Privacy Policy
NAVER Cloud (hereinafter the “Company”) is committed to protecting the rights and interests of its users by establishing a privacy policy in accordance with relevant laws and regulations, including the Personal Information Protection Act.
This Privacy Policy applies to the services provided by the Company and covers the following.
Labelling
- 닫기Collection of personal information
Membership information, payment processing, inquiry response, and partnerships/proposals. ※ See the full Privacy Policy for details
- 닫기Retention period
Personal information is destroyed without delay when members withdraw their membership or when the purpose of use is fulfilled. However, we will keep it separately if we receive separate consent from the user or if it is necessary to comply with relevant laws. ※ See the full Privacy Policy for details
- 닫기Provision of personal information
Provision of personal information is provided to a third party through a separate consent process ※ See the full Privacy Policy for details
- 닫기Consignment processing
We consign member services, inquiry response, and system operation to provide services according to procedures. ※ See the full Privacy Policy for details
- 닫기Privacy complaint department
We will handle complaints and damage remedies of information subjects without delay if you contact us at the following contact information. - dl_ncloud_privacy@navercorp.com ※ See the full Privacy Policy for service-specific customer service information
Contents
- 1. Purposes, processing items, and retention periods
- 2. Personal information from children under the age of 14
- 3. Provision of personal information to third parties
- 4. Consignment of personal information processing
- 5. Procedures and methods for destroying personal information
- 6. The rights, obligations of the users and the legal representative
- 7. Measurements to ensure safety of personal information
- 8. Installation, refusal of automatically collect personal information
- 9. Policy regarding personal location information processing
- 10. Contact information of Personal Information Security Officer
- 11. Privacy complaint department
- 12. Remedies for infringements of information subject’s rights
- 13. Notify changes in the Privacy Policy
- 1. Purposes, processing items, and retention periods
Confirmation of intent to become a member, confirmation of age and consent of legal representative, verification of identity of user and legal representative, identification of user, and confirmation of intent to withdraw membership
To protect users and operate the Service, including taking measures to restrict the use of the Service for members who violate laws and regulations, the NAVER Terms and Conditions or the NAVER MYBOX Service Terms and Conditions, or the NAVER MYBOX paid product Terms and Conditions, preventing and sanctioning acts that interfere with the smooth operation of the Service, including fraudulent use, preventing account theft and fraudulent transactions, delivering notices such as revisions to the Terms and Conditions, preserving records for dispute settlement, and handling complaints
Creating a service experience that users feel comfortable using in terms of security, privacy, and safety
(Required) Name, date of birth, gender, duplicate registration identification information (DI), encrypted same person identification information (CI), mobile phone number and network operator information, Korean/foreigner information, and in the case of children under 14 years of age, legal representative information (name, date of birth, gender, duplicate registration confirmation information (DI), mobile phone number of legal representative)
(Required) NAVER ID, name, pseudonym (or nickname), profile image, date of birth, gender, mobile phone number, email address, duplicate registration identification information (DI) hash value, encrypted same person identification information (CI), Korean/foreigner information
Identity verification for paid services, purchase and payment of fees for paid services, and delivery of goods and services
(Required) Payment method, payment date, payment result, product information, and refund information when paying for paid products
In addition to providing existing services such as content, we also discover new service elements and improve existing services, such as demographic analysis, analysis of service visits and usage records, formation of relationships between users based on personal information and interests, and provision of customized services based on acquaintances and interests.
Service usage history and access frequency analysis, statistics on the use of the Service, and provision of customized services based on service analysis and statistics
IP address, cookies, device information, access log, visit date and time, service usage history, records of improper use, information on objects (people, animals, plants, objects, background, etc.) within the content (original information and characteristic information), metadata information
Marketing and promotional purposes, such as providing event information and opportunities to participate in events, and providing advertising information, provided we have obtained separate consent from the user
Send inquiry
(Required) Email address
Identify verification, identification of individuals, delivery of notices, and response to inquiries in connection with use of membership services
Automatic generation and collection during service usage
Translation and evaluation task request and execution, labeling of translator names in deliverables
Translation and evaluation fee calculation
Membership service management and provision of the Papago Plus service
Membership management, including confirmation of intent to sign up, age verification, user identification, and confirmation of intent to withdraw membership
Payment method registration and payment processing for purchases and billing
Existing service improvements, such as analyzing service visits and usage history and providing customized services
Provision of a safe service environment, including sanctions for violations of laws, terms, and conditions, and prevention of abuse
Identity verification for paid services
User right assurance and complaint handling
Inquiry reception and response
Record keeping for dispute resolution
Service proposal feedback reception
Membership management, including confirmation of intent to sign up, identity verification by using membership service, user identification, intent to withdraw membership, etc.
Membership management, including confirmation of intent to sign up for membership, user identification by using membership service, and intent to withdraw membership
Membership management, including confirmation of intent to sign up for membership, user identification by using membership service, and intent to withdraw membership
The Company processes the following personal information for the following purposes.
The personal information processed will not be used for any purpose other than the following, and if the purpose of use changes, the Company will take necessary measures such as obtaining separate consent based on relevant laws and regulations.
In principle, personal information is destroyed without delay when members withdraw their membership or when the purpose of use is fulfilled. However, if separate consent is obtained at the time of collecting personal information or if additional retention is required in accordance with relevant laws and regulations, personal information shall be processed and retained within the applicable personal information retention and use period.
A. NAVER MYBOX paid storage service*
* Hereinafter "NAVER MYBOX"
Purpose of processing
Processing items
Retention period
Member management for service provision
We collect the following personal information during the process of identification and age verification and consent of legal representative for children under 14 years of age.
It is available to “NAVER member” and processes the following NAVER member information in the process of signing up for and using NAVER MYBOX service.
Destroyed without delay upon withdrawal or fulfillment of the purpose of use
Payment processing
Use for new service development, feature enhancements, marketing and advertising
The following information may automatically be created or additionally collected during service use or processing of service provision tasks.
We collect phone numbers and addresses in the course of event notifications, entries, and prize delivery, which are optional, members can use the Service without consenting to the collection and can change their consent at any time.
To process consultations and prevent fraudulent use when verifying identity
(Required) Mobile phone number, network operator information
1 year from the time of collection
Prevention of fraudulent use
Record of fraudulent use
1 year from the time of collection
Inquiry response
3 years from the time of collection
B. Papago Pro
Purpose of processing
Processing items
Retention period
Member management for service provision
(Required) Name, affiliation, email address, password
Destroyed without delay upon withdrawal or fulfillment of the purpose of use
Generation/collection during service usage
IP address, cookies, access logs, visit date and time, service usage history, payment history
Task request, deliverable management
(Required) Name, affiliation information
Retained without deletion
Payment processing
(Required) Business: business registration certificate, account number, corporate seal certificate (version with personal information masked), manager information (name, mobile phone number, email address)
(Required) Individual: name, mobile phone number, email address, account number, copy of ID card (version with personal information masked)
6 years and 3 months from the last transaction date
Inquiry response
(Required) Email address
(Required) Papago Pro account number
3 years from the time of collection
C. Papago Plus
Purpose of processing
Processing items
Retention period
Member management for service provision
(Required) Name, Papago Plus account, password, date of birth, recovery email address
Destroyed without delay upon withdrawal or fulfillment of the purpose of use
Payment processing
(Required) Payment method (simple payment method, credit card number), payment date and time, payment result, purchased product information, refund information
Generation/collection during service usage
IP address, cookies, access logs, visit date and time, service usage history, payment history, device information
Identity verification when processing payments
(Required) Name, date of birth, gender, duplicate registration identification information (DI), encrypted same person identification information (CI), mobile phone number and network provider, Korean/foreigner information
To process consultations and prevent fraudulent use when verifying identity
(Required) Mobile phone number, network operator information
1 year from the time of collection
Inquiry response
(Required) Email address, Papago Plus account
3 years from the time of collection
Partnerships/proposals
(Required) Email address
D. CLOVA CareCall
Purpose of processing
Processing items
Retention period
Member management and inquiry response for service provision
(Required) Name, affiliation information, mobile phone number, email address, password
Destroyed without delay upon withdrawal or fulfillment of the purpose of use
E. Voice EMR
Purpose of processing
Processing items
Retention period
Member management for service provision
(Required) Hospital name, department name, email address, password, medical audio file
Destroyed without delay upon withdrawal or fulfillment of the purpose of use
F. CLOVA Agent for Nursing
Purpose of processing
Processing items
Retention period
Member management for service provision
(Required) (Nurse) Hospital name, ward name, email address, password
(Required) (Patient) Ward name, email address, name, date of birth, gender, health information, password
Destroyed without delay upon withdrawal or fulfillment of the purpose of use
- 2. Personal information from children under the age of 14
Required: Name of legal representative, duplicate registration identification information (DI), mobile phone number
Requiring the legal representative to indicate whether they consent on the internet site where the consent is posted and verifying the legal representative's identity through mobile phone verification or I-PIN verification in the representative's name.
The user and the legal representative of the child under the age of 14 may request to view, correct, or terminate their personal information held by the Company.
The user may withdraw consent to the collection and use of personal information at any time through "Unsubscribe." For children under the age of 14, their legal representative has the right to view or correct their personal information and to withdraw consent to its collection and use.
If the user requests the correction of errors in personal information, the Company will not use or provide the personal information until the correction is completed. In addition, if the incorrect personal information has already been provided to a third party, the Company will notify the third party without delay of the results of the correction process so that the correction can be made.
The Company obtains the consent of a legal representative when collecting personal information about children under the age of 14 and collects the minimum amount of personal information necessary to perform the applicable service.
The Company may require a minimum of information from the child's legal representative when collecting personal information from children under the age of 14, and will verify that a legal representative has provided consent in the following ways.
The user and their legal representative are guaranteed the following rights:
※ This content only applies to NAVER MYBOX service.
- 3. Provision of personal information to third parties
If the User have agreed in advance
When required by law or by an investigative agency for investigative purposes in accordance with the procedures and methods prescribed by law
When providing processed data in a form that can't be used to identify specific individuals for the purpose of compiling statistics, conducting scientific research, or preserving public records
The Company provides personal information to third parties only in cases falling under Articles 17 and 18 of the Personal Information Protection Act, such as prior consent of the user or special provisions of the law, and otherwise does not provide the user's personal information to third parties.
Service
Receiving party
Purpose of provision
Information provided
Period of retention and use
NAVER MYBOX
NAVER Corp.
Service usage analytics
NAVER ID, NAVER MYBOX registration and usage date, NAVER` MYBOX service usage history, file meta information, capacity in use, type and number of files held, payment information (payment method, payment date and time, payment result, purchased product information, refund information), IP address, cookies, device information
Until termination of service
OGQ Corp.
Photo printing in products purchased from OGQ
Photo
Deleted within 6 months of purchase confirmation after ordering photo prints
NBT Inc.
Event participation confirmation and prevention of duplicate prize provision, event recommendation and inquiry response
Randomly generated separator, ad identifier, app identifier
1 year from the date of service termination or withdrawal of consent
- 4. Consignment of personal information processing
When signing a consignment contract, matters related to liability, such as prohibition of processing personal information for purposes other than performing the consignment work, securing safety, restriction of re-consignment, management and supervision of the consignee, and compensation for damages, are specified in documents such as contracts in accordance with the Personal Information Protection Act, and the consignee is supervised to ensure that personal information is handled safely.
If the content of the consignment or the consignee changes, we will disclose it through this Privacy Policy without delay.
The Company consigns the processing of personal information as follows for efficient business processing.
Consignee
Consignment work details
Period of retention and use
NAVER Corp. (link)
System operation for service provision, identity verification
Until the withdrawal of membership or the termination of the consignment contract
NAVER FINANCIAL Corp. (link)
Usage fee payment, prevention of payment theft
inComms Corp.
Customer Center Service Operation
NHN KCP Corp.
Payment processing
NIT Service Corp.
System operation for service provision
N Tech Service Corp.
Service development and testing
InfoBank Corp.
Text message delivery system operation
NAVER WEBTOON Ltd. (link)
Development/operation of digital content sales and settlement system
- 5. Procedures and methods for destroying personal information
Discarding procedure
Personal information collected through the service subscription process, etc. is destroyed after being stored for a certain period of time according to internal policies and other relevant laws and regulations after the purpose has been achieved.
Even for information that the law requires to be preserved, it is destroyed without delay and in a way that makes it impossible to restore or reproduce it after the relevant period has elapsed.
Destruction methods
Personal information printed on paper will be destroyed by shredding or incinerating.
Personal information saved in electronic formats will be deleted via a technical deletion method that destroys data permanently.
The Company will destroy the personal information without delay when the personal information becomes unnecessary due to the elapse of the personal information retention period or the achievement of the purpose of processing.
If the personal information must be retained in accordance with other laws, the personal information will be processed and retained within the applicable period.
Grounds for retention
Information retained
Retention period
Act on Consumer Protection in Electronic Commerce, etc.
Contract or subscription withdrawal records
5 years
Records on payment or supply of goods and others
5 years
Customer complaints or dispute handling records
3 years
Protection of Communications Secrets Act
Login records
3 months
The Company's personal information destruction procedure is as follows.
- 6. The rights, obligations of the users and the legal representative
NAVER/MYBOX web environment: Login > Profile information > NAVER ID
NAVER/MYBOX mobile web and app environment: Login > Profile > Settings > Login information / NAVER > My Information > NAVER ID
Withdrawal of membership: (omitted) NAVER ID > My Profile > Withdraw membership
Log in > My Information
Withdrawal of membership: Login > Manage member > Status > Delete account
Login > Manage account
Withdrawal of membership: Login > Manage account > Withdraw membership
Login > Manage account
Withdrawal of membership: Login > Manage account> Unsubscribe
Login > Settings > Account information
Withdrawal of membership: Login > Settings > Account information > Unsubscribe
Login > Preferences
Withdrawal of membership: Preferences > Unsubscribe
The user may request the suspension of the processing of personal information at any time, and the request for the suspension of processing may be rejected in cases where there are special provisions in the law, etc.
The user may withdraw consent to the collection and use of personal information at any time through "Unsubscribe."
In the case of children under the age of 14, the legal representative has the right to view, edit, delete, suspend, and withdraw the consent to the collection and use of the child's personal information.
If the user requests the correction of errors in personal information, the Company will not use or provide the personal information until the correction is completed. In addition, if the incorrect personal information has already been provided to a third party, the Company will notify the third party without delay of the results of the correction process so that the correction can be made.
The rights of users and legal representatives can be handled directly on the "Member information" page, or requested through "Customer inquiries."
The user can view, edit, or delete their personal information at any time in "Member information" and request to view their personal information.
Alternatively, they can make a request through "Customer inquiries" or by contacting the Personal Information Security Officer.
Type
How to access "Member information"
NAVER MYBOX
Papago Pro
Papago Plus
CLOVA CareCall
Voice EMR
CLOVA Agent for Nursing
- 7. Measurements to ensure safety of personal information
The Company has established and is implementing an internal management plan for the protection of personal information.
The Company is taking measures to control access to personal information and restrict access permissions.
The Company takes encryption measures to safely store and transmit personal information.
The Company takes measures to retain the personal information access records and prevent forgery and alteration.
The Company installs and updates security programs for personal information.
The Company takes physical measures to ensure the safe storage of personal information.
The Company has established and operates a detailed plan to be implemented in the event of a crisis situation caused by a disaster or other emergency.
The Company manages printed and copied materials containing personal information securely.
The Company destroys personal information that has achieved its intended purpose in a way that makes it impossible to restore or reproduce it.
The Company operates a dedicated organization for the protection of personal information.
The Company does its best to safely manage the personal information of users (including pseudonymized information) and protects personal information to a level higher than that required by the Personal Information Protection Act.
The Company is verified by domestic and international certification bodies for its user information protection and personal information protection activities.
For more information, please visit the Privacy Center's information protection certification page.
- 8. Installation, refusal of automatically collect personal information
Cookies are very small text files that are stored on the user's PC by the user's web browser when the user accesses a website. When the user visits the website again, the website server reads the contents of the cookies stored on the user's PC to maintain the service environment set by the user, enabling convenient use of the Internet service.
The user has the option to set the browser options to allow all cookies, check each time a cookie is saved, or refuse to save all cookies.
Cookies do not automatically or actively collect information that identifies individuals, and the user can refuse to store or delete these cookies at any time.
However, if the user refuses to store cookies, it may be difficult to use customized services.
How to allow/block cookies in web browsers
Chrome: Web browser settings > Privacy and security > Delete browsing data
Edge: Web browser settings > Cookies and site permissions > Manage and delete cookies and site data
How to allow/block cookies in mobile browsers
Chrome: Mobile browser settings > Privacy and security > Delete browsing data
Safari: Mobile device settings > Safari > Advanced > Block all cookies
Samsung Internet: Mobile browser settings > Internet usage history > Delete internet usage history
The Company uses "cookies" that save and frequently retrieve usage information to provide personalized and customized services.
- 9. Policy regarding personal location information processing
Purpose of processing personal location information and retention period
The Company retains and uses the personal location information for the minimum period required to provide location-based services.
In principle, the Company destroys personal location information without delay when the period required to provide location-based services ends. However, if the user posts or stores personal location information along with posts or content on the NAVER service, such as the 'GeoTagging' service, the personal location information may be stored along with the posts or content for the duration of the posts or content.
Basis for and retention period of storage of data confirming collection, use, and provision of personal location information
The Company retains and provides personal location information within the scope notified in Article 6 of the “Location-based Service Terms and Conditions” and immediately notifies the subject of personal location information of the relevant content in accordance with Article 8 of the “Location-based Service Terms and Conditions".
Procedures and methods for destruction of personal location information
The Company destroys personal location information without delay and in a way that makes it impossible to restore or reproduce it after the purpose of processing the information has been achieved.
Items related to the provision of personal location information to third parties
The Company does not provide personal location information to a third party without the consent of the subject of personal location information. If the Company provides a third party provision service, then the Company notifies the subject of personal location information in advance and obtains consent.
Rights·duties of guardians of children under the age of 8, etc. under Article 26-1 of the Location Information Act and how to exercise them
If the person responsible for the protection of a person falling under the following cases (hereinafter "child at the age of 8 or under, etc.") agrees to the use or provision of personal location information for the protection of the lives or physical safety of a child at the age of 8 or under, etc., the Company deems to have consent of the person themselves.
1. Child at the age of 8 or under
2. Adult ward
3. Person with a mental disability in accordance with Article 2, Paragraph 2, Subparagraph 2 of the Act On Welfare Of Persons With Disabilities who is deemed to be a person with a severe disability in accordance with Article 2, Subparagraph 2 of the Act On The Employment Promotion And Vocational Rehabilitation Of Persons With Disabilities (It is only applicable for those who registered as a person with disability under Article 32 of Act On Welfare Of Persons With Disabilities.)
The person responsible for the protection of a child at the age of 8 or under, etc., who would like to consent to the use or provision of personal location information for the protection of the life or physical safety of the child must submit written consent with a document proving that they are the person responsible for that child's protection. The person responsible for the protection of the child at the age of 8 or under may exercise the entirety of rights of subjects of personal location information if they consent to the use or provision of personal location information of the child.
Location Information Security Officer information and contact information
Location Information Security Officer is a concurrent position with the Personal Information Security Officer.
The following is a notice in accordance with Article 21-2 of the Act on the Protection and Use of Location Information(hereinafter "Location Information Act").
The Company provides the following location-based services when the personal location information subject uses the service using a mobile device by receiving location information from the location information provider.
Service
Collected personal information items
Geo Tagging service
The location information of the personal location information subject or mobile device included in the content is stored together with the content.
Service that provides search results using location information
When requesting information search or providing the location information of a personal location information subject or a mobile device, search results and surrounding results (such as photos taken nearby) using the location information are presented.
- 10. Contact information of Personal Information Security Officer
Personal information security officer
Name: Hanyong Park
Affiliation: Security Policy & Privacy
Position: CPO/DPO
Contacts: dl_ncloud_privacy@navercorp.com
The Company designates persons in charge of personal information protection as follows to take overall responsibility for the processing of personal information and to handle user complaints and damage relief related to the processing of personal information.
You can contact the Personal Information Security Officer and the department in charge of all matters related to the protection of personal information, including inquiries, complaints, and damage relief, that arise while using the service.
The Company will respond to and handle users' inquiries without delay in accordance with the relevant laws and regulations.
- 11. Privacy complaint department
You can contact the Personal Information Security Officer and the department in charge of all matters related to the protection of personal information, including inquiries, complaints, and damage relief, that arise while using the service.
The Company will respond to and handle users' inquiries without delay in accordance with the relevant laws and regulations.
Service
How to submit an inquiry
NAVER MYBOX
Papago Pro
Papago Plus
Papago Plus Contact us
CLOVA CareCall
Voice EMR
CLOVA Agent for Nursing
- 12. Remedies for infringements of information subject’s rights
If you need to report or consult about a personal information infringement, you can contact the following organizations.
1. Personal Information Dispute Mediation Committee : (Without area code) 1833-6972 (www.kopico.go.kr)
2. Personal Information Infringement Report Center: (Without area code) 118 (privacy.kisa.or.kr)
3. Supreme Public Prosecutor's Office: (Without area code) 1301 (www.spo.go.kr)
4. National Policy Agency: (Without area code) 182 (ecrm.police.go.kr)
- 13. Notify changes in the Privacy Policy
If there are additions, deletions, or modifications to the content of the Privacy Policy, the Privacy Center will provide prior notice at least seven days before the revision.
However, the Company will make an announcement at least thirty days in advance if there is an important change in the Customer's rights, and the Company can obtain the Customer's consent again if necessary.
This Privacy Policy will be effective from January 23rd, 2025.