logo

Privacy Policy

Lab24 (hereinafter referred to as the "Company") operates 'Dreamer' and, in compliance with Article 30 of the Personal Information Protection Act in Korea, has implemented this privacy policy to safeguard users' personal information and address any related concerns promptly and effectively. Since the 'Dreamer' service servers are located in Korea, all personal information collected and processed through the service is subject to Korean law. The Company strictly adheres to the Personal Information Protection Act and all applicable Korean laws and regulations, ensuring that all data handling, retention, and transfer are conducted in full compliance with these legal requirements to protect users' rights and privacy to the highest standard.

1. Collection of Personal Information

  1. The Company collects the minimum amount of personal information necessary for the use of its services. Personal information will not be used for purposes other than those specified below, and if the purpose of use changes, the Company will take necessary measures, such as obtaining separate consent, in accordance with Article 18 of the Personal Information Protection Act.
  2. Dreamer provides services to users aged 14 and older.
  3. The Company processes users' personal information as follows:

Membership Registration and Service Use

Purpose of CollectionMandatory InformationOptional InformationRetention and Use Period
Google Sign-UpUser name /EmailUser-selected valuesUntil service withdrawal
Provision of AI Services and Improvement of Service Performance and AlgorithmsService usage behavior information (input data and results)Until service withdrawal

Marketing

Purpose of CollectionMandatory InformationRetention and Use Period
Sending information on Dreamer events, benefits, service updates, and other related informationEmail, User nameUntil consent is withdrawn

Service Operation and Management

Purpose of CollectionMandatory InformationRetention and Use Period
Payment Card Registration and PaymentPartial card number, expiration date, first 2 digits of the card PIN (The Company does not store any payment information other than the last 4 digits of the card number.)Until service withdrawal or up to 5 years in accordance with relevant laws

Personal Information Without Consent

During the use of the service, additional information may be generated or collected, including IP addresses, cookies, access logs, visit dates and times, service usage records, and records of misuse.

2. Purpose of Personal Information Use

We may process personal information for the following purposes:

  • To provide, manage, maintain, and evaluate our services
  • To improve our services and conduct relevant research
  • To communicate with users
  • To develop and implement new features and services
  • To prevent misuse or abuse of the service
  • To protect the systems, infrastructure, and networks that support the service
  • To safeguard the legal rights of the company, users, and third parties, and to comply with legal obligations

Personal information will only be used for the purposes outlined above. If a new purpose arises, we will take the necessary steps to ensure compliance with relevant laws, including obtaining additional consent if required. We do not "sell" personal information or "share" it for cross-contextual behavioral advertising, as defined by applicable local laws.

Personal Information Without Consent

During the use of the service, additional information may be generated or collected, including IP addresses, cookies, access logs, visit dates and times, service usage records, and records of misuse.

3. Retention, Use Period, and Disposal of Personal Information

We may process personal information for the following purposes:

  1. The Company will promptly dispose of personal information when it is no longer necessary, such as when the retention period agreed upon by the user has expired or the processing purpose has been fulfilled. Personal information stored in electronic files will be destroyed in a manner that prevents recovery, and information recorded or stored on paper will be shredded or incinerated.
  2. However, if it is necessary to retain personal information in accordance with internal policies or relevant laws, the information will be securely stored in a separate database for the period specified below. During this time, the Company will retain the personal information in compliance with legal regulations and will not use it for any other purposes.
  3. The details of personal information retention and disposal are as follows:

Personal information will only be used for the purposes outlined above. If a new purpose arises, we will take the necessary steps to ensure compliance with relevant laws, including obtaining additional consent if required. We do not "sell" personal information or "share" it for cross-contextual behavioral advertising, as defined by applicable local laws.

Retention Based on Company Internal Policies

Retained InformationReason for RetentionRetention and Use Period
User InformationPrevention of re-registration and misuse after withdrawal (stored and processed in an unidentifiable state)6 months from the date of withdrawal
User RecordsRefund processing and complaint handling6 months from the date of processing completion

4.

However, in the following cases, personal information will be retained until the specified period has ended.

Retention Based on Legal Requirements

Retained InformationLegal BasisRetention Period
Records of contracts or withdrawal of offersAct on the Consumer Protection in Electronic Commerce, etc.5 years
Records of paymentAct on the Consumer Protection in Electronic Commerce, etc.5 years
Records of consumer complaints or dispute resolutionAct on the Consumer Protection in Electronic Commerce, etc.3 years
Records of display/advertisingAct on the Consumer Protection in Electronic Commerce, etc.6 months
Books and supporting documents related to all transactions as specified in tax lawsFramework Act on National Taxes5 years
Records of electronic financial transactionsElectronic Financial Transactions Act5 years
Access recordsProtection of Communications Secrets Act3 months
Records of communication verificationProtection of Communications Secrets Act12 months

4. Outsourcing for Service Provision and Infrastructure Management

The Company outsources certain tasks to external parties to facilitate the smooth processing of personal information. When entering into an outsourcing contract, the Company manages and supervises the entrusted party to ensure that personal information is handled securely. If the scope of the entrusted tasks or the entrusted parties changes or additional parties are involved, the Company will promptly disclose this through the Privacy Policy or seek prior consent in accordance with relevant laws.

5. Provision of Personal Information to Third Parties

The Company processes personal information within the scope specified for its collection and use. Personal information will not be processed beyond its original purpose or provided to third parties without the prior consent of the data subject, except in the following cases:

  • When separate consent has been obtained from the data subject.
  • When required by law or when special provisions are outlined in other laws.
  • When it is difficult to obtain prior consent from the data subject due to incapacity or unknown address, and it is deemed necessary to protect the urgent interests of the data subject or a third party, such as life, body, or property.
  • When personal information is provided in a form that cannot identify a specific individual, for purposes such as statistical analysis or research.
  • When the use of personal information beyond its original purpose, or its provision to a third party, is necessary to perform tasks as stipulated by law, and the case has undergone deliberation and resolution by the Protection Committee.
  • When it is necessary to provide information to foreign governments or international organizations to fulfill treaties or other international agreements.
  • When required for criminal investigations or the initiation and maintenance of legal proceedings.
  • When necessary for the court to perform its judicial duties.
  • When required for the execution of sentences, protective custody, or protective measures.
  • When an emergency situation arises, such as a disaster, infectious disease, imminent danger to life or body, or urgent property loss.

Details of Entrusted Company and Task

Entrusted CompayEntrusted Task
Google LLCWeb usability analysis and improvement, account verification, and service provision for membership services
MixpanelWeb usability analysis and improvement
Amazon Web ServiceData storage and management of computing systems

6. User Rights and Obligations and Exercise Methods

  1. Users have the right to request access to, correction of, deletion of, or suspension of the processing of their personal information by the Company at any time.
    • Access to Personal Information: Log in > My Page menu > Settings
    • Delete Account: To delete your account during the beta service period, please contact us at dreamer.lab24@gmail.com
    • Content Management: To delete your images created and uploaded while using the service, please contact dreamer.lab24@gmail.com
  2. Requests for access to or suspension of processing of personal information may be restricted under Article 35(4) and Article 37(2) of the Personal Information Protection Act.
  3. Requests for correction or deletion of personal information cannot be made if the information is required to be collected by other laws.
  4. The Company may verify that the person making the request for access, correction, deletion, or suspension of processing is either the user themselves or a legitimate representative.

7. Cookie Policy

The Company uses cookies to store and retrieve user information as necessary to provide personalized services.

  1. Definition of Cookies: Cookies are small text files that a website’s server sends to the user's browser, which are then stored on the user's computer hard drive.
  2. Purpose of Use: Cookies help users conveniently navigate the website according to their set preferences during visits. They are also used to analyze users' visit records and usage patterns to provide personalized and customized services.
  3. Refusal of Cookie Collection: Cookies do not store any information that can personally identify an individual, and users have the option to choose whether or not to use cookies. Users can configure their web browser settings to allow cookies, request confirmation when cookies are stored, or refuse the storage of cookies altogether.
  4. Examples of Cookie Settings:
    • Edge: Settings > Cookies and Site Permissions > Manage and delete cookies and site data
    • Chrome: Settings > Privacy and Security > Cookies and other site data
    • Whale: Settings > Privacy Protection > Cookies and other site data
    • Android: Settings > Internet Settings > Privacy and Security > Other > Refuse to allow cookies
    • iOS: Settings > Safari > Privacy and Security > Block all cookies

Users can change their cookie settings through the settings menu of each browser. Please note that refusing cookies may limit the use of certain functions on the website.

8. Measures to Ensure the Security of Personal Information

The Company implements the following technical, administrative, and physical measures to ensure the security of personal information:

  1. Minimization and Training of Personnel Handling Personal Information: The Company minimizes the number of employees who handle personal information and conducts regular privacy protection training to ensure proper management of personal data.
  2. Access Restriction to Personal Information: The Company takes necessary measures to control access to personal information by granting, modifying, and revoking access rights to the database system that processes personal information.
  3. Storage and Prevention of Tampering with Access Records: The Company retains and manages access records for the personal information processing system for at least one year to prevent tampering.
  4. Encryption of Personal Information: Users' personal information is encrypted, securely stored, and managed.
  5. Installation and Regular Inspection/Update of Security Programs: The Company installs security programs and regularly updates and inspects them to prevent personal information leakage and damage caused by hacking or computer viruses.

Users can change their cookie settings through the settings menu of each browser. Please note that refusing cookies may limit the use of certain functions on the website.

9. Contact

The Company takes overall responsibility for the processing of personal information and strives to provide consultation and remedies for any breaches of personal information. For any inquiries related to the privacy policy, please contact the officer listed below.


Jaemin Chung(CEO)
dreamer.lab24@gmail.com

10. Modification of the Privacy Policy

The Company may revise its Privacy Policy to reflect changes in laws or services. If the Privacy Policy is amended, the Company will notify users of the changes at least 7 days before they take effect, and the revised policy will apply from the effective date specified in the notice. However, if there are significant changes that impact users' rights, such as changes to the types of personal information collected or the purposes of its use, the Company will provide prior notice at least 30 days in advance.

  • This Privacy Policy will take effect on September 1, 2024.