Privacy Policy
We value and protect your personal information
Effective Date: July 4, 2025
Focus (hereinafter 'Company') values users' personal information and complies with relevant laws including the Personal Information Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection. The company informs users about the purposes and methods for which personal information provided by users is being used, and what measures are being taken to protect personal information through this privacy policy.
The company processes personal information for the following purposes. Personal information being processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures such as obtaining separate consent will be implemented in accordance with Article 18 of the Personal Information Protection Act.
a. Website membership registration and management
Personal information is processed for the purposes of confirming membership registration intent, identity verification and authentication for membership services, maintaining and managing membership status, preventing unauthorized service use, confirming consent from legal guardians when processing personal information of children under 14, various notices and notifications, and complaint handling.
b. Provision of goods or services
Personal information is processed for the purposes of providing subscription services, content provision, customized service provision, identity verification, age verification, subscription fee payment and settlement, and service usage statistical analysis.
c. Marketing and advertising utilization
Personal information is processed for the purposes of developing new services (products) and providing customized services, providing events and advertising information and participation opportunities, providing services and advertising based on demographic characteristics, confirming service validity, identifying access frequency, or statistics on members' service usage.
The company processes the following personal information items.
a. Membership registration and management
Required items: Email address, user's service usage records, access logs, access IP information, cookies, service usage time
Optional items: Payment information (card numbers, account information, etc. - managed with encryption), profile information
b. Subscription service provision
Required items: Subscription plan information, payment cycle, service usage history, subscription start and end dates
c. Information automatically generated and collected during internet service use
IP address, cookies, MAC address, service usage records, visit records, app usage patterns, focus measurement data, work performance time, etc.
The company processes and retains personal information within the personal information retention and use period according to law or the personal information retention and use period agreed upon when collecting personal information from data subjects.
a. Website membership registration and management
Until member withdrawal. However, in the following cases, until the corresponding reason ends
- When investigation or inquiry due to violation of related laws is in progress: until the corresponding investigation or inquiry ends
- When credit-debt relationship remains due to website usage: until the corresponding credit-debt relationship is settled
b. Subscription service provision
Until subscription service usage ends and payment settlement is completed. However, in the following cases, until the corresponding period ends
Consumer Protection Act in Electronic Commerce
- Records on advertising and display: 6 months
- Records on contracts or subscription cancellation, subscription fee payment, service usage: 5 years
- Records on consumer complaints or dispute resolution: 3 years
Telecommunications Privacy Protection Act
- Subscriber telecommunications date and time, start/end time, counterpart subscriber number, etc.: 1 year
- Computer communications, internet log record data, access location tracking data: 3 months
The company destroys personal information without delay when personal information becomes unnecessary due to expiration of retention period, achievement of processing purposes, etc.
a. Destruction Procedures
Information entered by users is transferred to a separate DB (separate documents in case of paper) after achieving the purpose and stored for a certain period according to internal policies and other related laws, then destroyed immediately. Personal information transferred to DB is not used for other purposes unless required by law.
b. Destruction Deadline
User's personal information is destroyed within 5 days from the end date of the retention period when the personal information retention period has expired, and within 5 days from the date when personal information processing is deemed unnecessary due to achievement of personal information processing purposes, service termination, business closure, etc.
c. Destruction Methods
• Electronic file format information: Complete deletion using technical methods that cannot reproduce records
• Personal information printed on paper: Destruction through shredding or incineration
Users may exercise the following rights as data subjects.
a. Rights of Data Subjects
- Request for access to personal information
- Request for correction in case of errors
- Request for deletion
- Request for processing suspension
b. Methods of Exercising Rights
• You may exercise rights against the company in writing, email, fax, etc. according to Article 41, Paragraph 1 of the Personal Information Protection Act Enforcement Decree, and the company will take action without delay.
• When data subjects request correction or deletion of errors in personal information, the company will not use or provide the relevant personal information until correction or deletion is completed.
• Rights may be exercised through legal representatives of data subjects or authorized agents.
• Requests for personal information access and processing suspension may be restricted according to Article 35, Paragraph 4 and Article 37, Paragraph 2 of the Personal Information Protection Act.
The company does not provide users' personal information to external parties in principle. However, the following cases are exceptions.
- When users have given prior consent
- When required by law or when investigative agencies request according to procedures and methods defined by law for investigation purposes
Current Third-Party Personal Information Provision Status
The company is currently not providing users' personal information to third parties.
The company is currently not consigning personal information processing tasks to external parties. If personal information processing tasks are consigned in the future, we will notify the consignment facts in advance and obtain necessary consent according to relevant laws.
The company is currently not transferring users' personal information overseas. If international transfer becomes necessary for service provision in the future, we will notify the transfer facts in advance and obtain necessary consent according to relevant laws.
The company takes the following measures to ensure the security of personal information.
a. Administrative Measures
- Establishment and implementation of internal management plans
- Minimization and training of personal information handlers
- Organization and operation of dedicated personal information protection teams
- Regular internal audits
b. Technical Measures
- Access control management for personal information processing systems
- Installation of access control systems
- Encryption of unique identification information
- Installation of security programs and regular inspection/updates
- Storage and forgery prevention of access records
- Use of security devices for document security
c. Physical Measures
- Access control of computer rooms, data storage rooms, etc.
- Access control for unauthorized personnel
- Locking devices for documents and auxiliary storage media containing personal information
This privacy policy applies from July 4, 2025, and when there are additions, deletions, and corrections of changes according to laws and policies, we will notify through announcements 7 days before the implementation of changes.
Notice Obligation Before Revision
When the company revises the privacy policy, it will notify the revision reasons and changes without delay, and the revised content will be posted so that users can check it at any time. However, when there are important changes to users' rights or duties, we will notify at least 30 days in advance.
The company designates a privacy protection officer as follows to take overall responsibility for personal information processing and handle data subjects' complaints and damage relief related to personal information processing.
Privacy Protection Officer
Name: Younghyun Kim
Position: CEO
Phone Number: 010-5172-5645
Email: swmaestrong@gmail.com
Data subjects may contact the privacy protection officer and relevant departments regarding all personal information protection inquiries, complaint handling, damage relief, etc. that occur while using the company's services (or business). The company will respond and process data subjects' inquiries without delay.
Other Personal Information Violation Report and Consultation Agencies
If you need to report personal information violations or require consultation from agencies other than our company, please contact the following organizations.
- • Privacy Protection Portal (privacy.kisa.or.kr / 118)
- • Personal Information Violation Report Center (privacy.kisa.or.kr / 118)
- • Supreme Prosecutors' Office Cyber Investigation Division (www.spo.go.kr / 1301)
- • National Police Agency Cyber Bureau (ecrm.cyber.go.kr / 182)