Privacy Policy

Huobi Co., Ltd. (hereinafter referred to as “the Company“) observe privacy protect act article 30. and personal information in accordance with the personal information protection act, and to smoothly and faster deal with relevant complaints from users.

Article 1 [Purpose of Personal Information Processing]

The Company processes personal information for the following purposes: The personal information being processed is not used for purposes other than the following purposes, and if the purpose of use is changed, we will implement necessary measures such as obtaining consent in accordance with Article 18 of the Personal Information Protection Act.

  • 1. Sign Up and Management of the Website
    • Personal identification, provision of age-restricted services, confirmation of the intent of the applicant, confirmation of membership, restriction of re-entry, record of inquiries and dispute settlement, confirmation of membership withdrawal, notification of notification.
  • 2. Providing Goods or Services
    • VIP service, point card (fee reduction coupon) service, point card transfer service.
  • 3. New Service Development and Marketing • Use in Advertising
    • Development of new services and provision of customized services, provision of services according to statistical characteristics, ad display, validation of services, provision of event and advertisement information and participation opportunities, identification of access frequency,
  • 4. Complaints Handling
    • Processing personal information for the purpose of confirming the identity of the complainant, confirming the contents of complaint, contacting and notifying for the investigation, and notifying the result of processing
  • 5. Investigation Related Request
    • Providing necessary information in case of a fair and legal investigation fulfilling the obligation or abiding the law referring to accident investigation on events of hacking/fraud.
Article 2 [The Period of Processing and Possessing Personal Information]

In case of collecting personal information, the company will notify the member in advance about the relevant contents and will only collect the information with the member’s consent. The company complies with the following contents in case of collecting personal information.

  • 1. The company processes ∙ possesses the personal information within the period of processing and possessing personal information following the law or following the consent from the member.
  • 2. The period for processing and possessing personal information is as follows.
    • ① Personal information related to service use (login history)
      • Retention grounds: Communications Privacy Protection Act
      • Retention period: 3 months
    • ② Record of display / ad
      • Retention ground: Consumer Protection in e-Commerce Act
      • Retention period: 6 months
    • ③ Record of agreement or withdrawal
      • Retention ground: Consumer Protection in e-Commerce Act
      • Retention period: 5 years
    • ④ Record of payment and goods supply
      • Record of payment and goods supply
      • Retention period: 5 years
    • ⑤ Records of consumer complaints or disputes
      • Retention ground: Consumer Protection in e-Commerce Act
      • Retention period: 5 years
    • ⑥ Records on electronic financial transactions
      • Retention ground: Electronic Financial Transaction Law
      • Retention period: 5 years
  • However, in case which an investigation ∙ inquiry is ongoing due to violation of relevant laws, the information may be possessed and used till the investigation ends.
Article 3 [Content about Providing Personal Information to Third Parties]

The company processes personal information owned by the object only within the range mentioned in Article 1 [Purpose of Personal Information Processing], and provides personal information to the third party only with the object’s consent or in case of violation of Article 17 or 18 of Act on the Protection of Personal Information and other special regulations relevant to the topic.

Article 4 [Content about Consigning the Process of Personal Information]
  • 1. The Company consigns processing personal information to effectively process personal information.
    • ① Danal Co., Ltd
      • Purpose of Provision: User identification verifying service.
      • Purpose of Provision: Text sending service
    • ② Amazon Web Service, Inc
      • Purpose of Provision : Data Security Service
      • Period of Possessing : Till the termination of membership or the end of the consignment agreement, as specified in the relevant regulation.
    • ③ Infobank Co., Ltd.
      • Purpose of Provision: Text sending service
      • Retention Period: Until the withdrawal of membership or due date of consignment contract by corresponding law.
    • ④ Zendesk, Inc
      • Purpose of Provision: Customer support service
      • Retention Period: Until the withdrawal of membership or due date of consignment contract by corresponding law.
    • ⑤ GS Neotek Co., Ltd.
      • Purpose of Provision: Customer support service
      • Retention Period: Until the withdrawal of membership or due date of consignment contract by corresponding law.
  • 2. At the conclusion of the trust agreement, the Company shall, in accordance with the Article 25 of the Personal Information Protection Act, make the contracts such as the prohibition of the processing of personal information for the purpose of conducting the duties, technical and managerial protection measures, restricting the reassignment, management and supervision of the trustee, It is stated in the document and supervises whether the trustee handles personal information securely.
  • 3. The Company will disclose the contents of the consignment service or the trustee through this personal information processing policy without any delay.
Article 5 [Content about Transferring Personal Information Abroad]
  • 1. Name of person to whom personal information is to be transferred and contact person in charge of information management
    • Personal information recipient: Huobi Global, Inc.
    • Contact of the manager of personal information processing
    • Email : [email protected]
  • 2. State of transfer of personal information, transfer date of personal information and transfer method: China, occasionally transferred by electronic means
  • 3. Personal information items transferred: login ID (email address, mobile phone number, nationality), transaction details, account information
  • 4. Purpose of using personal information of personal information recipient: virtual asset trade and abnormal transaction detection service
  • 5. Retention period of personal information by personal information recipient
    • Retain until the purpose of collection and the purpose for which it has been provided is fulfilled and the member asks for withdrawal or revokes the consent as soon as it is withdrawn (provided that the information to be retained by the relevant statute is kept as prescribed by the law)
  • 6. The Company shall, at the time of the conclusion of the contract of trust, comply with the provisions of Article 25 of the Personal Information Protection Act in order to prohibit the processing of personal information except for the purpose of conducting the duties, technical and administrative protection measures, restricting the re-entrustment, managing and supervising the fiduciary, Contract, etc., and supervises whether the trustee handles personal information securely.
  • 7. In case of the contents of the consignment service or the consignee change, the Company will disclose it through this personal information processing policy without delay.
Article 6 [Content about Rights and Duties of the Object of Information and the Legal Representative and Ways to Execute]
  • 1. The Subject may exercise the right of privacy at any time with respect to the Company.
    • ① Personal information inquiry request
    • ② Error correction request
    • ③ deletion request
    • ④ Process stop request
  • 2. The exercise of rights pursuant to Paragraph (1) may be made in writing, e-mail or fax (FAX) according to Form 8 of the Enforcement Regulations of the Personal Information Protection Act.
  • 3. When a subject requests correction or deletion of personal information, the company will not use or provide the personal information until the correction or deletion is completed.
  • 4. The exercise of rights pursuant to Paragraph (1) may be made through a legal representative of the information entity or an agent such as the person who has been delegated. In this case, you must submit a power of attorney according to Form 11 of the Enforcement Regulations of the Personal Information Protection Act.
Article 7 [Personal Information Items Subject to Process]

The Company handles the following personal information items.

  • 1. Required fields: Login ID (email address or mobile phone number), nationality
  • 2. Optional items: None
  • 3. Mobile phone identity: Name, mobile phone number, date of birth, gender, internal / foreign information
  • 4. Basic identity verification for Korean won deposit and withdrawal: name, date of birth, gender, bank name, bank account number, deposit and withdrawal history
  • 5. Change of password: email address or mobile phone number
  • 6. During the use of the service, the following personal information items may be automatically generated and collected. (IP address, cookie, MAC address, service usage history, visit history, bad usage history, etc.)
Article 8 [Destruction of Personal Information]
  • 1. The Company discards personal information without delay when the personal information becomes unnecessary, such as the elapse of the personal information retention period and achievement of the processing purpose.
  • 2. In case of the personal information must be preserved in accordance with other laws and regulations, even though the period of retaining personal information has elapsed from the information subject or the purpose of processing has been accomplished, transfer the personal information to a separate database (DB).
  • 3. Procedures and methods of personal information destruction are as follows.
    • ① Destruction Procedure
      • The Company shall select the personal information that caused the reason for destruction, and destroy the personal information with the approval of the company's personal information protection officer.
    • ② Destruction Method
      • The Company records in the form of electronic files. The stored personal information is destroyed so that the record cannot be reused. The personal information recorded and stored in the paper document is crushed or destroyed by the crusher.
Article 9 [Personal Information Protection Officer]
  • 1. The Company is responsible for the handling of personal information and has designated the person responsible for the protection of personal information as follows to handle complaints and remedy of information related to personal information processing.
    • ▶ Personal Information Protection Officer
    • ▶ Personal Information Protection Department
      • Name of Department: Information Security Team
      • Person in Charge: NAM, Kwangpyo
      • Contact: T 1661-1046, Email [email protected], F 02-6713-1685
  • 2. You may inquire about personal information protection related complaints, complaints, damages remedies, etc., when you use the company's services. The company will answer and handle inquiries of the information subject without delay.
Article 10 [Infringement Remedies]
  • Users can inquire about damage prevention, consultation, etc. about infringement of personal information about the following organizations.
    • ▶ Personal Information Infringement Notification Center (operated by Korea Internet & Security Agency)
      • - Provisional affairs: Complaints of personal information infringement, consultation
      • - Homapage: http://privacy.kisa.or.kr
      • - Phone: 118
    • ▶ Personal Information Dispute Resolution Committee
      • - Jurisdiction: Personal information dispute settlement application, collective dispute settlement (civil settlement)
      • - Homapage : http://www.kopico.go.kr
      • - Phone: 1833-6972
    • ▶ Supreme Prosecutors' Office Cyber Crime Commissioner: 02-3480-3573 (http://www.spo.go.kr)
    • ▶ National Police Agency Cyber Safety Bureau: 182 (http://cyberbureau.police.go.kr)
Article 11 [Content about Securing Safety of Personal Information]

The Company takes the following measures to ensure the safety of personal information.

  • 1. The Company establishes and implements an internal management plan for the safe handling of personal information.
  • 2. The Company restricts personal information handlers to specific employees and takes measures to control access to personal information through the granting, modification, and cancellation of database system access for personal information processing.
  • 3. When transmitting / receiving personal identification information, password, credit card number, account number and bio information through information communication network and storing personal information of member in computer, mobile device and auxiliary storage medium, secure password Encrypted by algorithms to store and manage.
  • 4. The Company keeps and manages the records (web logs, summary information, etc.) accessed by the personal information handler to the personal information processing system and securely keep the connection records from being forged, stolen or lost.
  • 5. To prevent personal information of users from being leaked or damaged by hacking, viruses, etc., we operate a personal information leakage prevention system. We also strive to equip all possible technical devices to enhance system security.
  • 6. The Company has minimum access privileges to users' personal information, and regular training is held twice a year on employee security information acquisition and personal information protection duties.
  • 7. The Company establishes and operates the access control procedures for the physical storage places where personal information such as computer rooms and other control areas are kept and operated. The Company keeps documents and auxiliary storage media containing personal information in a safe place with lock.
Article 12 [Content about Installing ∙ Operating and Refusal against the Automated Personal Information Collection Equipment]
  • 1. The Company uses 'Cookies' that store and retrieve usage information from time to time to provide personalized services to members.
  • 2. A cookie is a small amount of information that a server (http) used to run a website sends to the user's computer browser and may be stored on the hard disk of the user's PC.
    • ① Purpose of Using Cookies: It is used to provide optimized information to members by identifying the visit and usage form of the page visited by the member, query word, security access and so on.
    • ② Installation and Operation of Cookies: Users have the option of installing cookies and may refuse to store or delete these cookies at any time.
    • ③ How to decline cookie settings
      • 1) Internet Explorer : Tools > Internet Option > Privacy > Custom Setup
      • 2) Chrome : Right Top Setting Icon > Setting > Advanced Setting > Privacy > Content Setting > Cookie
    • ④ If users refuse to store cookies, users may have difficulty using customized services.
Additional Article

Article 1 (Effective Date) This Privacy Policy V1.1 will be effective from September 19, 2018.