Customer Center

  • Notice
  • 1:1 support
  • Terms of Service
  • Privacy Policy

Privacy Policy

IBCT (hereinafter referred to as the “Company”) attaches the utmost importance to privacy and personal data protection. We do everything possible to protect the personal data you provide to us while using our services. As such, we observe all Korean legal regulations regarding the protection of personal data by cell service providers and all personal data protection guidelines issued by the Ministry of Information and Communication. We inform you as to how we use the personal data you provide and the measures we take to protect it as part of our personal data protection policy.


Article 1 (Purpose) 


With the prior consent of the User, the Company handles personal information for the following purposes. Personal information handling is not used for purposes other than the following purposes and if the purpose of use changes, prior consent will be obtained separately..


1. User registration and management

Personal information is handled for the purpose of confirming membership registration intention, identifying and authenticating oneself according to the provision of membership services, maintaining and managing membership qualifications, preventing illegal use of services, handling various notices and grievances and preserving records for dispute settlement.


2. Settlement of the fees for the service

Personal information is processed for the purpose of transmitting NFT and providing transaction services.


3. Development and marketing of new services and advertisements

Development and marketing of new services and advertisements.Personal information is processed for the purpose of developing new services and providing customized services, providing services and posting advertisements based on statistical characteristics, validating services, providing event and advertising information and participation opportunities, identifying access frequency, and creating statistics on members' use of services.


4. Service user identification and member information modification

Personal information is handled for the purposes of identity verification, age verification, identity match, etc.


Article 2 (Retention of Personal Information)


1. Personal information that is to be collected


Personal Information

Upon identification

Mobile phone number, Carrier, Date of birth, Gender, Domestic and Foreign information, Name, Personal Identification (CI)

When providing a service

Account name, Account password (or Biometric information (fingerprint), Public key

Customer center reception and error management, record preservation

Name for dispute mediation, Date of birth, Gender, E-mail address, Mobile phone number


 ※ Personal information processed for the authentication is not saved separately, and identification information is kept until membership cancellation.


2. How to collect personal information

The Company collects personal information in the following ways:

① When you register as a member or use the service for the first time

② Wired/wireless website and application

③ Supported by affiliates

④ Provision in accordance with User's application, such as identification


3. Period of retention

① User's information is kept until the User cancels the membership. If the User cancels it, the info gets destroyed.Except for the User who has been banned from signing up. In this case, the Company keeps his/her personal information for one year even after membership cancellation. 

② When checking the authenticity of ID card, the above information will be destroyed immediately after processing the verification of the ID card.

4. Despite the Company's privacy policy, information that must be kept under the relevant laws and regulations will be kept for a period prescribed by the law such as the following:

Evidence Act

Saved Information

Saved Period

Act on the Consumer Protection in Electronic Commerce

Records of contracts or cancellation from membership

5 years

Act on the Consumer Protection in Electronic Commerce, commercial laws, basic national tax laws, income tax laws, corporate tax laws, value-added tax laws

payment, and goods in e-commerce, books on transactions, and evidential documents

5 years

Act on the Consumer Protection in Electronic Commerce

Records of consumer’s complaints or mediation of disputes

3 years

Protection of Communications Secrets Act

History of logins

3 months

Article 3 (Consignment of personal information processing)


1. For smooth personal information handling, the Company entrusts personal information as follows and manages and supervises entrusted companies to prevent violations of related laws and regulations. The companies that the Company entrusted with processing personal information are as follows.

The trustee

Purpose of provision

Retention and period of use

Danal Co., Ltd.


The time prescribed by law, at the time of cancellation of membership or the termination of the consignment contract


Amazon Web Services, Inc.

Data storage and system operation


Wallet Node Use

Welcome Payments Co.,Ltd., Danal Co., Ltd., PayPal

Payment Service

In order to provide smooth service, the Company transfers personal information 

overseas to store personal information on the server of a trustee located abroad 

as follows, and does not process personal information except for the purpose of 

performing the consignment business described below. 

Contact information of the trustee and information management manager

Country to transfer

Transfer purpose

Transfer personal information

Date and method of consignment

Retention and period of use

Company : Amazon Web Services, Inc.

Address : P.O. Box 81226 Seattle, WA 98108-1226-

Tel : +1 (206) 266-4064-

Fax : +1 (206) 266-7010


Contact Point of Info Management Officer: https://aws.amazon.com/compliance/contact/


Data storage and system operation

Personal identification (CI)

Date: Registration of User, service use

Method: Data location movement through a global cloud local server

Membership cancellation, or termination of consignment contract 

2. If the contents of the consignment work or the trustee change, we will disclose it through this privacy policy without delay


Article 4 (Providing Personal Information to Third Parties) 


1. The Company does not provide personal information to the outside world 

without the User's prior consent and only processes it within the scope of 

the purpose specified in this Privacy Policy. However, in order for users to use 

the services of the following external affiliates, personal information is provided 

only when they directly agree to provide personal information or are obligated to 

submit personal information to the company under relevant laws and regulations..


Article 5 (Use and provision of personal information within the scope reasonably related to the purpose of collection)


The Company may use personal information or provide it to a third party without the consent of the data subject, taking into account the original purpose of collection and each of the following criteria within a reasonable range.


① Whether it is related to the original purpose of collection: 

It is determined according to whether the original purpose of collection 

and the purpose of providing additional use are related to the nature or tendency

Judgment considering the relationship between the personal information controller and the data subject ② the level of technology and the speed of development, and the general circumstances (practice) established for a considerable period of time

③ Whether the interests of the information subject are unfairly infringed: 

judging in consideration of whether the interests of the information subject are actually infringed and whether the infringement of the interests is unfair in relation to additional purposes of use

④ Whether measures necessary for securing safety, such as pseudonym processing or encryption, have been taken in consideration of whether safety measures are taken in consideration of the possibility of infringement

Article 6 (Rights and obligations of users and how to exercise them)


1. The data subject may exercise the following privacy rights against the Company at any time.

① Request to read personal information

② If there's an error, ask for correction

③ Request for deletion

④ Request for suspension of processing


2. The exercise of rights under paragraph 1 can be made through written, e-mail, and remittance (FAX) to the Company, and the Company will take action without delay.


3. If the data subject requests correction or deletion of errors in personal information, the Company does not use or provide the personal information until correction or deletion is completed.


4. The exercise of rights under paragraph 1 may be made through an agent such as a legal representative of the data subject or a person who has been delegated. In this case, one must submit a power of attorney.


Article 7 (Destruction of personal information)


1. In principle, if the purpose of processing personal information is achieved, the Company will destroy the personal information without delay. However, if a User has obtained separate consent or if other laws and regulations impose a preservation obligation for a certain period of time, it shall be saved separately from other personal information during that period.


2. According to the Personal Information Protection Act, personal information of members who are not active for a year should be kept separately from the members that are active.

① Separation procedure: Inform the user of the fact that the member's personal information is kept separately prior to 30 days from the point of separation, the expiration date of the period, and the items of the personal information by e-mail, written, FAX, phone, or similar method.

② Separate saved info: Account and CI (user identification info) 


3. The procedure, deadline, and method of destroying personal information are as follows:

① Destruction Procedure: The information entered by the user will be transferred to a separate DB after achieving the purpose (separate documents in the case of paper) and stored for a certain period of time according to internal policies and other related laws or regulations. At this time, the personal information transferred to the DB is not used for any other purpose except in accordance with the law.

② Destroyed: If the user's personal information retention period has elapsed, the personal information will be destroyed within five days from the date when personal information becomes unnecessary, such as achieving the purpose of processing personal information, abolishing the service, or termination of the business.

③ Destruction Method: Information in the form of an electronic file uses a technical method that cannot play records. Personal information printed on paper is crushed with a grinder or destroyed through incineration.


Article 8 (Measures to secure the safety of personal information)


In accordance with Article 29 of the Personal Information Protection Act (duty of safety measures), the Company is taking technical/management and physical measures necessary to ensure safety as follows. In addition to the above efforts, users should be careful not to expose passwords to third parties. In particular, user should be careful not to leak passwords through PCs installed in public places, and it is important to change passwords regularly.


1. Technical measures to prepare for hacking

To prevent personal information leakage and damage caused by hacking or computer viruses, the Company installs security programs, periodically renews and inspects them, installs systems in areas where access is restricted from the outside, and monitors and blocks them technically and physically. In addition, it is stored in a separate and safe space to prevent forgery and alteration of access records.


2. Encryption of personal information

User's personal information is encrypted, stored, and managed, so only they can know, and important data uses separate security functions such as encrypting files and transport data or using file lock functions.


3. Restricting access to personal information

The government is taking necessary measures to control access to personal information through granting, changing, and canceling access to the database system that processes personal information, and controls unauthorized access from outside using the intrusion blocking system.


4. Use of locks for document security

Documents including personal information, auxiliary storage media, etc. are stored in a safe place with locks.


5. Access control for unauthorized person

There is a separate physical storage place where personal information is stored, and access control procedures are established and operated.


Article 9 (Matters concerning the installation and operation of an automatic personal information collection device and its refusal)


The Company does not use automatic personal information collection devices such as cookies that store users' usage information and frequently retrieve them.


Article 10 (The person in charge of personal information protection)


1. In order to protect users' personal information and handle complaints related to personal information, the company designates the relevant department and the person in charge of personal information protection as follows.

(Personal Information Protection Officer)

- Dept: Information Protection Team.

- Name: Choi Jang Hong

- Position: Director in Information Protection.

- Phone number: (+82) 2-6959-1250

- Email: contact@ibct.kr

2. Users can contact the person in charge of personal information protection and the department for all personal information protection complaints arising from using the company's services. The company will answer and process user inquiries.


Article 11 (Remedies for Infringement of Rights)


Users can inquire about the institution below about damage relief and counseling for personal information infringement.

The institution below is a separate institution from the Company, and if you are not satisfied with the Company's own personal info, complaint handling and damage relief results, or if you need more help, please contact them.


1. Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency)

- Website : privacy.kisa.or.kr

- Tel : 118 (without a national number)

2. Personal Information Dispute Mediation Committee

- Website : www.kopico.go.kr

- Tel : 1833-6972 (without a national number)

3. Cyber Investigation Department of the Supreme Prosecutors' Office

- Website : www.spo.go.kr

- Tel : 02-3480-3570 / 1301 (without a national number)

4. National Police Agency Cyber Bureau

- Website : https://ecrm.cyber.go.kr/

- Tel : 182 (without a national number)


Article 12 (Personal information processing policy revision)


This personal information processing policy will be notified through the "Notice" section before the revision if there is any addition, deletion, or modification of the contents due to changes in the Company's policy, such as changes in government policy or security technology.


Supplementary Provision


This Privacy Policy of V.1.0.0 applies from November 1, 2021.