Art.1 (Purpose of personal information processing)
This Company processes the minimum personal information necessary for the following purpose. The processed personal information shall be used only for the following purpose and this Company shall ask for prior consent upon any change of the purpose .
- This Company processes the personal information for the purpose of: identification for use of membership service, providing digital content trade platform service, personal identification, preventing abusing and unauthorized use, identifying the intention of subscription, identifying whether a person is less than 14 years old, identifying the consent of legal representative upon collection of personal information of child less than 14 years old, accident investigation, the dispute resolution, responding complaints, delivering notification, developing new service and providing the customized service, providing the event and commercial information and the opportunity for participation, identifying the validity of service, understanding the frequency of access or compiling the statistics of member’s use of service and issuing tax invoice, and processing payment for charged service.
Art.2 (Items of personal information to be collected and method of collection)
1. Items of personal information to be collected
(1) Ordinary Member or Buyer : name, ID, mobile phone number, e-mail address, (In case of foreigner)foreigner’s registration number, service usage information, device information, birth date, gender, personal authentication information, information related purchase, cancellation, and refund information, payment information including bank account number, credit card number and other, information for issuing cash receipt etc.
(2) Designer Member or Seller : name, ID, mobile phone number, e-mail address , (In case of foreigner)foreigner’s registration number, service information, device information, birth date, gender, personal authentication information, information related purchase, cancellation, and refund information , payment information, history of calculation of balance amount, bank account number, information for issuing cash receipt, information for issuing tax invoice, sales history, experience, business registration number etc.
※ The following information can be automatically collected after generated or modified in process of service use.
IP Address, cookies, date of visit, service usage record, access log, device information etc.
2. method of collecting personal information
This Company collects the personal information in the following ways.
- Provided through homepage, document form, fax, telephone, email, board, event subscription, member’s center
- Provided through real name certification company and other affiliate companies
- Provided voluntarily by the service user
Art.3 (Privacy processing and holding period)
The Company shall promptly destroyed if the purpose of collecting and of using the personal information is achieved. Provided that, the following information shall be retained for the specified period because of the following reason.
1. Record of contract or subscription withdrawal: the Act on Consumer Protection in Electronic Commerce Transaction, Etc. (5 years)
2. Record of payment and supply of goods: the Act on Consumer Protection in Electronic Commerce Transaction, Etc. (5 years)
3. Record of resolution for consumer’s complaints or dispute: the Act on Consumer Protection in Electronic Commerce Transaction, Etc. (3 years)
4. Record of visit: Protection of Communications Secrets Act (3 months)
5. Record of electronic financial transactions and information of the other party of such transaction : Electronic Financial Transaction Act (5 years)
6. Information on the proof of national tax: for proof and declaration related to national tax (5 years)
7. Information on the taxation, including value added value: Value added tax act (5 years)
Art.4 (Providing the personal information to the third party)
The Company processes the user’s personal information under the purpose of the Art.1 (Purpose of personal information processing) and shall not process beyond such purpose or provide to the third party without prior consent of the user. Provided, this Company may process the personal information in the following case.
1. If the member agreed for the provision in advance
2. If the provision is required by the laws or regulations, or required by investigative agency according to the procedures and methods set forth in the laws regulations
* Third party provision status
|The provided party||Purpose of provision||Information provided||Retention period|
Art.5 (Entrustment of personal information processing)
The Company may entrusts the processing of personal information to the other company to improve the service and perform its contractual obligation.
The Company shall train the trustee corporation to cause the corporation prevent lost, stolen, leaked and modulated or damages of personal information and shall manage the trustee to securely process personal information by inspection.
|Trustee corporation||Entrusted process task|
Art.6 (The right and obligation of user and the user’s legal representative and its exercise)
User and the user’s legal representative may exercise the following right according to the laws and regulations.
1. The member and the member’s legal representative may always access or correct the member’s personal information registered. The member may access and correct the personal information through application and may request such access and correction to the personal information protection manager by written document, telephone or via E-mail. The Company shall not use or provide the personal information until the completion of correction if the member requests the correction.
2. The member may always withdraw the approval in regards of collection, use and provision of personal information. The member may request the withdrawal by written, telephone, E-mail, and the manager shall take measures necessary immediately.
Art. 7 (Destruction of privacy)
This Company shall destroy the personal information promptly if the purpose of processing of personal information is achieved. This Company shall destroy or store separately the personal information of user who has not used the service for 1 year. Provided, this Company shall store and use the items legally obliged to store within period and in the purpose of use ordered, according to the laws and regulations.
The detailed procedure and method of destruction is as follows.
1. Procedure of destruction
The information input by member shall be transferred to the separate database(in case of paper, other document) after its purpose is achieved, and stored for a certain period or destroyed immediately according to the internal policy and other related laws and regulations. Provided, the personal information transferred to DB shall not be used for the other purpose unless the laws provide.
2. Method of destruction
The personal information printed on a paper shall be pulverized by grinder or destroyed through incineration, and the personal information on electronic file shall be destroyed by the technical method that may not reproduce the record.
Art.8 (The installation and operation of automatic collector of personal information and its refusal)
The Company provides the member with the customized service, and uses ‘cookie’ for the member to make an easy and convenient use of service. The cookie is the small amount of information sent by server (HTTP), which is used to operate the website to user’s computer browser, and is saved on user’s PC.
The member is entitled to have the right of installing/operating and refusing cookie. The member may allow or refuse cookie by setting the option on the web browser. Provided, if the member refuses to save cookie, the member may not use or undergo inconvenient for service which is based on log-in.
Art.9 (Measure of securing the safety of privacy)
The Company takes the technical, managerial and physical measures necessary for security as follows:
1. Minimizing and training of personal information processing employee
This Company designates employees to process the personal information and minimizes the number of such employees and takes measures of managing the personal information .
2. Encryption of personal information
The password of member’s ID is stored encrypted and shall be known only by the member, and only the member may identify and modify the password.
3. Technical measure against hacking
This Company installs a security program and inspects system in a regular basis to prevent the personal information from leaking and damaging due to hacking or computer virus, and keeps technical/physical surveillance and quarantined by installing the system in access controlled area.
Art.10 (Administrators of personal information protection)
The member designates the following administrator of personal information protection to protect the personal information and resolve the complaints related to the privacy.
Name: Goo Sang Kwon
Affiliation and status: Representative Director
Art.11 (Consultations on Infringements of Privacy Rights)
For reports or consultations on infringements of privacy rights, please contact the following organizations:
- Personal Information Dispute Mediation Committee (www.kopico.or.kr / 02-405-5150)
- Privacy infringement declaration center of Korea Internet and Security Agency (privacy.kisa.or.kr / 118 without a telephone exchange number )
- National Police Agency Cyber Bureau (www.ctrc.go.kr / 182)
The execution date of personal information processing and policy: 2016. 12. 26.