Article 1 (Purpose)
Article 2 (Principles of Personal Information Handling)
The Company may collect the Personal Information of Users following legislations related to Personal Information and this Policy, and the collected Personal Information may be provided to 3rd parties only in the cases where there is consent from the Individual. However, in the case that the company is legally compelled due to the stipulations of legislation etc., the Company may provide the Personal Information of Users to a 3rd party without the prior consent of the Individual.
Article 3 (Disclosure of this Policy)
➀ The Company shall disclose this Policy in the initial screen of the Company homepage or on a linked screen from the initial screen, so that the User can examine this Policy easily at any time.
➁ When the Company discloses this Policy in accordance with Paragraph 1, it shall use font sizes and colors that allow Users to easily examine this Policy.
Article 4 (Changes to this Policy)
➀ This Policy may be amended following changes in legislation, guidelines, and notifications related to Personal Information, or changes in the policy or content of the government or Company service.
➁ In the event the Company amends this Policy in accordance with Paragraph 1, it shall be notified utilizing one of the following methods.
➂ For the notification in Paragraph 2, the Company shall notify amendments to this Policy at least 7 days prior to the implementation date of the amendment. However, in the event there are important changes to User rights, notification must occur at least 30 days prior.
Article 5 (Scope of Personal Information Collection)
The Company shall collect the minimum amount of Personal Information that is required to provide Company Services to the User.
Article 6 (Information for Membership Registration)
The Company shall collect the following information for membership registration of the User to the Company Services.
1. Required information
Customer: E-mail, password, surname, given name, mobile phone number, country of residence Host: E-mail, password, surname, given name, store(store name, address, phone number, operating hours)
2. Optional information
Customer: Profile picture, gender, birthdate, address, SNS log-in information Host: Profile picture, gender, birthdate, address, SNS log-in information
Article 7 (Information for Identity Verification)
The Company shall collect the following information for identity verification of the User.
1. Required information Mobile phone number, e-mail address, name, password, country of residence
2. Optional information Birthdate, gender, identity verification information(CI, DI), mobile service provider, I-Pin information(When using I-Pin), whether the User is a Korean/foreigner
Article 8 (Information for Legal Representative Consent)
In the case the consent of a legal representative is required, the Company shall collect the following information for legal representative consent.
1. Required information Guardian name, guardian birthdate, guardian gender, guardian mobile phone number, country of residence
2. Optional information Whether the guardian is a Korean/foreigner, guardian mobile service provider information, guardian I-Pin information
Article 9 (Information for Payment Services)
The Company shall collect the following information from the User to provide payment services of the Company.
1. Required information Credit card number, credit card password, expiration date, CVC, 4DBC, e-mail, surname, given name
2. Optional information Birthdate
Article 10 (Information for the Provision of Company Services)
The Company shall collect the following information to provide Company Services to the User.
1. Required information
E-mail, password, surname, given name, mobile phone number, country of residence
2. Optional information
Profile picture, gender, birthdate, address, SNS log-in information (When providing tangible goods) Name, mobile phone number, address, birthdate (When providing mobile goods) Mobile phone number, birthdate (When processing tax and public utilities charges) Name, resident registration number, mobile phone number, address, e-mail address
⊃ Company Services : In addition to Company Services in accordance to the Company’s user agreement, there are also services including marketing or event management for the provision of Company Services, and service usage environment for the security and privacy of the User etc.
Article 11 (Information to check for service usage and unlawful usage)
The Company shall collect the following information to check for service usage and unlawful usage by the User.
1. Required information
Service usage record, cookies, connection location information, device information, device browser information
⊃ Unlawful usage : Refers to illegal or cheating acts such as re-registration after membership withdrawal, acts of gaining economic benefit through illegal or cheating methods such as gaining discount coupons or event benefits provided by the company though repeated product purchase and purchase cancellation, acts restricted by the user agreement etc., identity theft etc. The collected information may be used for statistics or analysis on Company Service usage.
Article 12 (Personal Information Collection Method)
The Company shall collect the Personal Information of the User through the following methods.
1. The method where the User inputs their Personal Information on the Company homepage
2. The method where the User inputs their Personal Information through services other than the homepage provided by the Company such as applications etc.
3. The method where the User who has received an e-mail sent under the Company name responds to this e-mail
4. The method where the User inputs the information in the process of using Company Services including customer center consultation, activity on bulletin boards etc.
Article 13 (Usage of Personal Information)
The Company shall use Personal Information in each of the following cases.
1. The case it is required for the operation of the Company such as delivery of notifications etc.
2. The case it is used to improve services to the User including responses to usage queries, handling of complaints etc.
3. The case it is used to provide Company Services
4. The case it is used for development of new services
5. The case it is used for marketing such as the provision of event information
6. The case it is used for demographic analysis, service visit and usage information analysis
7. The case it is used for the formation of relationships between users based on Personal Information and interests
8. The case it is used for usage restriction of members who violate laws and Company agreements, the prevention and restrictions on acts that impair the smooth operation of services including unlawful usage
Article 14 (Restriction on provision of Personal Information to 3rd parties)
The Company shall use Personal Information within the scope notified through the collection/usage purpose of Personal Information and cannot use the information in a way which exceeds the scope of the collection/usage purpose of Personal Information or provide the information to a 3rd party without prior consent by the User.
Article 15 (Provision of Personal Information following prior consent etc.)
Act 16 (Provision of Personal Information following legislation etc.)
The Company may collect/use the Personal Information of Users without the consent of the User in any of the following cases.
1. The case when it is clearly difficult to receive standard consent for Personal Information required for the execution of contracts related to the provision of information communications services due to economic/technical reasons
2. The case when bill settlement regarding the provision of information communications services is required
3. In the case there are special regulations regarding the provison of personal information in legislation
Article 17 (Entrustment of Personal Information Processing)
Article 18 (Storage and usage period of Personal Information)
Article 19 (Storage and usage period of Personal Information in accordance with legislation)
In accordance with related legislation, the Company shall store and use Personal Information as followings.
1. Storage and usage period following the Act on the Consumer Protection in Electronic Commerce, etc.
- Records regarding execution of the agreement or withdrawal of subscriptions etc.: 5 years
- Records regarding payments and provision of goods etc.: 5 years
- Records regarding consumer complaints or dispute resolution : 3 years
- Records regarding display/advertisement : 6 months
2. Storage information and storage period following the Protection of Communications Secrets Act
- Website log record data : 3 months
3. Storage information and storage period following the Electronic Financial Transactions Act
- Records on electronic financial transactions : 5 years
4. Act on the Protection, Use, Etc, of Location Information
- Records on personal location information : 6 months
Article 20 (Principle on destruction of Personal Information)
In principle, in the case Personal Information is no longer required due to achieve of the purpose of Personal Information processing of the User, elapsing of storage/usage period etc., the Company shall destroy the relevant information without delay.
Article 21 (Handling of Personal Information of service non-users)
Article 22 (Personal Information destruction procedure)
Article 23 (Personal Information destruction method)
The Company shall delete the Personal Information that is stored in electronic file format using a technical method that does not allow restoration, and Personal Information that is printed out into paper shall be destroyed through shredded using a shredder or incineration etc.
Article 24 (Advertising information transmission measures)
Article 25 (Protection of Personal Information of children)
Article 26 (Withdrawal of Personal Information collection consent etc.)
Article 27 (Changes to Personal Information etc.)
Article 28 (Obligations of Users)
Article 29 (Personal Information management by the Company)
Regarding the handling of Personal Information of the User, the Company is considering the following technical/managerial protection measures to ensure security to prevent the loss, theft, leakage, falsification, damage etc. of Personal Information.
Article 30 (Handling of deleted information)
For the Personal Information canceled or deleted due to a request from the User or a legal representative, the Company shall handle it following the stipulations shown in the storage and usage period of the Personal Information collected by the Company, and it is handled in a manner that does not allow to be viewed or used for any other use.
Article 31 (Encryption of passwords)
The User’s password is stored and managed using uni-directional encryption, and the viewing and changing of Personal Information is only possible by oneself who knows the password.
Article 32 (Provisions to prepare for hacking etc.)
Article 33 (Minimization of Personal Information handling, and training)
The Company limits the personnel related to the handling of Personal Information to a minimum, and it is emphasizing adherence to legislation and internal policies through managerial actions such as training of people handling Personal Information etc.
Article 34 (Operation of a department exclusively for Personal Information Protection)
Article 35 (Measures regarding Personal Information leakage etc.)
➀ When the Company discovers the fact that Personal Information has been lost/stolen/leaked(hereinafter referred to as ‘leak etc.’), it must inform the User of all the item below without delay and report to the Korean Communications Commission or the Korea Internet & Security Agency.
1. The Personal Information items that have been leaked etc.
2. The timing of the leak etc.
3. Measures that the User can take
4. Response measures of the information communication service provider etc.
5. Department and contact information where the User can apply for consultation etc.
Article 36 (Exceptions to the measures regarding Personal Information leakage etc.)
Despite the previous article, in the case the Company has a justifiable reason, such as not being able to know the contact information of the User, the Company make take the action of replacing the notification of the above article through the method of display on the Company homepage for over 30 days
Article 37 (Right for the User to choose to install cookies)
Article 38 (Method to set Cookie installation allowance)
The method to set whether to allow the installation of cookies(in the case of Internet Explorer) is as follows.
A. Select [Internet Options] from the [Tools] menu.
B. Click the [Personal Information tab].
C. Set the setting in [Advanced] settings.
Article 39 (Designation of a supervisor and person responsible for Personal Information protection by the Company)
The Company has designated the following related department and Personal Information protection supervisors to protect the Personal Information of Users and to handle complaints related to Personal Information.
A. Personal Information Protection Supervisor
- Name: Yangjun Lee
- Telephone: 070-8288-6836
- E-mail: email@example.com
Article 40 (Handling of User Complaints)
The User can report all complaints related to Personal Information protection that occurs during the use of Company Services to the Personal Information protection supervisor.
The Company will provide sufficient responses quickly to the reports by the User.
Article 41 (Consultation to institutions by Users)
Users who require reporting or consultation regarding other Personal Information infringements can consult the following institutions.
‣ Privacy Information Protection Portal (operated by the Ministry of Security and Public Administration)
- Responsibilities : Report cases of Personal Information infringement, consultation requests
- Homepage : privacy.kisa.or.kr
- Telephone : (without area code) 118
- Address : (58324) 3rd Floor, 9 Jinheung-gil, Naju city, Jeonnam(301-2 Bitgaram-dong)
‣ Personal Information Dispute Mediation Committee
- Responsibilities : Receive application of Personal Information dispute mediation, collective dispute mediation
- Homepage : www.kopico.go.kr
- Telephone : 1833-6972
- Address : (03171) 4th Floor, Government Complex Seoul, 209 Sejong Daero, Jongno-gu, Seoul
‣ Cyber Division, the Ministry of Scientific Investigation at the Supreme Prosecutors’ Office: 02-3480-2000 (www.spo.go.kr)
‣ Cyber Bureau at the National Policy Agency: (without area code) 182 (cyberbureau.police.go.kr)
This Policy shall be effective as of April 20, 2019.
The following person has understood the contents of this Policy and shall substitute consent regarding the collection and provision to 3rd parties of their Personal Information through the action of making a check mark in the consent section of this Policy.