[June 27, 2019 Privacy policy change link] 

[Privacy policy]

All personal information handled by the company shall be collected, held and processed in accordance with the Personal Information Protection Act and related laws and regulations. And the company shall protect the collected personal information and user’s rights based on the Personal Information Protection Act and following policy has been placed for handling of user’s complaints.

 

In case of the company’s online mall and applications that handle personal information, the company sets privacy policy manual and operates based on Article 30, Section 1 of Personal Information Protection Act and Article 31, Section 1 of its enforcement ordinance.

 

When company’s privacy policy has been changed, company shall post in public about timing of enforcement and changed information that shall be recognized by users easily.

 

Purpose and use of personal information

Personal information means information about an individual who is alive and can be identified by the name, e-mail, contact information, etc. contained in the personal information. The company always confirms the intention of the user who wants to use the service from the company when company collects the personal information, and the company does not use the personal information for any purpose other than listed purposes. The company shall not provide collected information to third parties without user’s consent and purpose of collecting personal information is as follows.

	Purpose
Membership	User authentication using membership service
	Detect and prevent unauthorized use of service and fraudulent use
	Customer service, Handling customer’s complaints, Preservation of records for settlement of dispute settlement
	Public notices (Notification of changes in company website, or application or policy changes)
Order·Payment·Delivery	Payment
	Fulfilling of agreement for delivering service
	Payment settlement
	Delivery
	User authentication in financial transactions and services
	Product returns, Refund, and Exchange
Marketing	Improvement of existing services and development of new services
	Offering customized services
	Providing services based on statistics and statistical key information of using the service
	Delivering Publications and announcing new products or services
	Informing of marketing campaign, event and advertisements or managing membership lounge

 

 

Collection of personal information and collected information

Company collects user's personal information through registration of company’s application membership, opening user account, and its online mall.  Collected information is;

-       Required information : E-mail, Password, Log record

-       Optional information : Name, Contact number

-       Credit card payment : Card company name, Card number, Expiration Date

-       Delivery : Recipient address, Recipient name, Contact number

 

User has the right to refuse for collection of required information and/or optional information, but there may be a limit for company to offer the services if user rejects it.

 

 

Providing personal information to third party

In principle, company shall process and manage collected personal information within the scope specified for the purpose of collection and use, and shall not process it beyond the scope of its original purpose or provide it to a third party without prior consent from owner of information except for below cases;

-       If company receives separate consent from the information owner

-       If there are special regulations in the law and/or act

-       If the owner of information or his legal representative is unable to express his intention, or prior consent cannot be obtained due to an incorrect address, and it deems necessary to protect life, body or economic profits of the owner of information or a third party from impending danger 

-       If it is impossible to perform duties provided in other laws unless personal information is used for purposes other than those originally intended or provided to a third party, provided that it has been decided through deliberation at a meeting

-       If it is necessary to conduct criminal investigation and to commence and maintain prosecution

-       If it is necessary for the court to perform tasks related to trials

-       If it is necessary to execute punishment, preventive custody, and protective disposition

 

 

 

 

Personal information processing consignment

The company consigns part of collected personal information to external parties for them to carry out some of necessary tasks to provide various services to users.  And we are supervising entrusted companies not to violate the personal information protection laws and regulations.  In addition, collected information is based on the time when the user confirmed, and we will notify user when the consignment company or consignment work is changed.

[Contracted companies]

Name	Tasks	Information	Use of personal information
KG Inicis	Card Payment, Mobile Payment	Company Name, Card Number, CVC Number, Expiration Date	Until membership withdrawal or end of consignment contract
EXIMBAY	Overseas Card Payment	Company Name, Card Number, CVC Number, Expiration Date
EK Networks	Product Ordering, Shipping and Handling	Name, Contact Number, Address

 

 

Retention and usage period of personal information

In principle, collected information of user will be destroyed without delay when company reaches objective for collecting and using of personal information.  However, in accordance with relevant laws and regulations including Consumer Protection Act in Commercial law and Electronic Commercial law etc., the company shall preserve the collected information for a certain period of time when is necessary.  In this case, the company shall use the information solely for the original purpose, and its retention period is;

 

Information to be kept about	Applied Law	Period
withdraw or termination of agreement	Consumer Protection Act in Commercial Law and Electronic Commercial Law	5 years
payment or goods delivery		5 years
customer’s complaint or settlement of disputes		3 years
advertisement and its display		6 months
all ledgers and evidential documents related to transactions in accordance with tax laws	National Tax Law, Corporate Tax Law	5 years
electronic financial transactions	Electronic Financial Transaction Law	5 years
website visits	Protection of Communications Secrets Act	3 months
collection, processing and use of credit information	Use and Protection of Credit Information Act	3 years
identity verification	Act on Promotion of Information and Communications Network Utilization and Information Protection, etc.	6 months

 

 

Destruction of personal information

In principle, the company shall delete personal information without delay when purpose of processing personal information has been accomplished and users withdrawal membership. And personal information of users who have not connected to our service more than one year shall be stored and managed separately.

 

Destruction procedure

Personal information shall be deleted immediately or moved and stored in separate location for certain period based on internal policies and/or other related laws and regulations when purpose of processing personal information has been accomplished.  Personal information that has been moved into separate location shall not be used for any other purpose unless related law and/or regulation order.

 

Destruction period and process

When the retention period has expired or personal information becomes unnecessary, printed personal information on paper is shredded or incinerate, and personal information stored in the form of an electronic file shall be deleted through technical methods that can not reproduce the original data.

 

 

User's rights and duties and how to exercise them

User has the right to receive sincere response from the company’s customer support team when there is a question, and can ask to view, correct or withdraw the registered user's personal information and request the company to view, provide, correct or withdraw the personal information.

The user should input the personal information accurately and precisely to prevent potential accidents. User has full responsibility for accidents caused by entering incorrect information, and you may lose membership if you enter false information including unauthorized use of other person's information.

Users have the right to protect the personal information. But also has responsibility to protect registered personal information and not to infringe other’s personal information. User has to be careful not to disclose the personal information, including passwords and should not to damage the privacy of others, including posts. If user fails to fulfill such responsibilities and damage other’s information, user may be punished under the Information and Communications Network Act.

For children who is under 14 years old, legal representative has right to access, modify, collect, and withdraw the child's personal information.

 

Denying installation and operation of automatic collecting device of personal information

The company uses ‘cookie’ to store information about users and to find them from time to time. ‘Cookie’ is a small amount of data from the HTTP server to a user's computer browser (i.e. Internet Explorer, Safari, Firefox etc.). ‘Cookie’ identifies user’s computer, but not you as an individual.

-       Purpose of ‘cookie’

n  Provide customized information according to individual interests

n  Analyzes the frequency and duration of visits of members’ and non-members' to identify user's interests and areas of interest for targeted marketing

n  Keep track of what users are looking for personalized service at their next visit

n  Analyze users' habits and use them as indications of service re-organization

-       Options for ‘cookie’

n  By adjusting users’ web browser, users can accept all cookies, send a notification when a cookie is installed, or reject all cookies. However, if users refuse storage of cookies, users may not be able to access certain services that require log-in

n  How to set-up different levels of cookies in Internet Explorer is as follows;

u  Select “Internet Option” in “Tool” menu

u  Select “Privacy”

u  Under “Setting” menu, users can choose “Accept” / “Block” / “Prompt”

u  ‘Cookie’ will be expire when internet browser is closed or log-out

 

 

Personal information protection

To protect personal information of members and handle complaints and inquiries regarding personal information, the company operates related department and chief privacy officer as the following:

Chief Privacy Officer	Minho Yoo Vice President Telephone Number : +82-2-1833-4022 E-mail : contact@iotrust.kr
Privacy Management team	D’CENT Customer Support Team Telephone Number : +82-2-1833-4022 E-mail : contact@iotrust.kr

 

 

Announcement date: June 27, 2019

Effective date: June 27, 2019

Previous version of privacy policies can be found below.

Ÿ   2018. 10. 15 ~ 2019. 06. 26 Application Guideline (Click)