, in the traditional sense, sell your personal information or the personal information of any of our users. We do use cookies that make non-personally identifiable information available to select third parties. To opt-out of us using the cookies, please refer to our Cookie Policy.
To exercise any of these rights under CCPA, please email privacy@coloso.global. Consistent with CCPA, you may designate an authorized agent to make these requests on your behalf. For your protection, we may require that the request be sent through the email address associated with your account, and we may need to verify you and/or your agent’s identity before fulfilling your request.
As a California resident, you also have the right to request certain details about what personal information we share with third parties for those third parties direct marketing purposes. To submit your request, send an email to privacy@coloso.global through the email address associated with your account.
For our policy for Do Not Track Signals, please see Section 5.
8.4 Users in Nevada
COLOSO does not sell its users’ personal information or personal data. However, Nevada residents can still exercise their right by submitting a request that we do not sell their covered personal information by sending us an email at privacy@coloso.global through the email address associated with their accounts.
8.5 Users in Australia
If you are an Australia resident and you have a complaint, you may refer it to the office of the Australian Information Commissioner (“OAIC”). You can contact OAIC by visiting www.oaic.gov.au; forwarding an email to enquiries@oaic.gov.au; telephoning 1300 363 992; or writing to OAIC at GPO Box 5218, Sydney NSW 2001.
9. Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time in accordance with applicable law. We will post the revised Privacy Policy and update the “Last Updated” date if we do so. In case of material changes, we will post a notification on the main page of our Website. We will also notify you in other ways at our discretion, such as through the contact information you have provided. Any updated version of this Privacy Policy will be effective immediately upon posting the revised Privacy Policy unless otherwise specified. If you disagree with the revised Privacy Policy, you can cancel your Account. Your continued use of the Website or Services after the effective date of the revised Privacy Policy (or such other act specified at that time) will constitute your consent to those changes. However, without your consent, we will not use your Personal Data in a manner materially different from what was stated at the time your Personal Data was collected.
10. Contact Information of COLOSO
Please use one of the following methods to contact the Company should you have any queries in respect to this policy or wish to update your information:
10.1 Contact Coloso
Company name: DAY1COMPANY
Address : 6&7th Fl, Teheran-ro 231, Gangnam-gu, Seoul, Republic of Korea
Tel.: +82-2-501-6222
E-mail: help@coloso.global
10.2 Designated Data Protection Officer
The Company designates the following Data Protection Officer (DPO) to protect customers’ personal information and deal with customer complaints.
DPO of the Company: Kangmin Lee
Address: 6&7th Fl, Teheran-ro 231, Gangnam-gu, Seoul, Republic of Korea
Tel.: +82-2-501-6222
E-mail: privacy@coloso.global
This privacy policy ("Policy") describes how COLOSO as Day1 Company Inc.’s CIC ("COLOSO ", "we", "us" or "our") collects, uses, shares and protects the personally identifiable information ("Personal Information") you ("User", "you" or "your") may provide on the COLOSO website and any of its products or services (collectively, "Website" or "Services").
It also describes the choices available to you regarding our use of your Personal Information and how you can access, update and restrict this information. This Policy does not apply to the practices of companies that we do not own or control or to individuals that we do not employ or manage.
This Privacy Policy applies to all users, including both users who are simply viewing the content available via the Servies and users who have registered as members of COLOSO. By using any part of our Websites or our Services, you acknowledge that you have read this Policy and agree to this entire Privacy Policy and any other agreement that governs your use of the Websites and Services.
1. Definitions
Undefined terms in this Privacy Policy have the same definition as in our Terms of Use (“Terms”).
2. Informations of be Collected & Methods of Collection
We collect certain information from you directly and indirectly. The information we directly gather from you would be something like the information you enter yourself, data about your consumption of content, and data from third-party platforms you connect with Coloso. We also collect some data indirectly and automatically, like information about your device and what parts of our Services you interact with or spend time using.
2.1 Personal information items to be collected
Personal information items to be collected by the Company are as follows:
Information provided by the users
a) The Company may collect the information directly provided by the users such as:
Title of Service | Items to be collected (examples) |
---|---|
Internet Membership Serivce | Name, email address, ID, telephone number, address, date of birth, gender, national information, encoded identification information (CI) |
Online Payment Service | Name, address, telephone number, and email address Payment information, including account number and card number Information of bid, purchase, and sales |
b) Information to be collected while the users use services through automated methods The Company may collect the following information in the course that the users use the service provided by the Company such as:
Lists | Items to be collected (examples) |
---|---|
Device and System Information | Device identifier, operation system, hardware version, device set-up, type and set-up of the browser, use information of website or application and telephone number |
Log and Usage Information | IP address, log data, use time, search word input by users, internet protocol address, cookie and web beacon |
Geo-Location Information | Information of device location including specific geographical location detected through GPS, Bluetooth, or Wifi (limited to the region permissible under the laws) |
Other Information | Payment transaction information, preference, advertisement environment, visited pages regarding service use of users |
List | Items to be collected (examples) |
---|---|
Third-Party Services | If you link, connect, or sign-in to the COLOSO Platform via a third party service (e.g. Google, Facebook, Apple), you are directing the service to send us information. These information include but are not limited to your registration, profile information as controlled by that service or as authorized by you via your privacy settings at that service. |
Other Sources | To the extent permitted by applicable law, we may receive additional information about you, such as references, demographic data, or information to help detect fraud and safety issues from third-party service providers. |
2.2 Methods of Collection
The Company collects the information of users in the following ways:
Provided by you: Webpage, written form, fax, telephone calling, e-mailing, and more.
Provide by Partners: Cookies and Data Collection Tools.
The Company may collect collective and impersonal information through data collection tools such as cookies, web beacons, tags, scripts, customized links, device and browser fingerprints.
Cookies are very small text files to be sent to the browser of the users by the server used for the operation of the websites of the Company and will be stored in hard disks of the users' computer.
A web beacon is a small quantity of code that exists on websites and e-mails. By using web beacons, we may know whether a user has interacted with certain websites or the contents of the email.
These functions are used for evaluating, improving services, and setting-up users' experiences so that many improved services can be provided by the Company to the users.
The items of cookies to be collected by the Company and the purpose of such collection are as follows:
Category | Purposes of the Data Collection Tools |
---|---|
Strictly Necessary | These Data Collection Tools enable users to use the basic functions of the website of the Company. Unless the users allow these tools, the services such as logging in, securing the site cannot be provided. These tools do not collect any information which may be used for marketing or memorizing the sites visited by the users. These are required for the Services to work properly, and if you disable them, parts of the site may break or be unavailable.Examples of necessary cookies: Check whether a user is signed-in to the website Check whether the users are connected with correct services of the website Connect the users with certain applications or servers of the services Memorize the information entered in an order form while searching other pages during a web browser session For the page of products and check-out, memorize ordered services |
Performance | These Data Collection Tools collect information on how the users use the Website or the Company’s Service, such as the information of the pages which are visited by the users most. This data helps the company optimize its website so that the users can search that website more comfortably. These Data Collect Tools do not collect any personally iidentifyinginformation about the users. Any and all the information collected by these Data Collection Tools will be processed collectively, and anonymity will be guaranteed. Examples of performance cookies: Web analysis: provide statistical data on the ways of using the website Advertisement response fee: check the effect of advertisement of the Company Tracing affiliated companies; one of the visitors of the Company provides anonymous feedback to the affiliated companies Management of error: measure an error that may occur to give help for improving the website Design testing: test other designs of the website of Company |
Functional | These Data Collection Tools are used to remember the set-ups so that the Company provides improved services and additional site functionality, including personalized and preferred settings. Any information collected by this cookie does not identify the users individually. Examples of functionality cookies: Remember set-ups applied such as layout, text size, basic set-up, and colors Remember when the customer responds to a survey conducted by the Company Remember the preferred language or volume level for video playback |
Targeting or Advertising | These Data Collection Tools are connected with the services provided by a 3rd party such as the buttons of ‘like’ and 'share'. The 3rd party provides these services by recognizing that the users visit the website of the Company. Examples of targeting or advertising Data Collection Tools: Carry out PR to the users as targets in other websites by connecting through social networks and these networks use the information of users' visit Provide the information of users' visits to ad agencies so that they can suggest an ad that may attract the interest of the users |
The users have an option to either opt-in or opt-out from using Cookies. So, they may either allow all cookies through web browser settings, make each cookie checked whenever it is saved, or refuse all cookies to be saved: Provided that, if the user rejects the installation of cookies, it may be difficult for that user to use the parts of services provided by the Company.
3. How we use Infomation We collect
3.1 Use of Collected Information
We use the information we collect through your use of the Service to:
- Create, manage and identify user accounts.
- Fulfill and manage orders.
- Deliver products or services.
- Improve products and services.
- Send marketing and promotional communications.
- Respond to inquiries and offer support.
- Request user feedback.
- Improve user experience.
- Deliver targeted advertising.
- Administer prize draws and competitions.
- Enforce terms and conditions and policies.
- Update users on changes of company sites, applications, terms and more.
- Protect from abuse and malicious users.
- Respond to legal requests and prevent harm.
- Use users information with prior consent.
- Run and operate our Website and Services.
Processing your Personal Information depends on how you interact with our Website, where you are located in the world and if one of the following applies:
a) You have given your consent for one or more specific purposes. This, however, does not apply, whenever the processing of Personal Information is subject to California Consumer Privacy Act or European data protection law.
b) Provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.
c) Processing is necessary for compliance with a legal obligation to which you are subject.
d) Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us.
e) Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.
Note that we may be allowed to process information until you object to such processing (by opting out) under some legislations, without having to rely on consent or any other of the following legal bases below. In any case, we will be happy to clarify the specific legal basis that applies to the processing, particularly whether the provision of Personal Information is a statutory or contractual requirement or a requirement necessary to enter into a contract.
3.2 Lawful processing of personal information under GDPR
Processing personal information by the Company shall be lawful only if and to the extent that at least one of the following applies:
a) A user has given consent to the processing of his or her personal information.
b) Processing is necessary for the performance of a contract to which a user is party of or in order to take steps at the request of a user prior to entering into a contract:
i) Member management, identification, etc.
ii) Performance of a contract in relation to providing the services required by users, payment and settlement of fees, etc.
c) Processing is necessary for compliance with a legal obligation to which the Company is subject.
i) Compliance with relevant law, regulations, legal proceedings, requests by the government.
d) Processing is necessary in order to protect the vital interests of users, or other natural persons.
i) Detection of, prevention of, and response to fraud, abuse, security risks, and technical issues that may harm users or other natural persons.
e) Processing is necessary for the performance of a task carried out in the public interest or in the excise of official authority vested in the Company.
f) Processing is necessary for the purposes of the legitimate interests pursued by the Company or by a third party (except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child).
4. Sharing & Disclosure
We share certain data about you with instructors, companies performing services for us, COLOSO affiliates, our business partners, analytics and data enrichment providers, your social media providers, companies helping us run promotions and surveys, and advertising companies who help us promote our Services. We may also share your data as needed for security, legal compliance, or as part of a corporate restructuring. Lastly, we can share data in other ways if aggregated or de-identified or if we get your consent.
4.1 Sharing With Your Consent or at Your Direction
Where you provide consent, we share your information as described at the time of consent, such as when authorizing a third-party application or website to access your COLOSO account or participating in promotional activities by COLOSO partners or third parties.
a) when the user agrees to receive the information and updates of products and services of certain companies by sharing his or her personal information.
b) when the user selects to allow his or her personal information to be shared with the sites or platform of other companies such as social networking sites.
c) other cases where the user gives prior consent for sharing his or her personal information.
4.2 Service Providers
We share personal information with affiliated and unaffiliated service providers to help us run our business, including service providers that help us:
a) process payment.
b) conduct background or police checks, fraud prevention, and risk assessment.
c) perform product development, maintenance and debugging.
d) allow the provision of the COLOSO Services through third-party platforms and software tools.
e) perform data analysis.
f) provide customer service, advertising, and marketing services.
These providers are contractually bound to protect your personal information and have access to your personal information only to perform these requested services.
4.3 Corporate Affiliates
To support us in providing, integrating, promoting, and improving the COLOSO Platform, Payment Services, and our affiliates’ services, we may share personal information within our corporate family of companies related by common ownership or control.
4.4 Data Analytics and Enrichment Services
As part of our use of third-party analytics tools and data enrichment services, we share certain contact information, Account Data, System Data, Usage Data (as detailed in Section 2), or de-identified data as needed. “De-identified data” means data where we’ve removed things like your name and email address and replaced it with a token ID. This allows these providers to provide analytics services or match your data with publicly-available database information (including contact and social information from other sources). We do this to communicate with you in a more effective and customized manner.
4.5 Administer Promotions and Services
We may share your data as necessary to administer, market, or sponsor promotions and surveys you choose to participate in, as required by applicable law (e.g. providing a winners list or making required filings), or in accordance with the rules of the promotion or survey.
4.6 Advertisement
We may display online advertisements, and we may share aggregated and non-identifying information about our customers that we collect through the registration process or online surveys and promotions with certain advertisers. We do not share personally identifiable information about individual customers with advertisers. In some instances, we may use this aggregated and non-identifying information to deliver tailored advertisements to the intended audience.
4.7 Complying with Law, Responding to Legal Requests, Preventing Harm, and Protecting our Rights
We may disclose your information to courts, law enforcement, governmental or public authorities, tax authorities, or authorized third parties, if and to the extent we are required or permitted to do so by law or where disclosure is reasonably necessary:
a) to comply with our legal obligations.
b) to comply with a valid legal request or to respond to claims asserted against COLOSO.
c) to respond to a valid legal request relating to a criminal investigation to address alleged or suspected illegal activity, or to respond to or address any other activity that may expose us, you, or any other of our users to legal or regulatory liability.
d) to enforce and administer our Terms.
e) to protect the rights, property or personal safety of COLOSO, its employees, its Users, or members of the public.
Where appropriate, we may notify Users about legal requests unless:
providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law.
we believe that providing notice would be futile, ineffective, or create or increase a risk of fraud upon or harm to COLOSO, our Users, or expose COLOSO to a claim of obstruction of justice.
4.8 Business Transfers
Suppose COLOSO undertakes or is involved in any merger, acquisition, reorganization, sale of assets, bankruptcy, or insolvency event. In that case, we may sell, transfer or share some or all of our assets, including your information in connection with such transaction or contemplation of such transaction. In this event, we will notify you before your personal information is transferred and becomes subject to a different privacy policy.
4.9 After Aggregation or De-identification We may disclose or use aggregated or de-identified data for any purpose.
5. Other Important Information
5.1 Third-Party Partners & Integrations
Parts of COLOSO may link to third-party services, not owned or controlled by COLOSO, Use of these services is subject to the privacy policies of those providers, COLOSO does not own or control these third parties and when you interact with them you are providing your information to them. We encourage you to be aware when you leave our Website and to read the privacy statement of each and every website that may collect Personal Information.
5.2 Do Not Track signals
Some browsers incorporate a Do Not Track feature that signals to websites you visit that you do not want your online activity tracked. Tracking is not the same as using or collecting information in connection with a website. For these purposes, tracking refers to collecting personally identifiable information from consumers who use or visit a website or online service as they move across different websites over time. How browsers communicate the Do Not Track signal is not yet uniform. As a result, this Website is not yet set up to interpret or respond to Do Not Track signals communicated by your browser. Even so, as described in more detail throughout this Policy, we limit our use and collection of your personal information.
6. Your Rights
You have certain rights around using your data, including managing, restricting, and deleting the information you previously provided. You can update or terminate your account from within our Services, choose the information you provide, and can also contact us for individual rights requests about your data. Parents who believe we’ve unintentionally collected personal data about their underage child should contact us for help deleting that information.
6.1 Decisions around the User of Your Data
You can choose not to provide certain data to us, but you may not be able to use relevant features of the Services. You can also make temporary suspension of treatment of your data. If you have any questions about your data, our use of it, or your right, contact us at privacy@coloso.global.
6.2 Managing Your Information
You can access, correct, delete and update some of your personal information through your Account settings. If you connected your COLOSO Account to a third-party service, like Facebook or Google, you can change your settings and unlink from that service in your Account Settings. You are responsible for keeping your personal information up to date.
6.3 Data Erasure
In certain jurisdictions, you can request that your personal information be deleted. To request to delete your personal information, please contact our customer support by emailing privacy@coloso.global. Please allow up to 30 days for a response. For your protection, we require that the request be sent through the email address associated with your account, and we may need to verify your identity before processing your request. Please note that even after you request the erasure of your personal information:
We may retain your data for legitimate purposes and/or in accordance with applicable law, including assisting with legal obligations, resolving disputes, and enforcing our agreements.
We may retain and disclose such data pursuant to this Privacy Policy after your account has been terminated.
6.4 Privacy of children
We recognize the privacy interests of children and encourage parents and guardians to take an active role in their children’s online activities and interests. With this said, individuals younger than 16 years of age may not set up an account on the Coloso website. If we learn that we’ve collected personal data from a child under 16, we will take reasonable steps to delete the account.
Parents who believe that Coloso may have collected personal data from an individuals under 16 can submit a request that it be removed to privacy@coloso.global.
6.5 User’s right when applying GDPR
The users or their legal representatives, as main agents of the information, may exercise the following rights regarding the collection, use and sharing of personal information by the Company:
a) The right to access to personal information:
The users or their legal representatives may access the information and check the records of the collection, use and sharing of the information under the applicable law.
b) The right to rectification:
The users or their legal representatives may request to correct inaccurate or incomplete information.
c) The right to erasure:
The users or their legal representatives may request the deletion of the information after the achievement of their purpose and the withdrawal of their consent.
d) The right to restriction of processing:
The users or their legal representatives may make temporary suspension of treatment of personal information in case of the disputes over the accuracy of information and the legality of information treatment, or if necessary to retain the information.
e) The right to data portability:
The users or their legal representatives may request to provide or transfer the information.
f) The right to object:
The users or their legal representatives may suspend the treatment of personal information if the information is used for the purpose of direct marketing, reasonable interests, the exercise of official duties and authority, and research and statistics.
g) The right to automated individual decision-making, including profiling:
The users or their legal representatives may request to cease the automated treatment of personal information, including profiling, which has critical impact or cause legal effect on them.
If, in order to exercise the above rights, you, as a user, use the menu of 'amendment of member information of webpage or contact the Company by sending a document or e-mails, or using telephone to the Company (person in charge of management of personal information or a deputy), the Company will take measures without delay: Provided that the Company may reject the request of you only to the extent that there exists either proper cause as prescribed in the laws or equivalent cause.
7. Security
While no organization can guarantee perfect security, we continuously implement and update administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. However, it is always recommended to protect your password and contact us if you suspect any unauthorized access to your account.
7.1 Information Security
We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and our Website cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third-party, despite best efforts.
7.2 Data breach
In the event we become aware that the security of the Website has been compromised or users Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice on the Website, and send you an email.
8.Others
8.1 Data Transfer to Other Countries
Considering it engages in global businesses, the Company may provide the users' personal information to the companies located in other countries for the purpose as expressly stated in this Policy. For the places where the personal information is transmitted, retained or processed, the Company takes reasonable measures for protecting those personal information.
8.2 Third-Party’s sites and services
The website, product or service of the Company may include the links to the ones of a 3rd party and the privacy protection policy of the site of 3rd party may be different. Thus, it is required for the users to check additionally that policy of a 3rd party site linked to the site of the Company.
8.3 Users in California
Users who are California residents have certain rights under the California Consumer Privacy Act, (“CCPA”). If you are an eligible California user, included in these rights are:
You have the right to request to know more about the categories and specific pieces of personal information that we have collected about you and access a copy of your personal information.
You have the right to request the deletion of personal information that we have collected about you.
If you choose to exercise any of your rights under CCPA, Coloso will treat you like all other users. In other words, there is no penalty for exercising your rights under CCPA.
You have the right to opt-out of the sale of your personal information.
We will not collect and provide any personal identification information through services without consent of users. We do not, in the traditional sense, sell your personal information or the personal information of any of our users. We do use cookies that make non-personally identifiable information available to select third parties. To opt-out of us using the cookies, please refer to our Cookie Policy.
To exercise any of these rights under CCPA, please email privacy@coloso.global. Consistent with CCPA, you may designate an authorized agent to make these requests on your behalf. For your protection, we may require that the request be sent through the email address associated with your account, and we may need to verify you and/or your agent’s identity before fulfilling your request.
As a California resident, you also have the right to request certain details about what personal information we share with third parties for those third parties direct marketing purposes. To submit your request, send an email to privacy@coloso.global through the email address associated with your account.
For our policy for Do Not Track Signals, please see Section 5.
8.4 Users in Nevada
COLOSO does not sell its users’ personal information or personal data. However, Nevada residents can still exercise their right by submitting a request that we do not sell their covered personal information by sending us an email at privacy@coloso.global through the email address associated with their accounts.
8.5 Users in Australia
If you are an Australia resident and you have a complaint, you may refer it to the office of the Australian Information Commissioner (“OAIC”). You can contact OAIC by visiting www.oaic.gov.au; forwarding an email to enquiries@oaic.gov.au; telephoning 1300 363 992; or writing to OAIC at GPO Box 5218, Sydney NSW 2001.
9. Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time in accordance with applicable law. We will post the revised Privacy Policy and update the “Last Updated” date if we do so. In case of material changes, we will post a notification on the main page of our Website. We will also notify you in other ways at our discretion, such as through the contact information you have provided. Any updated version of this Privacy Policy will be effective immediately upon posting the revised Privacy Policy unless otherwise specified. If you disagree with the revised Privacy Policy, you can cancel your Account. Your continued use of the Website or Services after the effective date of the revised Privacy Policy (or such other act specified at that time) will constitute your consent to those changes. However, without your consent, we will not use your Personal Data in a manner materially different from what was stated at the time your Personal Data was collected.
10. Contact Information of COLOSO
Please use one of the following methods to contact the Company should you have any queries in respect to this policy or wish to update your information:
10.1 Contact Coloso
Company name: DAY1COMPANY
Address : 6&7th Fl, Teheran-ro 231, Gangnam-gu, Seoul, Republic of Korea
Tel.: +82-2-501-6222
E-mail: help@coloso.global
10.2 Designated Data Protection Officer
The Company designates the following Data Protection Officer (DPO) to protect customers’ personal information and deal with customer complaints.
DPO of the Company: Kangmin Lee
Address: 6&7th Fl, Teheran-ro 231, Gangnam-gu, Seoul, Republic of Korea
Tel.: +82-2-501-6222
E-mail: privacy@coloso.global