The following terms and conditions govern all use of the (www.isecard.com / www.theisec.com / www.isecard.co.kr) website and all content, services and products available through the website, including, but not limited to, the client area (collectively referred to as the Site).
Please read this Agreement carefully before accessing or using the Site. By accessing or using any part of the web site, you agree to become bound by the terms and conditions of this agreement. If you do not agree to all the terms and conditions of this agreement, then you may not access the Site or use any services. The Site is available only to individuals who are at least 13 years old.
Client area account
You are responsible for maintaining the security of your client area account, and you are fully responsible for all activities that occur under the account and any other actions taken in connection with the account. You must immediately notify the Operator of any unauthorized uses of your account or any other breaches of security. The Operator will not be liable for any acts or omissions by you, including any damages of any kind incurred as a result of such acts or omissions.
Contribution to website
If you leave comments anywhere on the Site, post material to the Site, post links on the Site, or otherwise make (or allow any third party to make) material available by means of the Site (any such material, "Content"), You are entirely responsible for the content of, and any harm resulting from, that Content. That is the case regardless of whether the Content in question constitutes text, graphics, audio, or computer software. By making Content available, you represent and warrant that:
•Downloading, copying and use of the Content will not infringe the proprietary rights, including but not limited to the copyright, patent, trademark or trade secret rights, of any third party
•You have fully complied with any third-party licenses relating to the Content, and have done all things necessary to successfully pass through to end users any required terms
•The Content does not contain or install any viruses, worms, malware, trojan horses or other harmful or destructive content
•The Content is not spam, is not machine or randomly generated, and does not contain unethical or unwanted commercial content designed to drive traffic to third party sites or boost the search engine rankings of third party sites, or to further unlawful acts (such as phishing) or mislead recipients as to the source of the material (such as spoofing)
•The Content is not pornographic, libelous or defamatory, does not contain threats or incite violence towards individuals or entities, and does not violate the privacy or publicity rights of any third party
By submitting Content to the Operator for inclusion on our Site, you grant the Operator a world-wide, royalty-free, and non-exclusive license to reproduce, modify, adapt and publish the Content for the purpose of displaying, distributing, promoting, marketing or any other lawful use.
Without limiting any of those representations or warranties, the Operator has the right (though not the obligation) to, in the Operator's sole discretion (i) refuse or remove any content that, in the Operator's reasonable opinion, violates any policy or is in any way harmful or objectionable, or (ii) terminate or deny access to and use of the Site to any individual or entity for any reason, in the Operator's sole discretion. The Operator will have no obligation to provide a refund of any amounts previously paid under these circumstances.
What information do we collect?
We may collect personally identifiable information from you in a variety of ways, including through online forms for ordering products and services, and other instances where you are invited to volunteer such information, including, but not limited to, when you register on our site, place an order or subscribe to our newsletter. When ordering or registering on our site, as appropriate, you may be asked to enter your: name, e-mail address, mailing address, phone number or credit card information.
What do we use your information for?
Any of the information we collect from you may be used to personalize your experience, improve our website, improve customer service, process transactions, send periodic emails. The email address you provide for order processing, will only be used to send you information and updates pertaining to your order. If you decide to opt-in to our mailing list, you will receive emails that may include company news, updates, related product or service information, etc. If at any time you would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email.
How do we protect your information?
We implement a variety of security measures to maintain the safety of your personal information when you place an order or access your personal information.
We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers.
Payments and refunds
The Site offers products and services for sale. The Site does not handle payments for these products directly, but rather refers these payments to a secure third-party payment processor which handles all aspects of the payment process. Any payment issues or disputes should be resolved directly with the payment processor. Once we have been notified by the payment processor that a payment has been made, and that the payment has successfully passed a fraud review, access will be granted to the product or service being purchased as soon as possible, however we make no guarantees of timeliness or immediacy. Free accounts are provided with a limited access to the Site that allows the user to test all available services prior to making a payment and determine if the offered services meet users needs. You may request a refund within 7 days of the payment only if your information in the card(product) is not correct and you're not able to use our discounts & benefits. Also, you must return the card to us within 7 days after you receive the card. Otherwise no refunds will be offered. Note that our system keeps track of your information you typed, uploaded files and IP address so we will verify each request for legitimacy.
Responsibility of website visitors
By operating the Site, the Operator does not represent or imply that it endorses any or all of the contributed content, or that it believes such material to be accurate, useful or non-harmful. You are responsible for taking precautions as necessary to protect yourself and your computer systems from viruses, worms, trojan horses, and other harmful or destructive content. The Site may contain content that is offensive, indecent, or otherwise objectionable, as well as content containing technical inaccuracies, typographical mistakes, and other errors. The Operator disclaims any responsibility for any harm resulting from the use by visitors of the Site.
Do we disclose any information to outside parties?
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information, except to provide products or services you've requested. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Copyright infringement and DMCA policy
Third party links
Our site may contain links to third party sites. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
This Agreement does not transfer from the Operator to you any of the Operator's or third party intellectual property, and all right, title and interest in and to such property will remain (as between the parties) solely with the Operator. The Operator logo, and all other trademarks, service marks, graphics and logos used in connection with the Operator, or the Site are trademarks or registered trademarks of the Operator or the Operator's licensors. Other trademarks, service marks, graphics and logos used in connection with the Site may be the trademarks of other third parties. Your use of the Site grants you no right or license to reproduce or otherwise use any the Operator or third-party trademarks.
The Operator reserves the right, at its sole discretion, to modify or replace any part of this Agreement. It is your responsibility to check this Agreement periodically for changes. Your continued use of or access to the Site following the posting of any changes to this Agreement constitutes acceptance of those changes. The Operator may also, in the future, offer new services and/or features through the Site (including, the release of new tools and resources). Such new features and/or services shall be subject to the terms and conditions of this Agreement.
The Operator may terminate your access to all or any part of the Site at any time, with or without cause, with or without notice, effective immediately. If you wish to terminate this Agreement you may simply discontinue using the Site. Notwithstanding the foregoing, if you have a client account, such account can only be terminated by the Operator if you materially breach this Agreement and fail to cure such breach within 14 (fourteen) days from the Operator's notice to you thereof; provided that, the Operator can terminate the Site immediately as part of a general shut down of our service. All provisions of this Agreement which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.
Disclaimer of warranties
Limitation of liability
In no event will the Operator, or its suppliers or licensors, be liable with respect to any subject matter of this agreement under any contract, negligence, strict liability or other legal or equitable theory for: (i) any special, incidental or consequential damages; (ii) the cost of procurement or substitute products or services; (iii) for interruption of use or loss or corruption of data; or (iv) for any amounts that exceed the fees paid by you to the Operator under this agreement. The Operator shall have no liability for any failure or delay due to matters beyond their reasonable control. The foregoing shall not apply to the extent prohibited by applicable law. The Operator shall not be liable for any special or consequential damages that result from the use of, or the inability to use, the services and products offered on this site, or the performance of the services and products.
General representation and warranty
You agree to indemnify and hold harmless the Operator, its contractors, and its licensors, and their respective directors, officers, employees and agents from and against any and all claims and expenses, including attorneys' fees, arising out of your use of the Site, including but not limited to your violation of this Agreement.
This Agreement constitutes the entire agreement between the Operator and you concerning the subject matter hereof, and they may only be modified by a written amendment signed by an authorized executive of the Operator, or by the posting by the Operator of a revised version. Except to the extent applicable law, if any, provides otherwise, this Agreement, any access to or use of the Site will be governed by the laws of the state of Arizoan, USA, excluding its conflict of law provisions, and the proper venue for any disputes arising out of or relating to any of the same will be the state and federal courts located in Maricopa County, Arizona. If any part of this Agreement is held invalid or unenforceable, that part will be construed to reflect the parties' original intent, and the remaining portions will remain in full force and effect. A waiver by either party of any term or condition of this Agreement or any breach thereof, in any one instance, will not waive such term or condition or any subsequent breach thereof. You may assign your rights under this Agreement to any party that consents to, and agrees to be bound by, its terms and conditions; the Operator may assign its rights under this Agreement without condition. This Agreement will be binding upon and will inure to the benefit of the parties, their successors and permitted assigns.
Changes to our terms and privacy policies
From time to time we may make adjustments to this policy. Changes will be made at our sole discretion. Site's users are encouraged to check this policy for such changes. Your continued use of this site following changes to this policy constitutes your acceptance of the changes.
This document has been last modified on 25 May, 2018
General Data Protection Regulation (GDPR)
Below is ISEC’s new Privacy & Cookies Policy, which will enter into effect on May 25, 2018.
To view our current Privacy & Cookies Policy, which will apply through May 25, 2018, please click here.
ISEC Privacy & Cookies Policy
Effective as of May 25, 2018
In this privacy & cookies policy (“Policy”), we describe the information that we collect about you, that you provide to us, is provided to us by third parties, and will be processed by us, as you use this website (our “Website”) and the services available through this Website, our mobile website, and for registered users our Mobile Application (collectively, our “Services”). We recommend that you read this policy carefully in order to understand what International Student Exchange Center (“we”, “us”, “ISEC”) do with your personal information. Your use of our Website and Services and any dispute over privacy, is subject to this Policy and any of our applicable Terms and Conditions for use of our Services, including their applicable limitations on damages and the resolution of disputes. Our Terms and Conditions for our Services are incorporated by reference into this Policy. By visiting www.isecard.com you are accepting and consenting to the practices described in this Policy. Regardless of the applicable law set forth in the ISEC Terms and Conditions for use of our Services, however, please note that any disputes arising under this Policy will be interpreted in accordance with the Governing Law provision set forth below.
EUROPEAN ECONOMIC AREA (“EEA”) CUSTOMERS ONLY: Please note that the whole of this Policy applies to you together with additional provisions which are specific to EEA customers, and can be found at Appendix 1.
HOW, WHEN AND WHAT WE COLLECT?
How does ISEC collect my information?
We collect information directly from you, about you from third parties such as issuing agents, our marketing affiliates and service providers used to verify your identity and prevent fraudulent activity, other ISEC users and other ISEC clients or customers for the purpose of providing the ISEC Services to you, and automatically as you use our Website and the Services. At this time, use of our Services through our Mobile Application is only available to users who register for our Services.
When does ISEC collect my information?
Third Party Analytics
When you apply for and use our Services, you contact us with questions, and you otherwise choose to provide information to us.
We receive information about you from banking references, credit reporting agencies, affiliates, other ISEC users if they provide us your name through our referral programs, and other third parties (e.g., entities that assist us in validating your identity, among others). We may combine this with other information that we collect about you.
What information does ISEC collect?
The types of information we collect about you depends on your particular interaction with our Website and our Services, and might include, where permitted by applicable law:
Your contact information (e.g., name, email address, phone number, billing or mailing address)
IP address, geolocation
Identity validation (e.g., photograph, other information requested to verify your information)
Institution(Your School information and department to verify your institution status)
Date of birth
Details of any transactions carried out using any of the Services
Any other information that you choose to provide to us (e.g., if you send us an email/otherwise contact us)
Information about your travel
You are responsible for providing accurate and up-to-date information. If you choose to participate in our Refer a Friend program, you acknowledge that you have your friend’s consent to provide your friend’s information to us.
HOW WE USE YOUR INFORMATION
To validate your identity.
To provide our Services to you, to communicate with you about your use of our Services or any changes in our Terms and Conditions that apply to you.
For the purpose for which you specifically provide the information to us, including, to respond to your inquiries, to provide any information that you request, and to provide customer support.
To tailor the content and information that we may send or display to you, to offer location customization (where permitted by applicable law), personalized help and instructions, and to otherwise personalize your experiences while using our Website and our Services, such as developing and offering you with new and/or additional services or new and/or additional features to existing services.
For marketing and promotional purposes, for example, where permitted by law (other than if (where applicable) you opted out by unsubscribing from marketing emails and/or by contacting us as noted in the table below), we may use your information, such as your email address, phone number, or mailing address to send you newsletters, special offers and promotions, or to otherwise contact you about services or information we think may interest you, or to conduct draws for campaigns and the like and deliver prizes and rewards .
As permitted by applicable law (other than if (where applicable) you opted out), to assist us in advertising our products and services in various mediums including, without limitation, sending you promotional emails, advertising our services on third party sites and social media platforms, sending you direct mail, and by telemarketing.
To better understand how users access and use our Website and our Services, both on an aggregated and individualized basis, to administer, monitor, and improve our Website and Services, for our internal purposes, and for other research and analytical purposes. Please see the information below regarding Third Party Analytics.
To protect us, our customers, employees or property — for instance, to investigate fraud and prevent fraudulent activity, harassment or other types of unlawful activities involving us or other companies that we do business with, to enforce this Policy, as well as our Terms and Conditions.
WHEN DO WE SHARE YOUR INFORMATION?
We share your information with third parties, including service providers, regulated institutions (e.g., financial institutions), affiliated entities, and business partners as set out in the table below. In the section below, we also list the reasons why we share information.
How and Why We Share Your Information
Does ISEC Share?
With our service providers and affiliates – to assist us with the provision of the Services and our everyday business purposes, such as to verify your identity, prevent fraudulent activity, conduct internal research and analytical assessments, process your transactions, maintain your account(s) and provide you with customer care services. Yes
With fraud prevention and detection service providers - for the purpose of detecting and preventing fraudulent activity. Such service providers may keep records of information provided and use it when providing fraud detection and prevention services to other users of their databases. Yes
For marketing purposes:
1. With our service providers and our affiliates – to market our own products and services; and
2. With non-affiliated third parties for joint marketing purposes. Yes*
With other ISEC clients, customers or third parties using our services - to perform the Services, assist in carrying out your transactions with such clients, customers or third parties or for purposes of our refer-a-friend program(s). Yes
In response to legal process – to comply with the law, a judicial proceeding, subpoena, court order, or other legal process. Yes
In connection with business transfers – to another entity if we are acquired by or merged with such other entity, if substantially all of our assets are transferred to such other entity, or as part of a bankruptcy proceeding. Yes
To protect us and others – we may disclose your information when we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms and Conditions or this Policy, or as evidence in litigation in which we are involved. Yes
Aggregate and de-identified information – we may disclose aggregate or de-identified information about users for marketing, advertising, research, or similar purposes. Yes
With consumer reporting agencies, as permitted by law, with respect to users from South Korea. Yes
* If you do not want us to use your details for us to market to you, and/or to pass your details on to third parties for marketing purposes, please contact us through the phone number or email address listed in the Sectiontitled “Contact Us, Questions, Updating Your Info” below. You will also be able to unsubscribe from any marketing emails sent to you by ISEC using a link provided in the email.
WHERE WE STORE YOUR DATA
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent un-authorized access.
Cookies. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Website and Services, while others are used to enable a faster log-in process or to allow us to track your activities at our Website and Service. There are four types of cookie:
Strictly necessary cookie These are cookies that are required for the operation of our Website. They include, for example, cookies that enable users to log into secure areas of our Website.
Analytical/performance cookies. These types of cookies allow us to recognize, count the number of visitors, and see how visitors move around our Website when they are using it. This assists us to improve the way in which our Website works, for example, by ensuring that you can find what you are looking for easily.
Functionality cookie These cookies are used to recognize you when you return to our Website. They enable the personalization of content, recognition of users, and also remember your user preferences (for example, your choice of language or region).
Targeting cookies. These cookies record your visit to our Website, the individual pages visited and the links followed. If the cookie is set by a third party (for example, an advertising network) which also monitors traffic on other websites, this type of cookie may also be used to track your movements across different websites and to create profiles of your general online behavior. Information collected by tracking cookies is commonly used to target online advertising.
The four types of cookies above will be either session cookies or persistent cookies.
Session Cookies. Session cookies exist only during an online session. They disappear from your computer when you close your browser or turn off your computer. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Website or Services. This allows us to process your online transactions and requests and verify your identity, after you have logged in, as you move through our Website or Services.
Persistent Cookies.Persistent cookies remain on your computer after you have closed your browser or turned off your computer. We use persistent cookies to remember your user information, preferences and activity, to enable us to provide our services to you when you next return to our Website or Services. We also use persistent cookies to track aggregate and statistical information about user activity, which may be combined with other user information.
Local Storage Objects. We may use Flash Local Storage Objects (“Flash LSOs”) to store your Website preferences and to personalize your visit. Flash LSOs are different from browser cookie because of the amount and type of data stored. Typically, you cannot control, delete, or disable the acceptance of Flash LSOs through your web browser. For more information on Flash LSOs, or to learn how to manage your settings for Flash LSOs, go to the Adobe Flash Player Help Page, choose “Global Storage Settings Panel” and follow the instructions. To see the Flash LSOs currently on your computer, choose “Website Storage Settings Panel” and follow the instructions to review and, if you choose, to delete any specific Flash LSO.
Storage HTML5 Storage. We may also store your user information and Website preferences locally within your web browser via HTML5.
Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Website or Services to, among other things, track the activities of Website visitors, help us manage content, and compile statistics about Website and Services usage. We and our third-party service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
Changing or Disabling your Cookie Settings. Most web browsers automatically accept cookies, but if you prefer you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Website who disable their web browsers’ ability to accept cookies will be able to browse the Website; however, most site features will not function if you disable cookies and you will not be able to login to use our services.
Do Not Track. Currently, our systems do not honor browser “do-not-track” requests. You may, however, disable certain tracking as discussed above (e.g., by disabling Cookies); you also may opt-out of Third Party Analytics or targeted advertising by following the instructions in the Third Party Ad Networks section below.
Third Party Analytics
We use automated devices and applications, such as Google Analytics, VWO and Trendemon, to evaluate use of our Website and the Services. To opt-out of Google Analytics, please go to: https://tools.google.com/dlpage/gaoptout/. Please note that if you use a new or different computer, install a new browser, or clear your cookies; in that case, you will need to re-opt-out through the link above.
Third-Party Ad Networks
You may opt-out of many third-party ad networks, including those operated by members of the Network Advertising Initiative (“NAI”) and the Digital Advertising Alliance (“DAA”). For more information regarding this practice by NAI members and DAA members, and your choices regarding having this information used by these companies, including how to opt-out of third-party ad networks operated by NAI and DAA members, please visit their respective websites: www.networkadvertising.org/optout_nonppii.asp (NAI) and www.aboutads.info/choices (DAA).
Opting out of one or more NAI member or DAA member networks (many of which will be the same) only means that those members no longer will deliver targeted content or ads to you. It does not mean you will no longer receive any targeted content or ads on our Website or other websites. You may continue to receive advertisements, for example, based on the particular website that you are viewing. Also, if your browsers are configured to reject cookies when you visit this opt-out page, or you subsequently erase your cookies, use a different computer or mobile device or change web browsers, your NAI or DAA opt-out may no longer be effective. Additional information is available on NAI’s and DAA’s websites accessible by the above links.
CHANGES TO OUR PRIVACY & COOKIES POLICY
This Policy may change from time to time. Any changes in the future will be posted on our Website and, where appropriate, notified to you by email or in your “My Account” on the Website. Please check back frequently to see any updates or changes to our Policy. We will not materially reduce your rights under this Policy without taking steps to bring such changes to your attention.
CONTACT US, QUESTIONS, UPDATING YOUR INFO, OPTING OUT
If you are an ISEC Services customer and would like to update your information, please log into your “My Account” in order to update certain information or contact us through the contact information below. If you are not an ISEC Services customer, but have provided us with information, and would like to update your information, you may contact us through the phone number or email address listed below. From time to time, we may email you with special offers; you may opt-out of those offers through the email or by contacting us as noted below.
ISEC Customer Care, International Student Exchange Center
#3001, 30F Trade Tower, Youngdong-daero, Gangnamgu Seoul 06164 South Korea
If you would like to contact us for other privacy-related matters, please contact our Data Protection Officer(Joon Han) at email@example.com.
GOVERNING LAW & JURISDICTION
Save in relation to EEA customers, this Policy shall be governed by and interpreted in accordance with the laws of South Korea, and any dispute hereunder shall be brought exclusively in the courts of the Gangnamgu, South Korea except where prohibited by South Korean law.
For our EEA customers, this Policy shall be governed by and interpreted in accordance with the laws of South Korea, and any dispute hereunder shall be brought exclusively in the courts of South Korea.
Any and all content provided on this Website or the Services, including links to other websites is provided for information purposes only and does not constitute advice, recommendation or support of such content or website. ISEC makes every effort to provide true and accurate content on its Website. However, ISEC provides no warranty, express or implied, of the accuracy, completeness, timeliness, or applicability of such content. ISEC accepts no responsibility for and excludes all liability in connection with information provided on the ISEC website, including but not limited to any liability for errors, inaccuracies or omissions.
APPENDIX 1: ADDITIONAL TERMS FOR EEA customers
The information below is required pursuant to the EEA law regarding privacy and data protection. The terms below apply to EEA customers in addition to the terms in the rest of the Policy.
For the purposes of the General Data Protection Regulation (“GDPR”), the data controller is ISEC #3001, 30F Trade Tower, Youngdong-daero, Gangnamgu Seoul 06164 South Korea, a company established in South Korea and regulated for data protection purposes by the South Korea Authority (“ISEC”). If you have any questions about this Policy, please contact our Data Protection Officer (Joon Han) at firstname.lastname@example.org.
If you are unhappy about how we are processing your data or how we have responded to a request or complaint, you have the right to make a complaint to the South Korea Authority or your local supervisory authority.
when do we share your information
The table headed “How and Why We Share Your Information” in the main part of the Policy under the heading “WHEN DO WE SHARE YOUR INFORMATION” lists who we may share your information with, which include transfers for reasons of legal compliance and necessity in order to provide you with our Services.
You should be aware that when sharing your information, it may be transferred to, and stored at, a destination outside the EEA.
Please note that where data is transferred outside of the EEA, non-EEA countries may not offer the same level of protection for personal data as is available in the EEA. ISEC will take various measures to ensure that your data is treated securely, which may include, but not be limited to:
assessing the security measures taken at any place your data is transferred to;
having suitable contract terms in place that oblige a data processor to only process in accordance with our instructions; and
having monitoring, reporting and resolution procedures in place with regard to ongoing security.
Please contact us if you require more detailed information about international transfers of your information, and the particular safeguards used.
Legal grounds for processing your personal data
We process your information based on the following legal grounds, as recognised by and in compliance with the applicable data protection laws:
the processing is necessary to perform our contract with you (i.e. the Terms and Conditions that apply as applicable with respect to ISEC Services, for the provision of our Services), or to take steps requested by you before entering into said contract;
the processing is in ISEC’s or someone else’s legitimate interests, and these interests are not overridden by your interests or rights in the protection of your personal data. This may include processing your data for prevention of fraudulent activity, internal research and analytics assessments, for purposes of communication with you, and informing you about new products and services we are offering or to promote new products and services of other parties which we think may be of interest to you, etc.;
you have given your consent to the processing of your data;
the processing is necessary to meet a legal obligation which applies to ISEC.
Sometimes we process data about you which the law considers to fall within special categories (see section “What data do we process about you?” for more details), in which case, we use one of the following grounds:
the processing is necessary for the establishment, exercise or defence of legal claims;
you have freely given your informed, specific consent to the processing; or
the processing is necessary for reasons of substantial public interest, based on applicable law.
If you would like more information about the legal grounds used to process your information, or about the legitimate interests referred to above, please contact us.
In cases where we have asked for, and you have given, your consent to our processing of your personal data, you have the right to withdraw such consent at any time. You can do this by contacting our DPO(Joon Han) at email@example.com.
Do you have to give us your information?
In most cases, providing your personal data to us is optional, however, if you do not provide it, you will not be able to use our Services. For example, we need details such as your name, address and bank account details so that we can make payments to you and receive payments from you. In other cases, you have a choice over whether we collect your personal data, for example, you can turn off cookies on your browser and we will not place any cookies on your device or computer (although in this case you may not be able to use all parts of our website).
Profiling and automated decision making
We use automated decision making as part of our process to evaluate eligibility for the use of the ISEC Services. We use these tools as a measure of fraud prevention and for purposes of security and risk assessment relating to the performance of the ISEC Services:
Automated tools incorporated in our process of approval of your registration application: based on the information you provided, the tool may advise if additional information is required for purpose of approval of your application.
Automated tools incorporated in our process of approval of certain payment transaction of registered users: such tools may advise if additional information is required for purpose of performance of the payment transaction.
How long do we keep your INFORMATION?
ISEC retains your information as required by applicable laws or regulations and/or in accordance with ISEC’s internal policies and procedures for purposes of prevention of fraudulent activity, risk management and security. ISEC will periodically review the necessity of retention of your data.
EEA CUSTOMERS ONLY: Your rights
You have several rights in relation to your personal data which are described in more detail below. You can exercise your rights at any time by contacting us at firstname.lastname@example.org.
Accessing your data
You can ask us to:
Confirm whether we are processing your personal data
Give you a copy of that data
You do not have to pay a fee for a copy of your information unless your request is unfounded, respective or excessive, in which case we will charge a reasonable amount in the circumstances. We will let you know of any charges before completing your request.
We aim to respond to you within 1 (one) month of receiving your request unless it is particularly complicated or you have made several requests, in which case we aim to respond within 3 (three) months. We will let you know if we are going to take longer than 1 (one) month in dealing with your request. If we have a lot of information about you we might ask you if you can tell us what exactly you want to receive. This will help us action your request more quickly.
Correcting your data
You can ask us to correct any data which is inaccurate or incomplete. This is free of charge.
If we have shared the data with anyone else, we will tell them about the correction wherever possible. We aim to deal with requests for correction within 1 (one) month, although it might take us up to 3 (three) months if your request is particularly complicated.
If we cannot action a request to correct your data, we will let you know and explain why this is.
Erasing your data
This right is sometimes referred to as “the right to be forgotten”. This is not an absolute right but you have the right to have your data erased, free of charge, in certain circumstances.
You can ask for your data to be erased where:
it is no longer necessary for the purpose for which it was originally collected or processed;
we are processing your data based on your consent, and you withdraw that consent;
you object to the processing and we do not have an overriding legitimate interest for continuing;
your data has been unlawfully processed;
your data must be erased to comply with a legal obligation;
the data was processed to offer information society services to a child.
There are some exceptions to this right. If one of these applies, we do not have to delete the data.
If we have shared your data with third parties, we will tell them about the erasure of your data unless this is impossible or would involve disproportionate effort.
Restricting the processing of your data
You can ask us to restrict the processing of your personal data in some circumstances, free of charge. This is not an absolute right. If processing is restricted we can store the data and retain enough information to make sure the restriction is respected, but we cannot further process your data.
You can restrict the processing of your personal data in the following cases:
if you contest the accuracy of your data, we will restrict processing until we have made sure the data is accurate;
if you object to our processing and we are considering this objection;
if the processing is unlawful but you do not want us to erase your data;
if we no longer need the personal data but you require the data to establish, exercise or defend a legal claim.
If we have disclosed the data to a third party, we will inform them about the restriction unless it is impossible or would require a disproportionate effort. We will tell you if we decide to lift a restriction on processing your data.
Objecting to the processing of your data
Objecting to the processing of your data is free of charge. It is not an absolute right but you can object to our processing of your data where it is:
based on the legitimate interests ground; or
for the purposes of scientific/historical research and statistics.
We will stop processing your personal data unless we have compelling legitimate grounds for the processing which override your interests and rights, or unless we are processing the data for the establishment, exercise or defence of legal claims.
You can require us to stop using your data for direct marketing purposes. We will stop as soon as we receive your request. There are no exemptions or reasons for us to refuse.
This allows you to obtain and reuse your personal data for your own purposes across different services. It applies where the following conditions are met: you provided the personal data to us yourself;
we are processing the data either based on your consent or because it is necessary for the performance of a contract; and the processing is carried out by automated means.
We will provide your data free of charge in a structured, commonly used and machine-readable form. We aim to provide your data within 1 (one) month of receiving your request unless it is particularly complicated or you have made several requests, in which case we aim to respond within 3 (three) months. If we are going to take longer than 1 (one) month we will let you know and explain why we need more time. If we consider that we cannot provide you with your data, we will contact you and explain why this is.
Automated decision making and profiling
You have the right not to be subject to a decision which is based on automated processing and which produces a legal (or similarly significant) effect on you.
We will tell you about any automated decision making that affects you. You have the right to:
request human intervention;
express your point of view;
ask for the decision to be explained; and
challenge the decision.
These rights are not absolute. They do not apply if the decision is:
necessary for us to enter into or perform a contract with you;
authorised by law (e.g. for fraud prevention); or
based on your explicit consent.