Wepublic Wallet Service Terms of Use

Chapter 1: General Provisions

Article 1 (Purpose)

These terms aim to outline the specific matters that users (hereinafter referred to as "User") must understand and adhere to when using the Wepublic Wallet service (hereinafter referred to as the "Service") provided by CPLABS Inc. (hereinafter referred to as the "Company").

Article 2 (Effectiveness and Modification of the Terms)

1. These terms become effective for all users wishing to use the Service.
2. The contents of these terms will be posted within the service or otherwise notified to the user. The terms become effective when the user agrees to them by using the service.
3. The Company may amend these terms when deemed necessary. If the terms are amended, the Company will notify users 15 days prior to the application date, specifying the changes and the reasons for the amendments. If the amendments are disadvantageous to the user, the Company will notify users 30 days before the application date.
4. The period of application of these terms is from the user’s service registration date until the termination of the contract. Users have the right to disagree with any changes made to the terms and may discontinue using the service and withdraw. However, if the user does not express any objection to the amendments before the effective date as notified by the Company, the user is deemed to have agreed to the amended terms.

Article 3 (Matters Not Specified in These Terms)

For matters not specified in these terms, the relevant laws such as the Telecommunications Basic Act, the Telecommunications Business Act, and other laws, as well as the detailed usage guidelines set by the Company, will apply.

Article 4 (Definitions of Terms)
The definitions of the terms used in these terms are as follows:

1. Service Contract: A contract between the Company and the User regarding the use of the service.
2. Service: The service that allows users to use blockchain-based DID authentication services or check authentication records through the application (hereinafter referred to as the "App") installed on the user’s smartphone (hereinafter referred to as "Device").
3. User: A customer who accesses the Company’s service and enters into a contract with the Company, using the services provided by the Company.
4. App: The application installed on the user’s device for providing and utilizing the service.
5. Password: The 6-digit PIN (Personal Identification Number) set by the user for security purposes when using the service.
6. DID (Decentralized Identifier): A technology used to protect personal information by providing an ID. The DID displayed in Wepublic Wallet is a unique anonymous ID issued through the Metadium blockchain and is commonly referred to as DID.
7. Wepublic Wallet: A DID-based digital signature (authentication) service designed to allow users to securely manage their personal information using self-sovereign identity technology.
8. Authentication Means: The tools defined by the issuing institution to issue certificates. Users can choose the authentication means they deem necessary to obtain the certificate. Before proceeding with identity verification, the issuing institution must inform users about how their personal information will be used and obtain their consent. The Company bears no responsibility for this.
9. Certificate: A certificate issued by verifying the user’s identity through the issuing institution. The information contained in the certificate is used as a means of transmitting information to services partnered with the Company.
10. Approval Means: Password input or biometric authentication methods provided to approve actions. The password is mandatory, and users must set a 6-digit number. Biometric authentication is an optional feature provided for convenience, and its availability may vary depending on the device and OS.
11. MY Wallet: The wallet feature of Wepublic Wallet that supports deposits, withdrawals, and storage of virtual assets such as META and Wemix coins.
12. METAPiE: A feature of Wepublic Wallet that stores and manages NFTs based on the Metadium blockchain.
13. Deposit and Withdrawal: The ability to deposit or withdraw virtual assets using Wepublic Wallet.
14. DAO: Decentralized Autonomous Organization (DAO) is a community where decision-making processes are recorded and made public on the blockchain.

For definitions of terms used in these terms, except for those specified in Paragraph 1, the relevant laws and service guidelines apply.


Chapter 2: Service Agreement

Article 5 (Formation of the Service Agreement)

1. The service agreement is formed when the user clicks the "Agree" button to accept the terms of service posted in the Service and submits an application, which the Company accepts.
2. The Company may have a separate procedure for forming individual service agreements for specific services.
3. The Service forms a DID ecosystem with affiliated institutions and connected services. Before these affiliated institutions perform identity verification, each issuing institution must inform users about the use of their personal information and obtain consent. The Company bears no responsibility for this.

Article 6 (Limitations on Service Acceptance)

1. The Company may refuse to accept applications in the following cases:

• If the user’s device, USIM environment, network environment, or technical conditions prevent the service from being provided.
• If the user registers with false information, uses another person’s identity, or performs identity verification without authorization.
• If the applicant has previously lost their eligibility or had their service access restricted.
• If the applicant fails to provide accurate registration information.
• If the user’s actions are expected to interfere with the normal provision of the service.
• If the user intends to disrupt public order or engage in activities against public morals.
• If the user engages in fraudulent methods such as using malicious programs or exploiting system vulnerabilities.
• If a single ID is used by multiple entities or individuals.
• If fraudulent activities related to ID creation are suspected.
• If other requirements set by the Company are not met.

2. If changes occur in the user’s registered information (such as mobile phone number, device, name, USIM chip), service usage may be restricted, and the user must obtain a new DID after re-authentication.

3. The Company begins providing the service once the user's application is accepted. However, the service may begin on a designated date due to technical reasons or other issues.

If the Company is unable to start the service due to business or technical reasons, it will notify users by posting the information in the app or by other means.

Article 7 (Termination and Restriction of the Service Agreement)

1. If the user wishes to terminate the service agreement, they may do so by deleting the app on the service. The service agreement will be terminated when the app is deleted.
2. If the user deletes the app, the service agreement will be terminated, and the user will no longer be able to access any virtual assets or NFTs in the app.
3. If the user violates or fails to comply with the obligations set forth in Article 13, the company may terminate the service agreement or restrict access to the service without prior notice.
4. If the user engages in any of the following acts or fails to fulfill their obligations under these terms, the company is not responsible for any damages arising from such violations:

• Violation of the Telecommunications Basic Act, Telecommunications Business Act, Information and Communication Review Regulations, Computer Program Protection Act, or other relevant laws, or engaging in acts that violate public order or morals;
• b. If the Korea Communications Commission, the Korea Internet & Security Agency, or any public authority requests suspension of use due to illegal spam transmissions;
• Violation of any of the user’s obligations under Article 11;
• Misuse of another user’s ID or name;
• Hacking the service or distributing malicious programs.

5. The user may submit an objection to the company’s restrictions on service use by email or written form.
6. If the company terminates the service agreement under Section 3, it will notify the user in advance. However, if prior notice is difficult due to unavoidable circumstances, the notification may be made after termination.
7. If the user has not logged in to the service for 365 consecutive days, the company may convert the user’s account into a dormant account to protect the user’s personal data and take necessary actions such as separate storage of personal information. The company will notify the user 30 days before the account is converted into a dormant account, and if the user does not reconnect within 30 days of the notification, the personal data will be separated and stored. (However, if the user’s information used for the notification is inaccurate, they may be excluded from the notification.)
8. If the user's account has been converted into a dormant account and no activity is made to convert it back to a regular account within 365 days, the company may terminate the service agreement. However, the company must notify the user 30 days before termination. If the user does not convert it back to a regular account within 30 days, the service agreement will be terminated.
9. The user may file an objection against the company’s actions under this section, and if the objection is deemed valid, the company will immediately resume providing the service.

Article 8 (Prohibition of Transfer)

1. The user may not transfer, gift, or otherwise assign the right to use the service or any other contractual rights to any third party.
2. In the event that the company merges, splits, or transfers the service to a third party, the company will notify the user in advance. Users who oppose the merger, division, or transfer of service may terminate the service agreement.

Article 9 (Modification of User Details)

1. If any details requested by the company from the user need to be updated, the user must modify them according to the separate form and method specified by the company.
2. The company is not responsible for any issues arising from the user’s failure to update the information in a timely manner unless the company is at fault.

Chapter 3 Service Usage

Article 10 (Provision of Services)

1. Upon acceptance of the user's application for service, the company will provide the following services:

• DID authentication service via the app;
• All additional services provided by the company through development or partnerships;
• Services related to the issuance and management of Soul Bound Tokens (SBT).

2. The company considers the user's agreement to these terms and conditions and the privacy policy, as well as acceptance of the app installation or update, as consent to use the services provided by the company and to receive messages, including SMS, within the scope of the user's consent.

Article 11 (Service Usage Time)

1. The company will begin providing the service upon the formation of the user agreement. For some services, the service will start from the designated date.
2. Service usage is available 24 hours a day, 7 days a week, unless interrupted for technical or business reasons. The company will notify users of any temporary suspensions of service.
3. The company may define separate usage times for different services or service ranges, notifying users in advance.

Article 12 (Changes and Suspension of Services)

1. The company may modify the service or some parts of it to improve it. In this case, the company will notify the user of the changes and the implementation date through the app, webpage, push notifications, or text messages 7 days before the change.
2. The company is not responsible for the user’s failure to acknowledge the change if the notice period is not met. However, in special circumstances, the company may notify the user after the service changes.
3. The company may suspend, limit, or discontinue the entire or part of the service in the following cases:

• Unavoidable circumstances, such as maintenance or construction of service facilities;
• If the user obstructs the company’s business activities;
• In cases of power outages, equipment failures, or excessive usage that disrupt normal service use;
• If the service provider through partnership ends the contract or otherwise cannot maintain part or all of the service;
• If the company decides to stop providing all or part of the service due to changes in service policy, deterioration of profitability, or the discontinuation of mobile phone services;
• Other cases of force majeure, such as natural disasters or national emergencies.

4. In cases of service suspension, limitation, or discontinuation under Section 3, the company will notify the user in advance using the methods defined in Section 1. However, if the service is disrupted due to reasons beyond the company’s control (such as heavy usage, disk failures, or system downtimes), the company may not be able to provide prior notice.
5. The company is not responsible for any loss or failure to store messages and other communication data, or for data loss if the service is suspended or limited as per Section 2.
6. The company is not responsible for any problems arising from changes, suspensions, limitations, or discontinuations of services as described in Sections 1-3, unless the company is at fault.

Article 13 (Provision of Information and Advertising)

1. The company may display various information and advertisements, including commercial advertisements, on the app service screen or may send them via text messages or e-mails. Additionally, users can refuse to receive commercial advertisements at any time.
2. If a user communicates or transacts with advertisers through the service or engages in promotional activities offered by advertisers, the company is not responsible for any disputes or problems between the user and the advertiser, unless the company is at fault.

Chapter 4: Obligations of Contractual Parties

Article 14 (Company's Obligations)

1. The company shall establish a security system to ensure the user can safely use the service and shall disclose and comply with the methods for processing personal information in Section 16 of these terms.
2. If a user's complaint related to the service is received, the company must address it promptly, and if immediate processing is difficult, the company will post the reason and the processing schedule on the app service screen or notify the user according to Section 16.
3. The company is responsible for any damage caused to the user only if such damage occurs due to the company’s intentional or negligent actions.
4. For the provision of the service, relevant organizations and partner service providers may request necessary information from users through the company, and if the user approves, the service provider can acquire the requested information. The responsibility for collecting, storing, and using the information rests with the service provider, and the company assumes no responsibility for it.
5. The company complies with laws and regulations related to the operation and maintenance of the service, such as the Information and Communications Network Promotion and Information Protection Act, the Telecommunications Secret Protection Act, and the Telecommunications Business Act.

Article 15 (User's Obligations)

1. The user may not rent, delegate, transfer, or provide access media such as the device, app, or password to a third party for collateral or other purposes.
2. The user must not engage in any of the following acts:

• Registering false information when applying for or changing the service.
• Stealing another person's information.
• Transmitting or posting information other than the information specified by the company (e.g., computer programs, etc.).
• Infringing on the copyrights or other intellectual property rights of the company or other third parties.
• Defaming or harming the reputation or credit of the company or third parties, or interfering with their business.
• Using the service for commercial purposes without the company's consent.
• Replicating, decomposing, imitating, or otherwise modifying the service through reverse engineering.
• Using automatic access programs (macros) or other abnormal methods to interfere with the company's operations or service provision.
• Any act that violates applicable laws, these terms, the service guide, or company notifications.

3. The user must not disclose or expose the access media (device, app, password) to a third party, or neglect or leave them unattended. Adequate caution must be taken to prevent theft, forgery, or tampering of the access media.
4. The user is responsible for managing the access media (device, app, password) and must immediately notify the company through the app, website, or customer service if the access media is damaged, lost, stolen, or leaked.
5. The user may not modify or change the contents of the app without the company’s written approval. Reverse engineering, decompiling, disassembling, or analyzing the source code for purposes outside of the app’s intended use is prohibited. Violating this provision may result in an intellectual property infringement and the user may be held legally responsible under relevant laws.
6. The user is responsible for storing and managing the DID and all certificates issued through the service. The company will not be liable for any failure to use the service caused by the user’s negligence, such as device hacking or loss.
7. If a user violates the obligations outlined in this Article, and causes damage to the company or a third party, the company will be exempt from responsibility for the damages and may take legal actions such as civil claims, criminal prosecution, or reporting to authorities.
8. Deposits and Withdrawals: The user must be aware of the following when depositing or withdrawing virtual assets:

• [Deposit] Virtual assets can only be deposited to the address shown in the "Deposit" menu. The time for deposit processing may be affected by the congestion in the blockchain network. If the deposit address remains unused for an extended period, it may change due to software updates or address structure changes.
• [Withdrawal] Once a withdrawal request is completed, it cannot be canceled. If withdrawing to a contract address, the transaction may fail, so it is advised not to use contract addresses for withdrawal. If the user stores the withdrawal address for future use, it is important to verify the address, as it may change due to software updates or address structure changes. The wallet balance will reflect the completed deposit or withdrawal, and the transaction history can be checked.

Article 16 (Notifications to Users)

1. The company may provide individual notifications to the user through the following methods: e-mail, app, webpage, push messages, or text messages.
2. In the case of notifications to an unspecified group of users, the company may substitute individual notifications by posting them within the service.

Article 17 (Processing of Personal Information)

1. The company collects and uses the user’s personal information in accordance with relevant laws and regulations, and matters regarding personal information protection are governed by the relevant laws and the company’s privacy policy.
2. The company may outsource the processing of personal information in accordance with the Personal Information Protection Act and other applicable laws when necessary for the provision of the service.
3. The user’s personal information, which the company acquires or becomes aware of during the service provision process, will be managed according to the company’s privacy policy. The privacy policy is posted on the app service screen or the company’s website.
4. The company may use or provide the user's personal information in an anonymized form for purposes such as statistical reporting and data analysis in accordance with the Information and Communications Network Utilization and Information Protection Act and the Personal Information Protection Act.
5. The company will only retain and use the user's personal information for the period during which the service is provided. If the user withdraws or if the company achieves the purpose of using the personal information or if the user has not used the service for a certain period and the information’s validity period expires, the company will destroy the personal information. The company will notify the user of this fact electronically (via SMS, email, etc.) within 30 days of the expiration of the validity period. The validity period of the personal information will be calculated from the user's last login date.
6. The validity period for personal information is generally one year, unless otherwise stated in the privacy policy for each service. In cases where other laws set different periods, the following applies:

• Records related to advertising and promotions: 6 months
• Records related to contracts, etc.: 5 years
• Records related to payment and supply of goods or services: 5 years
• Records related to consumer complaints or dispute resolutions: 3 years
• If other laws set different periods: the period defined by those laws

7. All personal information, including the user’s DID and certificates, generated through the company’s services, is stored on the user’s local device, and the company does not store or manage it in a centralized system.
8. The user’s DID, certificates, and all personal information are stored in a decentralized storage system, and the company does not have control over it.
9. The company’s affiliates may request the necessary personal information from the user through the company’s services, and the user may provide the requested personal information by approval. Even in this case, the company does not store or manage the personal information in a centralized system.
10. The company is not responsible for damages caused by the leakage of personal information due to the user's fault.


Chapter 5: Compensation for Damages and Other Matters

Article 18 (Compensation for Damages)

1. The user is responsible for any issues arising from violations of these terms or unlawful actions, and the user is responsible for compensating for any damages caused to the company or other users due to such violations.
2. If the user engages in illegal actions or violates these terms while using the service and the company receives claims or lawsuits for compensation from third parties, the user is responsible for indemnifying the company and compensating for damages caused to the company.
3. This clause remains effective even after the user cancels the service contract or after the company suspends the service based on these terms.

Article 19 (Exemption from Liability)

1. The company is not liable for any damages arising from the following reasons:

• Force majeure events such as natural disasters, strikes, changes in relevant laws, orders or instructions from relevant authorities, or external events that the company cannot control, preventing the provision of the service.
• Negligence in managing the mobile phone number, device, or password by the user.
• Cases where the information, materials, or facts provided by the user are inaccurate, making it impossible to smoothly provide the service.
• Service interruptions caused by issues outside the company's management scope, making the service unavailable.
• Other cases caused by issues related to third-party affiliates or the user’s fault, such as failure to confirm notifications.

2. The company does not intervene in disputes between users or between a user and a third party related to the service, and the company is not liable for damages unless the company is responsible for the issue.
3. The company is not responsible for confirming the accuracy, truthfulness, or validity of the user’s information provided, and is not liable for damages caused by any errors in the information provided by the user.
4. The company is not responsible for damages arising from the user's expected benefits from the service or any materials obtained through the service, and is not liable for the trustworthiness or accuracy of the information, materials, or facts posted by the user on the service.
5. If the company is not the issuer of the access media such as the mobile device, app, password, or program, the company is not responsible for damages caused by forgery or alteration of the access media.
6. The company is not liable for damages caused to users who download or install the app from unofficial sources, rather than through the company’s official distribution channels.
7. If the user’s failure to fulfill the duties mentioned in Article 14 leads to damages, the company is exempt from responsibility unless the company is responsible for the issue.
8. The company is not liable for service disruptions caused by the user’s device environment, which makes the service unavailable.
9. The company is not responsible for service disruptions due to the user's fault.

Article 20 (Dispute Resolution and Jurisdiction)

1. If any disputes arise between the company and the user in relation to the use of the service, the company and the user shall make good-faith efforts to resolve the dispute.
2. Any disputes and lawsuits related to these terms will be under the jurisdiction of the court with jurisdiction over the company's headquarters, in accordance with civil litigation laws.
3. Disputes regarding the service shall be resolved by mutual agreement between the parties. However, if an agreement cannot be reached, the dispute will be resolved in the court with jurisdiction over the company’s headquarters.

[Supplementary Provisions]
Effective Date: These terms and conditions are effective as of 2023. 7. 27.

The previous terms and conditions can be reviewed below.

1. 2022. 1. 20 - 2023. 7. 26