Contents
Article 1 Privacy Notice
WEVERSE COMPANY Inc. (hereinafter referred to as "Weverse" or "Company") places a strong emphasis on safeguarding user personal information. We process and securely manage such personal information in full compliance with the Personal Information Protection Act and relevant laws. In accordance with these regulations, we are committed to informing you about the procedures and criteria governing the Company's processing of personal information, along with our Privacy Policy to provide you with guidance on addressing any related concerns or complaints.
Article 2 Purposes of Processing Personal Information
The Company processes personal information for the purposes listed below. Personal information will not be used for any purposes other than those listed below. In case any changes need to be made for the purposes for which personal information is used, the Company will conduct appropriate procedures such as obtaining the user's consent.
- For Company website(weverse.co): WEVERSE COMPANY's official website with company information, partnership inquiry channels, etc.
- Apply to join as an artist(biz.weverse.io): For the joining page for labels looking to join Weverse as an artist
Article 3 Processed Personal Information
The Company may process and keep the personal information provided by the user for the period stated in relevant laws or for the period permitted by the user when providing the information. The periods of processing and keeping the personal information are as below.
- What is "required items"?: Information required to provide the service's fundamental functions
- What is "optional items"?: Information collected additionally to provide specialized services (Your use of the service will not be restricted even if you do not enter optional items.)
| Service | Time of processing | Personal information Processed | Period for retention and use |
|---|---|---|---|
| For Company website | When making an inquiry about advertisement partnership | Email, name (first name and last name), Company name, Country, Content of the inquiry and phone number of the person in charge | Within 1 year from the date of making the inquiry |
| Apply to join as an artist | For verifying information required for application to join Weverse as an artist | label's name (artist's name), name of the person in charge, phone number of the person in charge, Weverse Account ID (email address) | For 1 year after applying to join Weverse as an artist or for 5 years after the end of the contract for those who closed a contract |
| For identity verification required for closing a contract for joining Weverse as an artist | Copy of passport, copy of driver's license | ||
| For verifying information required for closing a contract, including settlement process, for joining Weverse as an artist | Name, name of the bank, account number, name of the account holder, copy of the bankbook | ||
| For verifying information of the person in charge of settlement | Name, email, phone number | ||
| Weverse On-site | In the case of the employment contract of on-site managers for offline events (e.g. concerts and events) | Name and email address | Three (3) years after the on-site event ends |
- Time of processing: When making an inquiry about advertisement partnership
- Personal information Processed: Email, name (first name and last name), Company name, Country, Content of the inquiry and phone number of the person in charge
- Period for retention and use: Within 1 year from the date of making the inquiry
- Time of processing: For verifying information required for application to join Weverse as an artist
- Personal information Processed: label's name (artist's name), name of the person in charge, phone number of the person in charge, Weverse Account ID (email address)
- Period for retention and use: For 1 year after applying to join Weverse as an artist or for 5 years after the end of the contract for those who closed a contract
- Time of processing: For identity verification required for closing a contract for joining Weverse as an artist
- Personal information Processed: Copy of passport, copy of driver's license
- Period for retention and use: For 1 year after applying to join Weverse as an artist or for 5 years after the end of the contract for those who closed a contract
- Time of processing: For verifying information required for closing a contract, including settlement process, for joining Weverse as an artist
- Personal information Processed: Name, name of the bank, account number, name of the account holder, copy of the bankbook
- Period for retention and use: For 1 year after applying to join Weverse as an artist or for 5 years after the end of the contract for those who closed a contract
- Time of processing: For verifying information of the person in charge of settlement
- Personal information Processed: Name, email, phone number
- Period for retention and use: For 1 year after applying to join Weverse as an artist or for 5 years after the end of the contract for those who closed a contract
- Time of processing: In the case of the employment contract of on-site managers for offline events (e.g. concerts and events)
- Personal information Processed: Name and email address
- Period for retention and use: Three (3) years after the on-site event ends
| Service | Time of processing | Personal information Processed | Period for retention and use |
|---|---|---|---|
| Apply to join as an artist | For verifying information required for application to join Weverse as an artist | Name of the department, information on the business card | For 1 year after applying to join Weverse as an artist or for 5 years after the end of the contract for those who closed a contract |
- Time of processing: For verifying information required for application to join Weverse as an artist
- Personal information Processed: Name of the department, information on the business card
- Period for retention and use: For 1 year after applying to join Weverse as an artist or for 5 years after the end of the contract for those who closed a contract
Article 4 Provision of Personal Information to Third Parties
Except in the following cases, we do not provide third parties with your personal information, unless you consent thereto or the disclosure is otherwise expressly prescribed in applicable law.
In addition, in accordance with relevant laws and regulations, we may share personal information without your consent to the extent that such sharing is reasonably related to the purpose of the collection of such personal information. In the foregoing case, we will comprehensively consider factors such as whether the sharing is related to the original purpose of collection, whether the sharing is predictable in light of the circumstances under which the personal information was collected or under usual processing practices, whether the sharing unreasonably infringes upon your interests and whether security measures such as pseudonymization or encryption have been implemented.
Article 5 Entrustment of Personal Information
When necessary for the purposes of service use, performing contractual obligations and improving member convenience, we entrust the processing of personal information to specialized service providers or utilize specialized platforms, within the scope disclosed in this Privacy Notice.
| Entrusted company | Entrusted tasks |
|---|---|
| HYBE Co., Ltd. | Operation and management of a company-wide IT system such as data protection system |
| NAVER Corp. | Service system development and operation |
| NAVER CLOUD Corp. | Service infrastructure operation and prevention of fraudulent usage |
| Imweb Corp. | For building and operating services on the Company's Website |
| Amazon Web Services, Inc. | Cloud server operation and management |
- Entrusted company: HYBE Co., Ltd.
- Entrusted tasks: Operation and management of a company-wide IT system such as data protection system
- Entrusted company: NAVER Corp.
- Entrusted tasks: Service system development and operation
- Entrusted company: NAVER CLOUD Corp.
- Entrusted tasks: Service infrastructure operation and prevention of fraudulent usage
- Entrusted company: Imweb Corp.
- Entrusted tasks: For building and operating services on the Company's Website
- Entrusted company: Amazon Web Services, Inc.
- Entrusted tasks: Cloud server operation and management
When signing the consignment contract to entrust the personal information processing, we include clauses stating the consignee's responsibilities such as the prohibition of processing personal information for purposes other than entrusted tasks, technical/administrative measures, prohibition of reconsigning, managerial and supervision of consignee, and compensations for damages, and we supervise the consignees to handle the information safely.
We will immediately disclose when there is any change in the entrusted tasks or consignees via the Notice.
Article 6 International Transfer of Personal Information
For the purposes of providing our services and enhancing users’ convenience, we may transfer and/or manage your personal information overseas as follows. The details on our international transfer of personal information are described below.
| Recipient and contact information | Country to where personal information is transferred | Time and method of personal information transfer | Purpose | Types of personal information | Duration of keeping and using personal information |
|---|---|---|---|---|---|
| NAVER VIETNAM (dl_navervietnam_privacy@navercorp.com) | VIETNAM | Access to the development and operation system using the company's infrastructure | For development and operation of the company’s service | Minimum user data required for service operation | Until membership withdrawal or termination/ expiration of the outsourcing agreement. |
- Recipient and contact information: NAVER VIETNAM (dl_navervietnam_privacy@navercorp.com)
- Country to where personal information is transferred: VIETNAM
- Time and method of personal information transfer: Access to the development and operation system using the company's infrastructure
- Purpose: For development and operation of the company’s service
- Types of personal information: Minimum user data required for service operation
- Duration of keeping and using personal information: Until membership withdrawal or termination/ expiration of the outsourcing agreement.
Article 7 Retention of Personal Information
If we collect any personal information from you, we comply with our internal policy to use and retain such personal information for the period during which you use our services.
We immediately destroy your personal information when it becomes unnecessary, such as when the retention period has elapsed or when the purpose of processing personal information has been achieved.
In addition, we store the relevant personal information for a specified period as outlined below, until the retention period specified in the provisions of applicable law has elapsed.
Article 8 Procedures and Methods of Destroying Personal Information
Once the purposes of collection and use of your personal information are achieved, we destroy your personal information in accordance with our internal policies and other applicable laws. However, personal information collected with your consent or stored in the form of electronic files will be deleted using technical means that make the records unreproducible, and personal information printed on paper such as filings or printed materials will be shredded or incinerated.
Article 9 Your Legal Rights
Subject to applicable law, you may have the following rights relating to your personal information managed by us. You may exercise your rights at any time, by contacting the data protection officer via the contact information provided in Article 12 (Data Protection Officer).
- The right not to provide your personal information to us (however, please note that we will be unable to provide you with the full benefit of our Sites, Apps, or services, if you do not provide us with your personal information – e.g., we might not be able to process your requests without the necessary details);
- The right to request information regarding the nature, processing and disclosure of your personal information managed by us and request access to, or copies of such personal information;
- The right to request rectification of any inaccuracies in your personal information managed by us;
- The right to request, on legitimate grounds:
- Deletion of your personal information managed by us; or
- Suspension of processing of your personal information managed by us;
- The right to have certain personal information transferred to another entity, in a structured, commonly used and machine-readable format, to the extent applicable;
- Where we process your personal information managed by us on the basis of your prior consent, the right to withdraw that consent (noting that such withdrawal does not affect the lawfulness of any processing performed prior to the date on which we receive notice of such withdrawal, and does not prevent the processing of your personal information in reliance upon any other available legal bases, as applicable); and
- The right to submit complaints to an authority in charge of protection of data regarding the processing of your personal information managed by us.
Article 10 Technical/Administrative Measures for Protecting Personal Data
When handling personal information, we take appropriate measures to keep the information safe and prevent from loss, theft, leakage, falsification, or damage, and we take technical measures as follows:
- Your personal information is protected by password and encrypted information. However, your information can be exposed to others in many ways including when you use the public internet, so you need to be responsible for protecting your own information. We are not responsible for any damages that arise from your negligence or the fundamental nature and risks of the internet.
- Your personal information is protected with a password and encrypted information by default, and important data are protected with separate security functions by encrypting files and transmitted date.
- We use vaccine programs to prevent possible damage by computer viruses, and vaccine programs are updated periodically.
- We prevent leakage and damage of personal information caused by hacking and viruses by monitoring the system 24 hours a day using a system that detects and blocks external intrusion.
We fully acknowledge the importance of your personal information, and accordingly, we have a reasonably limited number of employees handling personal information. The personnel in charge of protecting personal information conducts periodical education for the employees, putting the utmost effort to protect personal information. Also, we periodically check the compliance status of commitments stated in the policy and relevant employees, and when we detect any violation, we immediately correct and improve the issue and take necessary measures.
Article 11 Installation and Operation of Automatic Collection Tools for Personal Information and Refusal Thereof
We use cookies to store and discover information about members. Cookies are strings of small amounts of text transmitted by the website server to users’ computer browsers (e.g., Internet Explorer, Safari, Chrome, Firefox). Cookies identify each member’s computer, but do not identify individual members.
We use Google Analytics(Terms of Service)and Firebase(Terms of Service) API provided by Google(Privacy Policy), For providing services and statistics analyses. For further details, please see our Cookie Policy
① Provide differentiated information depending on each individual’s interests
② Analyze members’ and non-members’ frequency of visits and time spent on each visit to identify members’ tastes and interests for use in targeted marketing
③ Identify the traces of browsing records of contents in which members were interested in to provide personalized services on the next visit
④ Analyze customers’ habits and use the results as criteria for service reorganization, etc.
By adjusting the settings on their web browser, members may accept all cookies, receive notifications whenever cookies are installed, or refuse all cookies.
However, if you refuse cookies, you may not be able to use certain functions of the service that require login.
You can set whether to permit cookies (on Internet Explorer) as follows:
① Go to [Tools] and [Internet Options].
② Click [Privacy].
③ Under the tab [Settings], choose the level you want from “Accept All Cookies – Low – Medium – Medium High – High – Block All Cookies.”
Article 12 Data Protection Officer
In order to protect users’ personal information and handle complaints related to personal information, we have designated our Data Protection Officer as follows. Users may report all complaints related to personal information protection arising in the course of using our services to the Data Protection Officer, and we will provide prompt and sufficient responses to such reports.
- Data Protection Officer: Sung Koo Ryeo
- Department responsible for processing complaint: CX/CS team
- Department responsible for information inspection request: CX/CS team
- Telephone number: +82 1544-0790 (only available in South Korea)
- Email address: privacy@weverse.io
Article 13 Handling of Comments and Complaints
| 문의처 | ||
|---|---|---|
| Personal Information Dispute Mediation Committee | https://privacy.kisa.or.kr | 118 |
| Korea Internet & Security Agency | https://www.kopico.go.kr | 1833-6972 |
| Cybercrime Investigation Division of Supreme Prosecutors’ Office | https://www.spo.go.kr | 1303 |
| Cyber Bureau of National Police Agency | https://cyber.go.kr | 182 |
- Personal Information Dispute Mediation Committee
- Korea Internet & Security Agency
- Cybercrime Investigation Division of Supreme Prosecutors’ Office
- Cyber Bureau of National Police Agency
Article 14 Changes in Privacy Notice
This Privacy Policy will take effect from February 29, 2024 (KST). Please refer to the link below to see the previous version of the Privacy Policy.
Privacy Policy version number: V1.2
Effective date: February 29, 2024
Previous Privacy Policy
Jurisdiction-Specific Terms
The following are supplementary clauses applicable depending on your location or nationality. In the event of conflict between the following and the main text of this Privacy Notice, the following shall prevail.
EEA and UK
For the purposes of this section, the term “personal information” used in the main text of this Notice shall be replaced with the term “personal data” – the term shall have the same meaning as set out in Article 1
Clause Article 1 of this Notice shall be supplemented with the following text as a new final paragraph:
For the purposes of the GDPR and the UK Data Protection Act 2018, WEVERSE COMPANY Inc. is the entity (or “controller”) that decides how and why your personal data are processed and has primary responsibility for complying with applicable data protection laws.
Clause Article 2 of this Notice shall be replaced with the following:
Article 2 Purposes and Legal Bases for Processing of Personal Data
The purposes of processing of your personal data and the legal bases on which we rely under applicable laws are as follows:
| Processing activity | Legal basis for processing |
|---|---|
|
|
- Processing activity
- For Company website(weverse.co): WEVERSE COMPANY's official website with company information, partnership inquiry channels, etc.
- Apply to join as an artist(biz.weverse.io): For the joining page for labels looking to join Weverse as an artist
- Legal basis for processing
- The processing is necessary in connection with any contract that you have entered into with us, or to take steps prior to entering into a contract with us; or
- We have a legitimate interest in carrying out the processing for the purpose of providing you with our Sites, Apps or services (to the extent that such legitimate interest is not overridden by your interests, fundamental rights, or freedoms); or
- We have obtained your prior consent to the processing (the aforementioned legal basis is only used in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way).
The final paragraph of Clause Article 4 of this Notice shall be replaced with the following:
Article 4 Disclosure of Personal Data to Third Parties
We disclose personal data to other entities within the Weverse group, for legitimate business purposes and the operation of our Sites, Apps or services to you, in accordance with applicable law. In addition, we disclose personal data to:
- you and, where appropriate, your appointed representatives;
- legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;
- accountants, auditors, consultants, lawyers and other outside professional advisors to HYBE, subject to binding contractual obligations of confidentiality;
- third party processors, located anywhere in the world, subject to the requirements noted below in this Section Article 4;
- any relevant party, regulatory body, governmental authority, law enforcement agency or court, to the extent necessary for the establishment, exercise or defence of legal claims;
- any relevant party, regulatory body, governmental authority, law enforcement agency or court, for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties;
- any relevant third party acquirer(s) or successor(s) in title, in the event that we sell or transfer all or any relevant portion of our business or assets (including in the event of a reorganization, dissolution or liquidation); and
- any relevant third party provider, where our Sites and our Apps use third party advertising, plugins or content. If you choose to interact with any such advertising, plugins or content, your personal data may be shared with the relevant third party provider. We recommend that you review that third party’s privacy policy before interacting with its advertising, plugins or content.
If we engage a third-party processor to process your personal data, the processor will be subject to binding contractual obligations to:
(i) only process the personal data in accordance with our prior written instructions; and
(ii) use measures to protect the confidentiality and security of the personal data; together with any additional requirements under applicable law.
Please refer to Article 5 for additional information about entities to which personal information is outsourced by the Company.
Clause Article 6 of this Notice shall be replaced with the following:
Article 6 International Transfer of Personal Data
Because of the international nature of our business, we transfer personal data within the Weverse group, and to third parties, as discussed further in Article 6, in connection with the purposes set out in this Notice. For this reason, we transfer personal data to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located, including Korea, Japan, and the United States.
If an exemption or derogation applies (e.g., where a transfer is necessary to establish, exercise or defend a legal claim) we may rely on that exemption or derogation, as appropriate. Where no exemption or derogation applies, and we transfer your personal data from the EEA or UK to recipients located outside the EEA or UK who are not in jurisdictions formally designated by the European Commission or UK Government as providing an adequate level of protection for personal data, we do so on the basis of template transfer clauses adopted by the European Commission or adopted by a Data Protection Authority and approved by the European Commission, or adopted by the UK Government (as appropriate). You are entitled to request a copy of these clauses using the contact details provided in Section Article 12 below.
Please note that when you transfer any personal data directly to any Weverse entity established outside the EEA or UK, we are not responsible for that transfer of your personal data. We will nevertheless process your personal data, from the point at which we receive those data, in accordance with the provisions of this Notice.
Clause Article 8 of this Notice shall be replaced with the following:
Article 8 Procedures and Methods of Destroying Personal Data
We destroy your personal information in accordance with our internal policies and other applicable laws.
The following shall be added at the bottom of Clause Article 9:
Article 9 Your Legal Rights
In addition to the above rights, you remain entitled to all other statutory rights.
You may also have the following additional rights regarding the processing of your personal information:
- the right to object, on grounds relating to your particular situation, to the processing of your personal information by us or on our behalf, where such processing is based on Articles 6(1)(e) (public interest) or 6(1)(f) (legitimate interests) of the GDPR; and
- the right to object to the processing of your relevant personal data by us or on our behalf for direct marketing purposes.
Clause Article 11 of this Notice shall be replaced with the following:
Article 11 Cookies and Similar Technologies
When you visit a Site or use an App, we will typically place cookies onto your device or read cookies already on your device, subject always to obtaining your prior consent, where required, in accordance with applicable law. For further details, please see our Cookie Policy
Clause Article 12 of this Notice shall be replaced with the following:
Article 12 Contact Information
You may contact our DPO [privacy@weverse.io]if you wish to exercise your rights in connection with this Notice or your personal data. You may also contact our represnetative.
| Email Address | |
|---|---|
| For Company website, Apply to join as an artist | privacy@weverse.io |
- Email Address:
- For Company website, Apply to join as an artist
- privacy@weverse.io
EU LOCAL REPRESENTATIVE
- info@edpo.com
- Mr Olivier Willocx, Managing Director
- Avenue Huart Hamoir 71, 1030 Brussels, Belgium
- online request form: https://edpo.com/gdpr-data-request
- info@edpo.com
- Mr Olivier Willocx, Managing Director
- 8 Northumberland Avenue, London WC2N 5BY, United Kingdom
- online request form: https://edpo.com/uk-gdpr-data-request
Clause Article 13 of this Notice shall not apply.
California Consumer Privacy Act (CCPA)
Clause Article 7 of this Notice shall be replaced with the following:
Article 7 Retention of Personal Information
We take every reasonable step to ensure that your personal information is only processed for the minimum period necessary for the purposes set out in this Notice. We will retain your personal information in a form that permits identification only for as long as:
(1) we maintain an ongoing relationship with you; or
(2) your personal information is necessary in connection with the lawful purposes set out in this Notice, for which we have a valid legal basis.
Clause Article 9 of this Notice shall be replaced with the following:
Article 9 California Consumer Privacy Act Disclosures
Under the California Consumer Privacy Act (“CCPA”), we must disclose our practices regarding the collection, use, and disclosure of the personal information of California residents (“Consumers”).
Collection of personal information
We have collected and will collect the following general categories of personal information about Consumers:
- Personal identifiers, including names, postal addresses, IP addresses, and email addresses;
- Protected classifications, including age;
- Internet or other electronic network activity information; and
- Inferences for use in creating a consumer profile.
Our service is not offered for children (under 14 years old for South Korean and under 16 years old for international users). If we discover that we have collected the personal information of a child, we will delete the information and cancel the user's account. If you believe that we have collected information of a child, please inform us via contact information in Article 12.
Use of Personal information
We may use the categories of personal information described above for the following business or commercial purposes:
- Advance our commercial or economic business interests;
- Maintain or service customer accounts;
- Provide customer service;
- Process or fulfill orders and transactions;
- Provide advertising or marketing services;
- Provide analytic services;
- Perform internal research for technological development;
- Ensure the quality and safety of services or devices;
- Improve the quality and safety of services or devices;
- Debugging to address impairments to operational functionality;
- Detect security incidents;
- Comply with applicable law and law enforcement requirements;
- Protect against malicious, deceptive, fraudulent or illegal activity;
- Prosecute those responsible for malicious, deceptive, fraudulent or illegal activity; and
- Defend against or bring legal action, claims and other liabilities.
Categories of Sources of Personal information
We collect or obtain personal information of Consumers from the following sources:
- Information provided to us by Consumers;
- Information we obtain on our own;
- Information provided to us through collaboration with Consumers;
- Information provided to us in the course of our relationship with Consumers;
- Information made public by Consumers;
- App data;
- Site data;
- Information registered by Consumers;
- Information obtained from content and advertising providers; or
- Information provided to us by third parties.
Disclosure of Personal information
We do not sell any personal information to third parties. In particular, we do not sell the personal information of minors under 16 years of age. In the preceding 12 months, we have disclosed the following categories of personal information to the following categories of recipients:
| Categories of recipients | Categories of personal information |
|---|---|
| Vendors who may need access to Consumers’ personal information to help us provide our services. |
|
| Entities who provide us with email address management and communication contact services, and those who analyze and enhance our marketing campaigns and service. |
|
| Entities we partner with to assist us with our Weverse community events. |
|
- Categories of recipients: Vendors who may need access to Consumers’ personal information to help us provide our services.
- Categories of personal information:
- Personal identifiers
- Categories of personal information enumerated in Cal. Civ. Code § 1798.80 (e)
- Protected classification (if provided)
- Internet or other electronic network activity information
- Inferences for use in creating a consumer profile
- Categories of recipients: Entities who provide us with email address management and communication contact services, and those who analyze and enhance our marketing campaigns and service.
- Categories of personal information:
- Personal identifiers
- Categories of personal information enumerated in Cal. Civ. Code § 1789.80 (e)
- Protected classification (if provided)
- Internet or other electronic network activity information
- Inferences for use in creating a consumer profile
- Categories of recipients: Entities we partner with to assist us with our Weverse community events.
- Categories of personal information:
- Personal identifiers
- Categories of personal information enumerated in Cal. Civ. Code § 1789.80 (e)
Clause Article 11 of this Notice shall be replaced with the following:
Article 11 California’s “Shine the Light” Law
Under California’s “Shine the Light” law, California residents are entitled to ask us for a notice describing what categories of personal customer information we share with third parties or our affiliates in connection with direct marketing performed by such third parties or our affiliates. The aforementioned notice will identify the categories of information we shared with third parties and our affiliates, and will include a list of names and addresses of such data recipients. If you are a California resident and would like a copy of this notice, please submit a written request to the following email address:
| Email Address | |
|---|---|
| For Company website, Apply to join as an artist | privacy@weverse.io |
- Email Address:
- For Company website, Apply to join as an artist
- privacy@weverse.io
Clause Article 12 of this Notice shall be replaced with the following:
Article 12 Consumer Rights under the CCPA
If you are a Consumer, the CCPA grants you the following rights regarding your personal information. If you make a certain request to us in order to exercise, or cause an authorized representative you appointed to exercise on your behalf, your rights to know and delete set forth in the CCPA, we will generally require you to provide us with certain personal information for the purpose of identifying you in the course of handling your request and compare such personal information against the personal information we have collected about you to verify your identity (“verifiable consumer request”).
Verifiable consumer requests to know or delete may be submitted through one of the following methods:
- Call us toll free at: +1 (209) 370-0219
- Email Address:
- For Company website, Apply to join as an artist
- privacy@weverse.io
| Email Address | |
|---|---|
| For Company website, Apply to join as an artist | privacy@weverse.io |
Right to Know About Personal Information We Collected about You
Consumers have the right to submit a verifiable consumer request that we disclose the following personal information we collected about you over the 12-month period preceding the verifiable consumer request, in a readily useable format:
- The categories of personal information we collected about you
- The purposes for which the categories of personal information collected about you will be used.
- The categories of sources for the personal information we collected about you.
- The categories of third parties with whom we share your personal information.
- Our business or commercial purpose for collecting your personal information.
- The specific pieces of personal information we collected about you.
- The categories of personal information we have disclosed for a business purpose.
Right to Request Deletion of Personal Information
Consumers have the right to request that we delete any personal information we have collected from them.
Right to Non-Discrimination
Consumers have the right to be free from discrimination when they exercise their rights under the CCPA and, should you exercise those rights, we cannot:
1. Deny you goods or services;
2. Charge you a different price or rate for goods or services;
3. Provide you with a different level of quality of goods or services;
4. Suggest that you may receive a different level of quality of goods or services.
Notice of Financial Incentive
We offer consumers who provide personal identifiers, including their name, home address, and email address, and commercial information, including their purchase history and access to Weverse community events. As participants in these programs, consumers will have the opportunity to win prizes. The value of this personal information to our business will vary depending on the consumer's purchases from Weverse. Consumers may opt-in to our community events by signing up on our website. Consumers may cancel their participation in these events at any time.
Authorized Agent
Under the CCPA, you may appoint an authorized agent to submit requests to exercise your rights on your behalf. Should you choose to do so, for your and our protection, we will require your authorized agent to provide us with a signed permission demonstrating they are authorized to submit a request on your behalf. We note, should your authorized agent fail to submit proof that they have been authorized to act on your behalf, we will deny their request.
Clause Article 13 of this Notice is not applied.
Japan
According to the purpose of the Article, the “relevant laws" and “relevant Korean laws" stated in this Notice shall be replaced with the Act on the Protection of Personal Information (Act No. 57 of 2003) and relevant Japanese laws.
The terms used in Clause Article 2 of this Notice shall be replaced with the following:
The description of this Notice shall be replaced with the following: “We process your personal information for the following purposes pursuant to applicable law.”
Clause Article 4 (Provision of Personal Information to Third Parties), Article 5 (Entrustment of Personal Information), and Article 6 (International Transfer of Personal Information) of this Notice shall be replaced with the following:
Except in the following cases, we do not provide third parties with your personal information, unless you consent thereto or the disclosure is otherwise expressly prescribed in applicable law.
- Please refer to details about providing personal information to third parties in Article 4.
Joint Use
The companies listed below and included in the above details about third parties provided with personal information are part of the company’s group. The types of jointly used personal information; the bounds of jointly using parties; the purpose of using; and the names of the companies and their representatives with responsibilities of managing personal information are listed below.
Companies included in the group (jointly using parties): HYBE Co., Ltd., BIGHIT MUSIC, Inc., PLEDIS Entertainment, Inc., BElift Lab Inc., KOZ ENTERTAINMENT, SOURCE MUSIC Co.Ltd., ADOR Co., Ltd., WEVERSE COMPANY Inc., WEVERSE JAPAN Inc.
- Types of information for joint use: Same as listed in “Details About Providing Personal Information To Third Parties" and “Types of personal information”.
- Management responsibilities: The names of the company’s representatives are the same as listed in each company’s website.
- Purpose of use: Same as listed in “Details About Providing Personal Information To Third Parties" and “Types of personal information”.
References: Personal Information Protection Systems of Countries Receiving Information
Provision by Entrustment
The company has entrusted specialized companies and platforms with the tasks of processing personal information within reasonable scopes, in order to achieve the purposes of providing service and fulfilling contracts, and improving the convenience of customers.
- Please refer to details about entities to which personal information is outsourced in Article 5.
- Please refer to details about the international transfer of personal information in Article 6
When signing a contract with entrusted companies, important issues are addressed including prohibition of processing personal information for purposes other than entrusted purposes; technical and managerial measures to protect information; prohibition of re-entrustment; management and supervision of entrusted companies; and indemnification for possible damages. The company supervises the entrusted companies to ensure they handle the information safely.
If there are any changes in the entrusted tasks or list of entrusted companies, we will make sure to notify by sharing the revised Privacy Policy.
References: Personal Information Protection Systems of Countries Receiving Information
he following shall be added to Clause Article 12.
- COMPANY: WEVERSE COMPANY In.
- ADDRESS: 6F, C, Pangyo Tech-One Tower, 131, Bundangnaegok-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea
- CEO: JOON WON CHOI