Article 1 (Purpose of Handling of Personal Information)
The company uses personal information for any of the purposes described below. None of the personal information processed shall be used for purposes other than stated below; provide, that necessary action will be taken including that your consent will be sought separately in cases where there are changes to originally prescribed purposes according to Article 18 of Personal Information Protection Act.
1. Provision of goods or services
Personal information is processed in the purpose of delivery of goods, provision of services, mailing of contract/bill, provision of contents, provision of customized services, identity authentication, age authentication, payment/settlement of charge, and credit collection.
2. Grievance settlement
Personal information is processed in the purpose of identification of civil petitioner, confirmation of civil appeals, contact/notification for fact-finding, and notification of processing results.
Article 2 (Period for Processing and Retention of Personal Information)
① The company may retain and use personal information according to the period of personal information retention and use under relevant statues or the extent consented by the data subject when the personal information is collected.
② Processing and retention periods of respective personal information are as follows:
1. Homepage membership and management: Until withdrawal from business/organization homepage
However, the information is retained and used for the following cases until the relevant reason is solved.
1) When an investigation/enquiry is in progress according to relevant ordinance violations, the information is retained and used until that investigation/enquiry is completed.
2) When there is remained claim-obligation relationship according to homepage use, the information is retained and used until that claim-obligation relationship is ended.
2. Provision of goods or services: Until the supply of goods/services and payment/settlement of charge are completed.
However, the information is retained and used for the following cases until the relevant period is ended:
1) Preservation of communication fact check data in accordance with Article 41 of the “Protection Of Communications Secrets Act”
– Records in regards to indication/advertisement: Six months
– Records of contract or subscription withdrawal, price settlement, product supply, etc.: Five years
– Records in regards consumers complaints or dispute resolution: Three years
2) Preservation of communication fact check data in accordance with Article 41 of the “Protection Of Communications Secrets Act”
– Subscriber telecommunication date, start/end time, other party subscriber number, usage count, positional tracking data of outgoing base station: One year
– Computer communication, internet log records, access tracking data: Three months
Article 3 (The rights and obligations of data subjects, and how to exercise the rights)
① Data subjects may exercise their rights related to personal information protection in each of following subparagraphs to the company anytime:
1. Demands for accessing personal information
2. Demands for correcting errors, if any
3. Demands for deletion
4. Demands for suspending processing
② Exercising the rights according to paragraph 1 to the company can be done in writing or through phone, email, fax, etc., and the company will take action without delay.
③ When a data subject requests the company for correction or deletion of error in the personal information, the company does not use or provide relevant personal information until the correction or the deletion is completed.
④ Exercising the rights according to paragraph 1 can be done by a legal representative or a delegated person of the data subject. In this case, a power of attorney shall be submitted according to form 11 of the Attached Table in the Enforcement Rules of the Personal Information Protection Act.
⑤ Data subjects shall not invade data subject themselves or other’s personal information and privacy processed by the company in contravention of relational statute including Personal Information Protection Act.
Article 4 (Items of Personal Information Required)
The company processes the following personal information items:
1. Homepage membership and management
․Necessary items: Name, date of birth, ID, password, address, phone number, gender, email address, and IPIN number
․Optional items: Marital status, areas of concern
2. Provision of goods or services
․Necessary items: Payment information including name, date of birth, ID, password, address, phone number, email address, IPIN number, credit card number, and bank account number
․Optional items: Areas of concern, purchase history
3. In the course of using internet services, below personal information items can be created automatically and collected.
․IP address, cookie, MAC address, record of service utilization, visiting record, record of bad utilization, etc.
Article 5 (Destruction of Personal Information)
① The company shall destroy personal information without delay when the personal information becomes unnecessary owing to the expiry of the retention period, attainment of the purpose of processing the personal information, etc.
② Although the period of retention consented by the data subject has expired or the purpose of managing personal information is accomplished, if the company has to preserve the personal information in accordance with another Act, relevant personal information shall be moved to separate database (DB) or preserved in different storage place.
③ The methods to destroy personal information and its destruction process are as follows:
1. Destruction process
The company selects personal information that has a reason for disposal, and disposes the personal information with approval by the personal information protection manager of the company.
2. Methods to destroy
The company disposes of personal information recorded and saved in electronic files using methods that can remove the files permanently and make it impossible to restore, like Low-Level Format, and shreds or incinerates printouts and writings of personal information.
Article 6 (Installing and operating an automatic collection tool of personal information, and the denial thereof)
② Cookies are tiny bits of information sent to a user’s computer browser by the server (http) used to operate web site and may saved on the hard disk in the user’s computer.
B. Installation, operation, and refusal of cookie: You can refuse to save cookies via the options setting at the top of the web browser: Tools > Internet Options > Personal information menu.