PayTuition

Privacy Policy

HOME Privacy Policy

Privacy Policy

Under the Privacy Act, ‘www.pay-zoom.com (hereinafter 'Payus') designed following policy to protect users’ privacy and interests and to handle complaints related to personal information smoothly.
Payus will notify you via the website (or individual notice) when a modification on the privacy policy arises.

○ This policy takes effect on August 1, 2018.

The policy is revised on January 12, 2021.
1. purposes of handling personal information
Payus processes personal information for the following purposes. Your personal information processed by Payus is not used for any purpose other than the purposes specified in the following, and we will ask for prior consent when any change occurs in the purposes of use.

A. website registration and management

We collect personal information to check intention to join membership, to check identification and authentication of individual members with membership service provision, to maintain and manage members’ qualifications, to identify members as a limited identification policy has been introduced, to prevent unauthorized use of services, to check legal representative’s presence in collection of personal information of children under 14 years and to record notices, claims and mediation.

B. civil petitions treatment

We collect and handle personal information for identifying applicants, verifying petitions, contacting applicants for questioning, and notifying the outcome of the facts.

C. Supply of goods or services

We collect and handle personal information for the purpose of service provision, contents provision, authentication, payment and settlement

D. Use for marketing and advertising

We collect and handle personal information for validating the service, checking access frequency, or finding statistic value of the members’ service use.
2. Personal Information items
  • - Colleting Personal information: University name, Student number, Virtual account number of Hana Bank, name, credit card information, service use records, access logs, cookies, access IP information, payment history
  • - Collection method: website
  • - Reasons for retention: member management
  • - Retention period: 5 years
3. Processing and retention period of personal information

A. Payus handles and retains personal information only during the period specified by relevant statutes for retaining and using personal information or the period to which each user consents when we collect the user’s personal information.

B. Each personal information processing and retention period is as follows.

- Related law
① Records on collection/processing and use of credit information: 3 years

② Records on consumer complaints or dispute settlement: 3 years 

③ Records on payment and supply of goods: 5 years 

④ Records on contract or subscription withdrawal: 5 years

⑤ Records on display/advertisement: 6 months

4. Matters concerning provision of personal information to third parties

A. Payus provides personal information to third parties only if a case falls under Articles 17 and 18 of the Privacy Act, including consent from an information subject and special provisions of the law.

B. Payus provides personal information to third parties as follows:

  • - Recipient: Nice payment Inc.
  • - Information provided: credit card payment information
  • - Recipient’s purpose of personal information use: credit (debit) card payment
  • - Recipient’s retention/usage period: 5 years
5. Matters concerning outsourced processing of personal information
We outsource personal information processing services to third party service providers to facilitate and improve our services as follow.

A. In accordance with Article 25 of the personal information protection act, Payus specifies responsibilities including banning a processing of personal information other than for the purpose of carrying out requested services, enforcing technical and administrative protection measure, limiting re-appointments, supervising and managing consignees and compensation; also supervises consignees to handle personal information safely.

B. We will inform you through this Privacy Policy without delay, in the event of any changes in consigned duties or consignees.

6. Exercise of rights of personal information
Rights and obligations of the information subject and the legal representative to exercise the rights as a personal information subject can exercise the following rights.

A. The information subject may exercise the right to view, correct, delete, or stop processing personal information at any time with respect to Payus .        

B. The exercise of the rights pursuant to the preceding paragraph may be done in writing or via e-mail, etc. in accordance with Article 41, Paragraph 1 of the Enforcement Decree of the Personal Information Protection Act , and Payus will take action without delay.        

C. The exercise of rights under paragraph A can be through a representative, such as a person who is the legal representative or a delegate of the data subject. In this case, you must submit a power of attorney in accordance with the form of Attachment 11 of the Enforcement Regulations of the Personal Information Protection Act .        

D. The rights of the information subject may be restricted according to Article 35 (5) and Article 37 (2) of the Personal Information Protection Act for requests to view and suspend personal information.        

E. Request for correction and deletion of personal information cannot be requested for deletion if the personal information is specified as the object of collection in other laws.        

F. Payus verifies whether the person making the request, such as a request for access according to the rights of the information subject, a request for correction or deletion, or a request for processing suspension, is the person or a legitimate agent. 

7. Destruction of personal information
In principle, Payus destroys a user’s personal information after the purposes of handling the personal information have been attained. The procedure, deadlines, and methods for destroying it are as follows:

- Procedure for destruction

The information entered by a user is transferred to a separate DB upon achievement of the purpose (to a separate document in the case of paper) and stored for a certain period according to internal policies and other related regulations; after a certain period, it is immediately destroyed. In this process, the personal information transferred to DB will not be used for any other purpose except under the law.

- Deadline for destruction

The personal information of the user shall be disposed of within five days from the end of the retention period. When the information is no longer needed due to achievement of the purpose, discontinuance of services, and end of business, the personal information will be destroyed within 5 days from the day of such recognitions.

- Methods for destruction

The foundation destroys personal information stored in the form of electronic files, which can not be revived.
For personal information stored in the form of paper documents is destroyed by shredding or incineration.
8. Matters operation of automatic device for collecting personal information and concerning rejection of installment the device

A. Payus uses ‘cookie’, which saves and recalls user’s data, to provide customized service.

B. A cookie is a small piece of text file usually set by the web server (http), sent from a website and stored in a User's computer hard disk while the user is browsing that website.

  • ① purpose of cookies: cookies enable Payus to anonymously track how visitors access and brows our website and each service, popular search word, secure connections, thereby enabling us to optimize our provision of information.
  • ② installment and operation of cookies/disabling cookies: you can change the settings to block cookies – in internet explorer, click internet options on the tools menu, and then click the security tab.
  • ③ If you disable the cookies that we use, this may affect your experience while on the website, for example, you may not receive personalized service we provide on our website.
9. Privacy Officer information

A. We designate a privacy officer as shown below to take responsibility for personal information handling and to respond to complaints and damage relief of information subjects.

<Privacy officer >
- name : Jeongwon Roh
- Tel: +82-2-6954-3468
- email: payusinfo@gmail.com
※ You will be directed to personal information infringement report center

B. You can report any complaint on privacy issues in relation to the use of our services to our privacy officer or to personal information infringement report center. Payus will respond to your reports promptly.

10. modified personal information collection agreement

This Privacy Policy will be applied as of the date of enforcement. In the event that changes are added, deleted, or corrected in accordance with legislations and policies, the change will be notified 7 days before the date of execution.

11. Measures to ensure security of personal information
Payus takes technical/ administrative and physical measures to ensure security under Article 29 of the privacy act.

A. Regular in-house inspection

We conduct in-house inspections on a regular basis (quarterly) to ensure security in handling personal information.

B. Establishing and implementing an internal management plan

We establish and implement an internal management plan to handle personal information safely.

C. Encryption of personal information

Your password is kept and managed as it is encrypted, so you are the only person who knows the password. For important data, we use separate security functionality such as encrypting file and transmission data or file lock features.

D. Storage of access records and prevention of forgery

We store and manage access records at least 6 months in personal information handling system. We use security function to prevent from forgery, theft and loss.

E. Restriction on access to personal information

We take necessary measures to control access to personal information through granting, modification, and cancellation of access authority to database system, which processes personal information. We also use firewall system to control access from the outside.

F. Use of lock features for document security

We store documents and storage mediums consisting personal information in safe place with lock features.

G. Access control for unauthorized person

We have a physical storage separately, and we establish and conduct access control procedures.