Privacy Policy
We aim to provide you with an overview of how your personal data is processed during the installation and use of our mobile application, "Fidélité" (hereinafter referred to as the "app"), as well as inform you of your rights under data protection laws.
The processing and usage of your data will depend on whether you have provided explicit consent to this data protection statement or are using the app without such consent. In either case, we will detail the data that is processed and how it is used to ensure transparency and protect your privacy.
You must provide personal data required to begin and execute a business relationship and fulfill contractual obligations or for which we are legally obligated to collect. Without this data, we are unable to complete or execute the contract with you.
As part of the app installation and usage, we collect, process, and use the data described below to determine your areas of interest, relevant information, and offers from our partner companies. This enables us to provide you with the necessary app functions and relevant information and offers from our partners.
When you use the app, we collect, process, and use the following data to fulfill our contractual obligations, as per Article 6 paragraph. 1 b GDPR, or based on our legitimate interests, as per Article 6 paragraph 1 f GDPR (meaning our interests in analyzing, optimizing, and efficiently operating the app).
Usage data: We collect and save how you use your card (e.g., card used, time, number of points).
Card data: You must provide your loyalty card and customer number from a card provider to use the app. This card data is converted into the respective barcode for the contractually agreed purposes and used within the app to protect against abuse and to provide you with other services, if agreed upon.
We also use the above data in an anonymized form for market research and creating anonymized statistics. If you give us consent to process your personal data, we may also collect and use your data for the following purposes:
Personalized offers: If you agree to receive personalized offers from our partner companies (e.g., rebate coupons), we may share your card number with general information about your app usage with the respective card provider to send you personalized offers (including card-linked coupons) through the app or other electronic channels (e.g., email or messenger).
Interface data: If you log into your user account from a card provider through the app, we will collect and save the respective point status and shared transactions or other offers provided to you (such as card-linked coupons or personalized offers). We save the login data to provide easy access to this and other interfaces in the future.
We may process some of your data above through automated means, such as profiling, with the aim of improving the app's functionality to meet your demands or to provide you with relevant products and offers from our partners. This may include communication and advertising within the app, as well as market and opinion research based on anonymous data. We strive to be transparent and protect your privacy rights while utilizing this data to improve your app experience.
We process your personal data in accordance with the General Data Protection Regulation (GDPR) and the data protection laws in South Korea, for the following purposes and legal bases:
Fulfillment of contractual obligations (art. 6 para. 1 b. GDPR) : We process your data to provide you with the app's services and functions.
Consent (art. 6 para. 1 a GDPR) : If you provide your express consent (opt-in) to process your data for specific purposes within the app (e.g., application for a customer card from a partner, login to your user account from a card provider, delivery of personalized offers), we will process your data based on your consent. You can revoke your consent at any time.
Legitimate interests (art. 6 para. 1 f. GDPR) : We may process your data beyond the contract to protect our or third parties' legitimate interests, such as designing and optimizing the app, analyzing user requirements, advertising or market research (provided you have not objected to it), IT security, and controlling and developing our app.
We use third-party services to analyze, optimize, and efficiently operate our app. By using our app, you agree to the use of the following services:
a) Firebase Analytics: We use "Firebase Analytics" from Google Inc. (Google), which records how users interact with our app, including events such as app opening, uninstallation, update, crash, or frequency of use. User profiles may also be recorded to illustrate advertising customized for users. Google complies with European data protection regulations under the Privacy Shield agreement. You can view Google's privacy policy here: https://www.google.com/policies/privacy. You can opt out of this data processing using the settings and opt-out options provided by Google at https://www.google.com/ads/preferences.
b) Facebook Software Development Kit (SDK): We use the Software Development Kit (SDK) from Facebook Inc. (Facebook) to evaluate the installation of our app and the success of advertising campaigns. The anonymous data collected by Facebook includes information that the app was started, and an advertising ID provided by the end device's operating system as a pseudonym. The advertising ID is not used for optimized advertising purposes by Facebook in our app. Facebook complies with European data protection regulations under the Privacy Shield agreement. You can find out more information about the Facebook SDK for iOS at https://developers.facebook.com/docs/ios and for Android at https://developers.facebook.com/docs/and. You can opt out of this data processing using the settings and opt-out options provided by Facebook at https://www.facebook.com/ads/preferences/edit.
Apart from the processing mentioned above, we will only share your personal data with your explicit consent. Within Fidélité, only those individuals who require access to your data to fulfill our contractual and legal obligations will be granted access. By giving your express consent to this data protection statement, you allow us to share your data with the respective card provider or partner company as specified.
Transmission of data to countries outside of the European Union (referred to as "third-party states") will only occur under the following conditions:
- It is necessary to fulfill your orders
- It is legally required
- As part of order data processing
- You have provided us with your explicit consent
In cases where third-party service providers are involved, they are required to comply with the data protection standards in Europe through written instructions, either by agreeing to the EU standard contract clauses or by being certified under the Privacy Shield.
We will retain and process your personal data for as long as it is necessary to fulfill our contractual and legal obligations. It is important to note that our business relationship may continue for several years.
Once your personal data is no longer needed to fulfill contractual or legal obligations, it will be regularly deleted unless further processing is required to preserve evidence within the scope of statutory limitation periods. These limitation periods may extend up to 30 years, in accordance with 195ff. of the Civil Code (BGB), although the regular limitation period is three years.
Every individual has the following rights with regard to their personal data, as per the GDPR:
The right to obtain information (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to data portability (Article 20)
Please note that the rights to obtain information and erasure are subject to certain restrictions as outlined in §§ 34 and 35 of the GDPR. In addition, you have the right to file a complaint with the relevant data protection supervisory authority (Article 77 GDPR in conjunction with 19 GDPR).
You can withdraw your consent for the processing of your personal data at any time.
The responsible position is:
Wishupon, Inc.
66 Eulji-ro, Jung-gu, Seoul
South Korea
You can reach our data protection officer at:
Wishupon, Inc.
66 Eulji-ro, Jung-gu, Seoul
South Korea
Email address: hello@wsupon.com