Items of Personal Information to be Collected and Collection Methods
The Company collects the following personal information for purposes of providing membership services, including membership subscriptions, consultations, prevention of wrongful uses:
Required items : names, IDs, passwords, e-mail addresses, addresses, mobile phone numbers, telephone numbers, IP addresses, payment records,
Selective items : Information required by the Company to provide customized services.
Purpose of Collection and Use of Personal Information
The Company uses the collected personal information for the following purposes:
Payment of costs incurred as a result of performing agreements on provisions of services or providing services, Provisions of the contents, purchases or cost payments, deliveries of goods or sending bills, etc., verifying identifications for financial transactions, and financial services
Control of Members
To verify identifications for uses of membership services, to identify individuals, to prevent wrongful uses of bad members or unauthorized uses, to verify intents for subscriptions, to verify ages, to verify the consent of a legal representative for collecting personal information of children of not more than fourteen (14) years old, to handle civil complaints including handling grievances, to convey notifications
Use for Marketing and Advertisements
To convey information for advertisements including events, to figure out contact frequencies, to obtain statistics on service uses by members
Retention and Use Period for Personal Information
In principle, after the purposes of collecting and using personal information have been fulfilled, the Company shall without delay destroy relevant information; provided, however, that the Company shall retain personal information for a certain period of time where it is required to do so for purposes of confirming transactions related management and rights under the provisions of relevant laws including the Commercial Code and the Act Relating to Consumer Protection in Electronic Commercial Transactions as follows:
Records on agreements or withdrawals of offers : five (5) years (the Act Relating to Consumer Protection in Electronic Commercial Transactions, etc.)
Records on payments and supplies of goods : five (5) years (the Act Relating to Consumer Protection in Electronic Commercial Transactions, etc.)
Records on complaints of consumers or dispute resolutions : three (3) years (the Act Relating to Protection of Consumers in Electronic Commercial Transactions, etc.)
Where personal information has been collected for temporary purposes, such as questionnaires, events : at the time of completion of a particular questionnaire or event
Records on verification of identification: six (6) months (the Act Relating to Information Communication Network Promotion and Personal Information Protection
Records on visits (log-ins) : three (3) months (the Communication Secret Protection Act)
Destruction Procedures and Methods for Personal Information
The Company in principle shall without delay destroy relevant information after the purposes of collecting or using personal information have been fulfilled. The destruction procedures and methods shall be as follows:
The information entered by users for use of the services is moved to a separate database after the purposes have been fulfilled (a separate document in the case of a sheet), and destroyed after the information has been saved for a certain period of time according to the information protection reasons under the internal policies or other relevant laws (for your reference, see the retention and use period for personal information). The personal information separately moved to a database is not used for purposes other than the purpose of being preserved unless it is so required by laws.
The personal information printed out in sheets shall be shredded by paper shredders or destroyed by way of incineration.
The personal information saved in an electronic file format shall be deleted with the use of technical methods in which records cannot be regenerated
Provisions of Personal Information to Third Parties
The Company uses the personal information of users within the scope that users have consented to the “Purpose of Collecting and Using Personal Information,” but does not use the personal information of users in excess of the scope without prior consent of users or in principle does not disclose the personal information of users to the outside; provided, however, that exceptions are made in the following cases:
Where users have given a prior consent thereto; or
Where there is required under the provisions of laws or requested by investigating agencies according to the procedures and methods
prescribed under the laws for investigation purposes.
Delegation of Handling Personal Information
In the event that the Company handles the personal information of users by delegation to ensure smooth handling of duties, it must give users a prior notice of the persons delegated to handle the personal information (hereinafter referred to as “Delegatees”) and the content of duties delegated to handle the personal information. Currently, the Company’s delegatees to handle personal information and the content of duties shall be as follows:
Persons for delegation (delegatees) and the content of duties for delegation (delegated duties)
[Korea Post, UPS, DHL, USPS]: providing services for shipping goods, the shipping place, the arrival information, etc.
Koreacenter.com Co., Ltd: Management by consignment of customer information DB system (outsourcing for data processing)
Rights of Users and Legal Representatives and the Exercise Methods
Users and their legal representatives may at any time inquire or change their registered personal information, and also may request terminations of applications (withdrawals of consents).
Users may read, correct personal information or withdraw from membership after passing an identification verification procedure by clicking on the “Change of Personal Information” (or “Change of Member Information”, etc.) in order to inquire or change the personal information of users or children of no more than fourteen (14) years old, or by clicking on the “Withdrawal from Membership” in order to terminate their membership (withdraw their consents).
Otherwise, if a user contacts the personal information control manager in writing, by phone or e-mail, the Company shall take measures without delay.
Where a user has requested corrections of errors in the personal information, the Company does not use or provide the personal information until the corrections are completed. Also where the wrong personal information has been previously provided to a third party, the Company will make corrections by notifying a third party without delay of the results of corrections.
The Company handles the personal information terminated or deleted upon request of users or their legal representatives as specified in the “Retention and Use Period of Personal Information,” and take measures to ensure that the personal information is not read or used for any other purposes.
Matters on Operation of Cookies
The purpose of using cookies, etc.
How to Refuse Installation of Cookies
By selecting options in your web browser, you may allow all cookies, pass through confirmations whenever cookies are saved, or otherwise refuse the savings of all cookies.
How to Install Cookies (In case of the Internet Explorer) : Tool on the top of the web browser > Internet Option > Personal Information
Provided, however, that if you has refused the installation of cookies, it may be difficult to provide the services.
Contact Information of Personal Information Control Manager and Authorized Person
The company has designated the authorized relevant department and the personal information control manager in order to protect personal information of customers and handle personal information related complaints as follows:
Department for Customer Service : firstname.lastname@example.org
You may report to the personal information control manger or the relevant department any complaints regarding all personal information protection incurred in using the Services of the Company.
The Company will promptly give sufficient answers as to the reports of users.
If you need other reports or consultations for personal information infringements, please ask inquiries to the following institutions.
Personal Information Dispute Mediation Committee (www.1336.or.kr / 1336)
Information Protection Mark Certification Committee (www.eprivacy.or.kr / 02-580-0533~4)
Internet Crime Investigation Center of Supreme Prosecutors’ Office (http://icic.sppo.go.kr / 02-3480-3600)
Cyber Crime Investigative Service of National Police Agency(www.ctrc.go.kr / 02-392-0330)
Duty to Notify
The current personal information treatment policies shall be applicable from ,when there is an addition, deletion, or amendment of the content, it shall be publicly announced through notifications of the homepage from at least seven (7) days before the amendment. Also the Company has made it easy to check amendments by giving the version numbers and the date of amendment to the personal information treatment policies.