The company name (hereinafter referred to as 'Company') has established the following personal information processing guidelines in order to protect the personal information of information subjects and to promptly and smoothly handle complaints related thereto in accordance with Article 30 of the Personal Information Protection Act. Disclosed.
Article 1 (Purpose of processing personal information)The company processes personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and if the purpose of use changes, necessary measures will be taken, such as obtaining separate consent in accordance with Article 18 of the Personal Information Protection
Act.1. Website membership registration and managementConfirmation of intention to become a member, identification and verification of identity through provision of membership services, maintenance and management of membership, identity verification through implementation of a limited identity verification system, prevention of unauthorized use of services, consent of legal representative when processing personal information of children under 14 years of age. Personal information is processed for the purposes of confirmation, various notices/notifications, and handling of grievances.
2. Provision of goods or servicesWe process personal information for the purposes of delivering goods, providing services, sending contracts and invoices, providing content, providing customized services, identity verification, age verification, bill payment and settlement, and debt collection.3. Grievance handlingPersonal information is processed for the purposes of verifying the identity of the complainant, confirming complaints, contacting and notifying for factual investigation, and notifying processing results.
Article 2 (Processing and retention period of personal information)
① The company processes and retains personal information within the period of personal information retention and use in accordance with the law or within the personal information retention and use period consented to when collecting personal information from the information subject.
② The processing and retention period for each personal information is as follows.1. Website membership registration and management: Until withdrawal of business/organization website
However, in the case of the following reasons, until the end of the relevant reason
If an investigation, investigation, etc. is in progress for violation of relevant laws and regulations, until the investigation or investigation is completed.
If any claims or debts remain due to use of the website, until the relevant claims or debts are settled.2. Provision of goods or services: Until completion of supply of goods or services and completion of payment/settlement.
However, in the following cases, until the end of the relevant period:1) Records of transactions, such as labeling, advertising, contract details and performance, in accordance with the Act on Consumer Protection in Electronic Commerce, etc.- Records on labeling and advertising: June- Records of contract or subscription withdrawal, payment, supply of goods, etc.: 5 years- Records on handling consumer complaints or disputes: 3 years2) Storage of communication confirmation data in accordance with Article 41 of the 「Communication Secrets Protection Act」- Subscriber telecommunication date and time, start and end time, other party subscriber number, frequency of use, sending base station location tracking data: 1 year- Computer communication, Internet log records, access point tracking data: 3 months
Article 3 (Provision of personal information to third parties)
① The company processes the personal information of the information subject only within the scope specified in Article 1 (Purpose of processing personal information), and only processes personal information in cases that fall under Article 17 of the Personal Information Protection Act, including the consent of the information subject and special provisions of the law. Provided to third parties.
② The company provides personal information to third parties as follows.- Person receiving personal information:
- Purpose of use of personal information of the recipient: - Personal information items provided: - Retention and use period of the recipient: Article 4 (Entrustment of personal information processing)
① In order to smoothly process personal information, the company entrusts personal information processing as follows.- Entrusted person (trustee): I’m Web Co., Ltd.- Contents of entrusted work: Shopping mall hosting service system provision, mobile app service, marketing service and additional services, affiliate service provision, notification talk, friend talk, text message sending agency service, etc.- Entrusted person (trustee): OOO PG- Details of entrusted work: Payment and escrow work- Consignee (Consignee): OOO Courier- Details of entrusted work: Product delivery work- Entrusted person (trustee): OOO Customer Center- Contents of entrusted work: Customer consultation work- Entrusted person (trustee): OOO- Contents of entrusted work: Identity verification work
② When concluding a consignment contract, in accordance with Article 25 of the Personal Information Protection Act, the company enters into the contract matters relating to responsibilities such as prohibition of processing personal information for purposes other than the purpose of performing consignment work, technical and managerial protection measures, restrictions on re-entrustment, management and supervision of the consignee, and compensation for damages. etc. are specified in the document, and we supervise whether the trustee handles personal information safely.
③ If the contents of the entrusted work or the trustee changes, we will disclose it through this personal information processing policy without delay.
Article 5 (Rights of users and legal representatives and methods of exercising them)
① The information subject may exercise the following rights related to personal information protection against the company at any time.1. Request to view personal information2. Request for correction if there is an error, etc.3. Request for deletion4. Request to suspend processing
② The exercise of rights under Paragraph 1 may be made to the Company in writing, by phone, e-mail, facsimile (FAX), etc., and the Company will take action without delay.
③ If the information subject requests correction or deletion of errors in personal information, the company will not use or provide the personal information until correction or deletion is completed.
④ Rights under paragraph 1 may be exercised through an agent, such as the information subject's legal representative or a person authorized to do so. In this case, you must submit a power of attorney in the format of Appendix 11 of the Enforcement Rules of the Personal Information Protection Act.
⑤ The information subject shall not violate the personal information and privacy of the information subject or others processed by the company in violation of relevant laws and regulations, such as the Personal Information Protection Act.
Article 6 (Personal information items processed)The company processes the following personal information items.1. Website membership registration and managementRequired items: Optional items: 2. Provision of goods or servicesRequired items: Optional items: 3. The following personal information items may be automatically created and collected during the use of Internet services.IP address, cookie, MAC address, service use record, visit record, bad use record, etc.Article 7 (Destruction of personal information)
① When personal information becomes unnecessary, such as when the personal information retention period has passed or the purpose of processing has been achieved, the company destroys the relevant personal information without delay.
② In cases where personal information must continue to be preserved pursuant to other laws and regulations despite the expiration of the personal information retention period agreed upon by the information subject or the purpose of processing has been achieved, the personal information shall be transferred to a separate database (DB) or storage location changed. Save it differently.
③ The procedures and methods for destroying personal information are as follows.
Destruction ProcedureThe company selects the personal information that requires destruction and destroys the personal information with the approval of the company's personal information protection manager.
Method of destructionThe company destroys personal information recorded and stored in the form of electronic files using methods such as low level format so that the records cannot be reproduced, and personal information recorded and stored in paper documents is destroyed by shredding or incineration. do.
Article 8 (Measures to ensure the safety of personal information)The company is taking the following measures to ensure the safety of personal information.1. Management measures: establishment and implementation of internal management plan, regular employee training, etc.2. Technical measures: Management of access rights to personal information processing system, installation of access control system, unique identification informationInstallation of encryption and security programs, etc.3. Physical measures: Access control to computer rooms, data storage rooms, etc.
Article 9 (Matters regarding installation, operation and refusal of automatic personal information collection devices)
① The company uses ‘cookies’ to store usage information and retrieve it from time to time in order to provide individualized services to users.
② Cookies are a small amount of information that the server (http) used to run the website sends to the user's computer browser and are sometimes stored on the hard disk of the user's computer.go. Purpose of use of cookies: They are used to provide optimized information to users by identifying visitation and usage patterns, popular search terms, secure access, etc. for each service and website visited by the user.me. Installation, operation and refusal of cookies: You can refuse the storage of cookies through option settings in the Tools>Internet Options>Personal Information menu at the top of your web browser.all. If you refuse to store cookies, you may have difficulty using customized services.
Article 10 (Personal Information Protection Manager)
① The company is responsible for overall management of personal information processing, and has designated a personal information protection manager as follows to handle complaints and provide relief for damage from information subjects related to personal information processing.▶ Personal information protection officerName: OOOPosition: OOOContact information: , , ※ You will be connected to the personal information protection department.▶ Personal information protection departmentDepartment Name: OOO TeamContact person: OOOContact information: , ,
② Information subjects may inquire about all personal information protection-related inquiries, complaint handling, damage relief, etc. that arise while using the company's services (or business) to the personal information protection manager and responsible department. The company will respond and process inquiries from information subjects without delay.
Article 11 (Request to view personal information)
The information subject may request access to personal information pursuant to Article 35 of the Personal Information Protection Act to the department below. The company will strive to promptly process the information subject's request to view personal information.
▶ Personal information access request reception and processing department
Department Name: OOO
Contact person: OOO
Contact information: , ,
Article 12 (Methods for relief from rights infringement)
Information subjects can inquire about damage relief and consultation regarding personal information infringement to the organizations below.
▶ Personal Information Infringement Reporting Center (operated by Korea Internet & Security Agency)
- Responsibilities: Reporting personal information infringement, requesting consultation
- Website: privacy.kisa.or.kr
-Phone: (without area code) 118
- Address: Personal Information Infringement Report Center, 3rd floor, 9 Jinheung-gil, Naju-si, Jeollanam-do (301-2, Bitgaram-dong) (58324)
▶ Personal Information Dispute Mediation Committee
- Responsibilities: Request for personal information dispute mediation, group dispute mediation (civil resolution)
- Website: www.kopico.go.kr
- Phone: (without area code) 1833-6972
- Address: (03171) 4th floor, Seoul Government Complex, 209 Sejong-daero, Jongno-gu, Seoul
▶ Supreme Prosecutors' Office Cyber Crime Investigation Team: 02-3480-3573 (www.spo.go.kr)
▶ National Police Agency Cyber Safety Bureau: 182 (http://cyberbureau.police.go.kr)
Article 13 (Implementation and change of personal information processing policy)
This privacy policy applies to 20XX. X. Applies from X.