JUSTCO GROUPβS PRIVACY POLICY
Β
1. Introduction
Β
At the JustCo Group (βJustCoβ) we respect the privacy and confidentiality of the personal data of our members and others whom we interact with in the course of providing our services as well as of applicants who apply for positions with us. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data you provide us.
We have developed this Data Protection Notice to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession. We will comply with all applicable laws with regards to data privacy, and where local laws are more stringent than this policy, then such laws shall prevail and JustCo shall comply with such laws.
In the event of any inconsistency or discrepancy between the English version of this policy and any languages, the English version shall prevail.
Β
2. How We Collect Your Personal Data
Β
Personal data means data, whether true or not, about a customer who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
We collect your personal data when you:
- Subscribe or purchase our services
- Use our services
- Enquire / respond to our range of services via our marketing, promotional campaigns including electronic direct mails (EDMs)
- Are referred to us by one of our members or business partners
- Provide feedback to us on our quality of service
- Visit our websites and leave behind your contact information
- Visit our locations which are being monitored by closed circuit television
- Communicate with us via emails or written correspondences
3. Types of Personal Data We Collect About You
Β
The types of personal data we may collect about you include:
- Personal information (Name, Address, Phone No., Email Address, Identification No., Date of Birth, Nationality)
- Biometric information (Pictures, Video from security cameras, voice recordings)
- Payment / financial information (Bank Account No., Credit/Debit Card Name, Credit/Debit Card No., Card expiry date)
- Location Data
- Information on the use of our services (frequency of use of our services, location of use etc)
- Information from other organisations (your employer or other entities we believe you have authorized to provide your personal details on your behalf)
4. How We Use Your Personal Data
Β
We use the personal data you provide us for one or more of the following purposes
- Complete customer due diligence where required by applicable laws
- Verify your identity
- Inform you of any updates or improvements
- Manage, analyse and improve our services, business and operations to serve you better or enhance customer experience
- Respond to opinions, comments or feedback about our products or services
- Process and manage our services
- Process billing, payment and other credit-related activities
- Conduct market research, direct marketing and lead generation activities
- Conduct joint marketing with other companies and service providers
- Communicate with customers, guests, members and website visitors
- Comply with or fulfil legal obligations and regulatory requirements
- Ensure the security and safety of our users
- Management of our centres
5. Who We Disclose Your Personal Data To
Β
We may disclose some of the personal data you provide us to our related corporations, as well as the following entities or organisations outside JustCo for one or more of the purposes set out in section 4:
- Legal, Finance, Audit and/or Accounting Professionals
- EDM / Email Service Vendors
- Payment processors and financial institutions
- Research institutions
- Advertisers / Advertising Agencies
- Event Organisers
- Our Data Processing and IT Services Providers to facilitate guest registration
- Freight / Courier Services
- HR / Payroll Processing Services and Insurance Companies
- Government Agencies
Where required to do so by law, we may disclose personal data about you to the relevant authorities or to law enforcement agencies.
Β
6. How We Manage the Collection, Use and Disclosure of Your Personal Data
Β
6.1 Obtaining Consent
Β
Before we collect, use or disclose your personal data, we will notify you of the purpose why we are doing so, including via this Privacy Policy. You consent to the collection, use and disclosure of your personal data for the purposes set out in this Privacy Policy.
Under certain circumstances, we may assume deemed consent from you when you voluntarily provide your personal data for the stated purpose, e.g. when you provide your name and payment details in order to purchase services from us.
We may rely on exceptions to the need for consent under applicable for the collection, use or disclosure of your personal data under the following circumstances. for example:
- The personal data is publicly available
- The personal data is disclosed by a public agency or disclosed to a public agency
- The personal data is necessary for any investigation or proceedings
- The personal data is necessary for evaluative purposes
- The personal data is necessary to recover a debt owed by an individual to JustCo, or for JustCo to pay a debt owed to the individual
- The personal data is necessary for a business asset transaction
6.2 Withdrawal of Consent
Β
If you wish to withdraw consent, you should give us reasonable advance notice. We will advise you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future services offered by us.
Your request for withdrawal of consent can take the form of an email or letter to us, or through the βUNSUBSCRIBEβ feature in an online service.
Β
6.3 Use of Cookies
Β
We use βcookiesβ to collect information about your online activity on our website. A cookie is a small text file created by the website that is stored in your computer to provide a way for the website to recognise you and keep track of your preferences. The cookie makes it convenient for you such that you do not have to retype the same information again when you revisit the website or in filling electronic forms.
Most cookies we use are βsession cookiesβ, which will be deleted automatically from the hard disk of your computer at the end of the session.
You may choose not to accept cookies by turning off this feature in your web browser. Note that by doing so, you may not be able to use some of the features and functions in our web applications.
Β
7. How We Ensure the Accuracy of Your Personal Data
Β
We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading and kept up-to-date.
From time to time, we may do a data verification exercise for you to update us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us of any changes to your personal data (such as a change in your mailing address).
Β
8. How We Protect Your Personal Data
Β
We have implemented appropriate information security and technical measures (such as data encryption, firewalls and secure network protocols) to protect the personal data we hold about you against loss; misuse; destruction; unauthorised alteration/modification, access, disclosure; or similar risks.
We have also put in place reasonable and appropriate organisational measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a βneed to knowβ basis.
When we engage third-party data processors to process personal data on our behalf, we will ensure that they provide sufficient guarantees to us to have implemented the necessary organisational and technical security measures, and have taken reasonable steps to comply with these measures.
Β
9. How We Retain Your Personal Data
Β
We have a document retention policy that keeps track of the retention schedules of the personal data you provide us, in paper or electronic forms. We will not retain any of your personal data when it is no longer needed for any business or legal purposes. We will dispose of or destroy such documents containing your personal data in a proper and secure manner when the retention limit is reached.
Β
10. How You Can Access and Make Correction to Your Personal Data
Β
You may write in to us to find out how we have been using or disclosing your personal data. Before we accede to your request, we may need to verify your identity. We will respond to your request as soon as possible, and, where possible we will let you know and give you an estimate of how much time we require. We may also charge you a reasonable fee for the cost involved in processing your access request.
If you find that the personal data we hold about you is inaccurate, incomplete, misleading or not up-to-date you may ask us to correct the data. Where we are satisfied on reasonable grounds that a correction should be made, we will correct the data as soon as possible, or within 30 days from the date we receive your request.
Β
11. Contacting Us
Β
If you have any query or feedback regarding this Policy, or any complaint you have relating to how we manage your personal data, you may contact our Data Protection Officer (DPO) at:Β [email protected]
Any query or complaint should include, at least, the following details:
- Your full name and contact information
- Brief description of your query or complaint
We treat such queries and feedback seriously and will deal with them confidentially and within reasonable time.
Β
12. Changes to this Data Protection Notice
Β
We may update this Data Protection Notice from time to time. We will notify you of any changes by posting the latest Notice on our website. Please visit our website periodically to note any changes.
Changes to this Notice take effect when they are posted on our website.
Dated 1 January 2026
Β
Β
APPENDIX
Β
Data Protection Notice Applicable to Users from the Republic of KoreaΒ
Data Protection Notice
1. Introduction
JustCo respects the privacy and confidentiality of the personal data of our members, others with whom we interact in the course of providing our services, and applicants for employment with our company. We are committed to implementing policies, practices, and processes to safeguard the collection, use, and disclosure of the personal data you provide.
We have prepared this Data Protection Notice to help you understand how we collect, use, disclose, process, protect, and maintain your personal data. We will comply with all applicable data privacy laws. If local laws are more stringent than this policy, local laws will prevail, and JustCo must comply with those laws.
This data protection notice applies to the collection and processing of personal data of our members and others with whom we interact in the course of providing our services.
2. How we collect your personal data
Personal data means any information that can uniquely identify an individual (a) on its own or (b) when combined with other information.
To achieve the purposes set out in Section 4, we collect your personal data when you fall under the following circumstances:
- When you subscribe to or purchase our services
- When using our services
- When you inquire about or respond to our various services through our marketing and promotional campaigns, including electronic direct mail (EDM).
- When our members, users, account holders and/or business partners refer you to us.
- When you provide us with feedback about the quality of our services
- When you visit our website and leave your contact information
- When you communicate with us via email or written communication
The scope of personal data collection is kept to the minimum extent necessary to achieve the specific purposes specified in Section 4.
3. Types of personal data we collect about you
The types of personal data we collect about you include:
- Contact information (name, phone number, email address)
- Biometric information (photos, security camera footage, voice recordings)
- Payment Information (Credit/Debit Card Information)
- Account information (account balance, active subscriptions)
- Location data
- Information about your use of our services (frequency of service use, location of use, etc.)
- Information from other organizations (such as your employer or any other entity you believe has authorized us to provide personal details on your behalf)
4. How we use your personal data
The personal data specified in Section 3 will be used solely for one or more of the purposes specified below.
- Verify your identity
- Notification of updates or improvements
- Manage, analyze and improve our services, business and operations to provide better services or enhance customer experience.
- Responding to your comments, opinions, or feedback about our products or services
- Processing and managing our services
- Processing billing, payments, and other credit-related activities
- Conduct market research, direct marketing, and lead generation activities
- Conduct joint marketing with other companies and service providers
- Communicate with your customers, guests, members, and website visitors
- Comply with or fulfill legal obligations and regulatory requirements
- Ensuring user security and safety
If the purpose of processing changes, we will take necessary measures, including obtaining separate consent. Furthermore, except for the exceptions listed below, we will use and store your personal data from the date of consent until the purpose of collection and use is achieved. After that, your personal data will be destroyed in accordance with our data retention policy or applicable laws.
Β
Purpose of processing | Data Use and Retention Period | Personal data categories |
Responding to your comments, opinions, or feedback about our products or services | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. Based on the βAct on Consumer Protection in E-Commerce, etc.β:
| Contact Information |
Processing and managing your account/contract with us | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. Based on the βAct on Consumer Protection in E-Commerce, etc.β:
| Contact Information Payment Information |
Processing billing, payments, and other credit-related activities | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. Based on the βAct on Consumer Protection in E-Commerce, etc.β:
| Contact Information Payment Information |
Β
Β
5. Sharing and entrusting personal data to third parties
Β
We disclose some of the personal data you provide to us by providing or entrusting it to third parties or organizations outside of JustCo to perform services for you. Your personal data will only be shared with the specific recipients specified below.
If it is necessary to entrust certain personal data as specified in Section 3 to properly use our Services in connection with the use of certain Reinvent features.
If you give us permission to provide your personal data by selecting the appropriate settings in the Reinvent Services or by giving us permission through the consent mechanisms presented.
When disclosure is requested by relevant authorities or law enforcement agencies in accordance with applicable laws and regulations.
Β
Third-party consignment
Third party name | Purpose and use of data | Use and retention period | Personal data items to be entrusted |
Advertising platforms understand audience profiles and optimize audience targeting. | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. | Contact Information | |
Advertising platforms understand audience profiles and optimize audience targeting. | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. | Contact Information | |
Naver | Advertising platforms understand audience profiles and optimize audience targeting. | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. | Contact Information |
Stripe | Online payment processing | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. | Payment Information |
Envoy | Registration and processing of guest visits | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. | Contact Information |
SurveyMonkey | Conducting and processing surveys | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. | Contact Information |
MailChimp | EDM service | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. | Contact Information |
AWS RDS | database | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. | All items specified in Section 3 |
Microsoft Sql Server | PowerBi | From the date of consent until the purpose of collection and use is achieved. After that, personal data is destroyed in accordance with our data retention policy or applicable laws. | All items specified in Section 3 |
Zendesk | Support for help desk | Use only when requested | Contact Information |
6. Entrustment and transfer to another country
Β
To provide our services to you, we may entrust, store, or provide (including for inquiries) your personal data to third parties overseas. Therefore, your personal data may be subject to data protection laws that differ from those in your country. In such cases, we ensure that the transfer of your personal data is conducted in compliance with applicable data protection laws and, in particular, that appropriate contractual, technical, and organizational measures are in place to protect your data.
If we provide your personal data to third parties overseas, we will always ask for your separate consent.
Β
Overseas consignment
Third party name | Personal data to be transferred | Purpose of transmission | nation | Date and method of transmission | Use and retention period |
Amazon Web Services, Inc | Items specified in Section 3 | Data storage and file sharing | Singapore | Transmitted over the network at the time of service | From the date of transmission through the network until the purpose of collection and use is achieved. |
Β
Overseas provision
Third party name | Personal data to be transferred | Purpose of transmission | nation | Date and method of transmission | Use and retention period |
All affiliated companies of JustCo | Items specified in Section 3 | For the purposes stated in Section 4 | Singapore | Transmitted over the network at the time of service | From the date of transmission through the network until the purpose of collection and use is achieved. |
Β
Β
7. How we collect, use, and disclose your personal data
Β
7.1 Obtaining consent
Β
Before we collect, use, or disclose your personal data, we will notify you of the reason and obtain written confirmation of your explicit consent. We will not collect more personal data than is necessary for the stated purpose. If the original purpose of collecting, using, or disclosing your personal data changes, we will seek your new consent.
In certain circumstances, we may consider your consent if you voluntarily provide us with your personal data for a stated purpose (e.g., if you apply for a job with us using our job application form).
For example, exceptions to the requirement for consent to collect, use, or disclose your personal data may apply in the following circumstances:
- Personal data is publicly available
- Personal data disclosed by or to public institutions
- Personal data is required for investigation or legal proceedings.
- We need your personal data for assessment purposes (e.g. to determine your creditworthiness).
- Personal data is needed to collect a debt owed to JustCo by an individual or for JustCo to repay a debt owed to an individual.
- Personal data is required for business asset transactions.
Β
7.2 Withdrawal of consent
Β
If you wish to withdraw your consent, you must provide us with reasonable prior notice. As a result of your withdrawal, we may not be able to provide you with future services without your personal contact information.
You may request to withdraw your consent by sending us an email or letter, or by using the βunsubscribeβ function of the online service.
Β
7.3 Use of Cookies
Β
Our website may use “cookies” to collect information about your online activity. Cookies are small text files created by a website and stored on your computer. Cookies allow the website to recognize how you interact with online content and advertisements, track your preferences, evaluate the performance of our website, and personalize the content and advertisements you see. Cookies are convenient because they eliminate the need to re-enter the same information when you return to the website or fill out electronic forms.
Most cookies we use are βsession cookiesβ and are automatically deleted from your computer’s hard drive at the end of your session.
You can choose not to accept cookies by disabling this feature in your web browser. However, this may prevent you from using some features of the web application.
Β
8. How we ensure the accuracy of your personal data
Β
We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading, and kept up to date.
We may periodically verify your personal data to ensure you are aware of any changes to the personal data we hold about you. If we have an ongoing relationship with you, it is important to notify us of any changes to your personal data (e.g., a change in your postal address).
Β
9. How we protect your personal data
Β
We have implemented appropriate information security and technical measures (e.g., data encryption, firewalls, and secure network protocols) to protect your personal data held by us from loss, misuse, destruction, unauthorized alteration/modification, access, disclosure, and similar risks.
We have also put in place reasonable and appropriate organizational measures to maintain the integrity and confidentiality of your personal data, and your data will only be shared with authorized persons who have a βneed to know.β
When we engage third-party data processors to process personal data on our behalf, we will ensure that they provide us with sufficient assurances that they have implemented necessary organizational and technical security measures and have taken reasonable steps to comply with these measures.
Β
10. How we retain and delete your personal data
Β
We maintain a document retention policy that tracks the retention schedule for the personal data you provide, either in paper or electronic form. We do not retain personal data that is no longer necessary for business or legal purposes.
We will properly and securely destroy or dispose of documents containing your personal data when the retention period has expired or the purpose of the personal data has been achieved and the data is no longer needed.
The destruction procedures and methods are as follows.
- Destruction Procedure: Once the purpose is achieved, the user’s personal data is transferred to a separate database and stored for a certain period of time in accordance with internal policies and other relevant laws and regulations for information protection reasons before being destroyed.
- Destruction Method: Personal data stored in electronic file format is deleted using technical means that render data restoration impossible. We destroy your personal data by replacing the data to be destroyed with unrecoverable data from our database.
Β
11. How you can access and correct your personal data
Β
You or your legal representative may request access to, correction/deletion of, or cessation of processing of your personal data, or withdrawal of consent at any time. You may also write to us to confirm how we have used or disclosed your personal data (including through third-party disclosure or entrustment). We may need to verify your identity before agreeing to your request. We will respond to your request as promptly as possible, and will notify you where possible and provide an estimated timeframe for processing. We may also charge a reasonable fee to cover the costs associated with processing your access request, to the extent permitted by applicable law.
If you become aware that your personal data we hold is inaccurate, incomplete, misleading, or out of date, you may not request that we correct it. If we have reasonable grounds to believe that correction is necessary, we will correct the data as soon as possible or within ten days of receiving your request.
Β
12. How to contact us
Β
If you have any questions or feedback about this policy or a complaint regarding how we manage your personal data, please contact our Data Protection Officer (DPO).Β [email protected]You can contact us at .
Any questions or feedback must include at least the following details:
- Your name and contact information
- A brief description of your question or complaint
We take such questions and feedback seriously and will address them confidentially within a reasonable timeframe.
To report or consult about other privacy violations, you may contact the following organizations. These organizations are independent from JustCo and can be used if you are not satisfied with how we have handled your personal data-related complaint or if you require further assistance.
- Personal Information Infringement Report Center (privacy.kisa.or.kr/phone number 118)
- Supreme Prosecutors’ Office Cybercrime Investigation Division (www.spo.go.kr/ phone number 1301)
- National Police Agency Cyber Investigation Bureau (police.go.kr/phone number 182)
Β
13. Changes to this Data Protection Notice
Β
This Data Protection Notice may be updated periodically. Any changes will be notified to you by posting the latest notice on our website. We recommend that you visit our website regularly to check for any changes.
Any changes to this Notice will be effective on the date they are posted on our website, and the effective date will be recorded in the updated version of this Notice.
You can also access previous notices via the links below.
- No previous notice
Β
14. Link
Β
We may display third-party advertisements and other content linked to third-party websites and/or applications. We do not control or are responsible for the privacy practices or content of these third parties. Please note that any personal data you provide or are collected when you click on a third-party advertisement or link is not subject to this Notice. To learn how these third parties collect and process your personal data, please refer to their privacy policies.
Β
15. Children
Β
Our Services are not intended for anyone under the age of 19, including children under the age of 14. Furthermore, our Services are not intended for children whose personal data processing is unlawful due to their age or whose personal data processing requires parental consent under applicable local law.
We do not knowingly collect personal data from children under the age of 14 or under the applicable age limit (βAge Limitβ). If you fall under the Age Limit, you should not use our Services or provide us with any personal data.
If you are the parent of a child under the age limit and you become aware that your child has provided us with personal data, you may exercise your rights to access, correct/delete, stop processing, and withdraw consent by contacting our Data Protection Officer.
If we learn that we have collected personal data from a child under the age of 14, we will take appropriate steps to delete that personal data.
Β
July 27, 2021