Consent for Personal Information Collection and Use
The company (hereinafter referred to as the "Company") establishes and discloses the following privacy policy in order to protect the personal information of information subjects in accordance with Article 30 of the Personal Information Protection Act and to promptly and smoothly handle related complaints.
Article 1 (Purpose of Personal Information Processing)
The Company processes personal information for the following purposes. The processed personal information will not be used for purposes other than the following, and if the purpose of use is changed, separate consent will be obtained in accordance with Article 18 of the Personal Information Protection Act.
Website member registration and management
The Company processes personal information for the purpose of confirming the intention to join as a member, verifying and authenticating the identity for the provision of member-only services, maintaining and managing member qualifications, verifying the consent of legal guardians for the processing of personal information of children under 14 years of age, preventing fraudulent use of the services, providing various notices, handling complaints, and other related purposes.
Provision of goods or services
Personal information is processed for the purpose of delivering goods, providing services, sending contracts and invoices, providing content, offering customized services, personal authentication, age verification, fee payment and settlement, debt collection, and other related purposes.
Complaint handling
Personal information is processed for the purpose of confirming the identity of the complainant, verifying the details of the complaint, contacting and notifying for fact-finding, and informing of the results of processing.
Article 2 (Processing and Retention Period of Personal Information)
① The Company processes and retains personal information within the period required by law or the period agreed upon by the information subject when collecting personal information from the information subject.
② The processing and retention periods for each type of personal information are as follows:
Website member registration and management: Until the withdrawal from the business operator/organization's website.
However, in the following cases, until the end of the respective reasons:
In case of an ongoing investigation or inquiry due to a violation of relevant laws and regulations, until the investigation or inquiry is completed.
In case of the existence of rights and obligations related to the use of the website, until the rights and obligations are settled.
Provision of goods or services: Until the completion of the supply of goods/services and payment/settlement.
However, in the following cases, until the end of the respective period:
Records related to advertising, contract content, and performance of transactions under the "Act on Consumer Protection in Electronic Commerce, etc."
Records of advertisements: 6 months
Records of contracts or subscription withdrawals, payment of fees, supply of goods, etc.: 5 years
Records of handling consumer complaints or disputes: 3 years
Retention of telecommunications data according to Article 41 of the "Telecommunications Privacy Protection Act"
Records of the date and time of electronic communication, commencement/end time, counterparty subscriber number, frequency of use, and location tracking data of the base station: 1 year
Records of computer communications, internet log records, and access location tracking data: 3 months
Article 3 (Provision of Personal Information to Third Parties)
① The Company processes personal information within the scope specified in Article 1 (Purpose of Personal Information Processing) and provides personal information to third parties only in cases that fall under Article 17 of the Personal Information Protection Act, such as the consent of the information subject or special regulations of the law.
② The Company provides personal information to third parties as follows:
Recipient of personal information:
Purpose of using the recipient's personal information:
Items of personal information provided:
Retention and use period of the recipient:
Article 4 (Outsourcing of Personal Information Processing)
① The Company entrusts personal information processing tasks as follows to ensure efficient personal information management.
Entrusted party (outsourced): (Company) AIM Web
Content of entrusted tasks: Providing system services for hosting e-commerce websites, mobile app services, marketing services, business cooperation, and co-hosting events, as well as sending notifications such as KakaoTalk, Kakao Friends, and text messages.
Entrusted party (outsourced): OOO PG
Content of entrusted tasks: Payment and escrow services.
Entrusted party (outsourced): OOO Parcel Service
Content of entrusted tasks: Product delivery services.
Entrusted party (outsourced): OOO Customer Service
Content of entrusted tasks: Customer support services.
Entrusted party (outsourced): OOO
Content of entrusted tasks: Identity verification tasks.
② When entering into an outsourcing agreement, the Company specifies matters such as prohibiting the processing of personal information beyond the purpose of outsourcing, technical and administrative protective measures, restrictions on re-outsourcing, and supervision and management of the entrusted party's handling of personal information, in accordance with Article 25 of the Personal Information Protection Act. The Company also supervises whether the entrusted party securely processes personal information.
③ If the content of the entrusted tasks or the entrusted party changes, the Company will promptly disclose it through this privacy policy.
Article 5 (Rights and Methods of Exercising Rights of Users and Legal Representatives)
① Information subjects may exercise the following rights related to personal information protection against the Company at any time:
Request for access to personal information
Request for correction in case of errors
Request for deletion
Request for suspension of processing
② The exercise of rights under paragraph 1 may be made through written, telephone, electronic mail, facsimile, or other means to the Company, and the Company will take immediate measures in response.
③ If an information subject requests correction or deletion of personal information errors under paragraph 1, the Company will not use or provide the relevant personal information until the correction or deletion is completed.
④ The rights under paragraph 1 can be exercised through legal representatives or agents. In this case, a power of attorney according to the format specified in Attachment 11 of the Enforcement Rules of the Personal Information Protection Act must be submitted.
⑤ Information subjects must not infringe the personal information and privacy of themselves or others by violating related laws and regulations while the Company processes the personal information.
Article 6 (Items of Personal Information Being Processed)
The Company processes the following personal information:
Website member registration and management
Required items:
Optional items:
Provision of goods or services
Required items:
Optional items:
The following personal information items may be automatically generated and collected during the use of internet services:
IP address, cookies, MAC address, service usage records, visit records, records of improper use, etc.
Article 7 (Destruction of Personal Information)
① When personal information becomes unnecessary due to the expiration of the retention period or the achievement of the processing purpose, the Company will promptly destroy the relevant personal information.
② Even if the period agreed upon for retention of personal information has expired or the processing purpose has been achieved, if it is necessary to continue retaining the personal information due to other laws and regulations, the Company will transfer the personal information to a separate database (DB) or store it separately.
③ The procedure and method of destruction of personal information are as follows:
Destruction procedure
The Company selects personal information for destruction, obtains approval from the Personal Information Protection Officer of the Company, and then proceeds to destroy the personal information.
Destruction method
Personal information recorded and stored in electronic files is destroyed using a method that cannot regenerate the records (Low Level Format) and personal information recorded and stored in paper documents is shredded or incinerated for destruction.
Article 8 (Measures for Ensuring the Security of Personal Information)
The Company takes the following measures to ensure the security of personal information:
Administrative measures: Establishment and implementation of internal control plans, regular employee training, etc.
Technical measures: Management of access rights to personal information processing systems, installation of access control systems, encryption of unique identification information, installation of security programs, etc.
Physical measures: Access control to computer rooms, data storage rooms, etc.
Article 9 (Installation, Operation, and Rejection of Automatic Collection Devices for Personal Information)
① The Company uses 'cookies' to store and retrieve user information to provide customized services to individual users.
② Cookies are small pieces of information sent by the server (http) operating the website to the user's computer browser and may be stored on the hard disk of the user's computer.
A. Purpose of using cookies: Used to understand the visit and usage patterns of users on each service and website they visit, popular search terms, secure access status, and more to provide optimized information to users.
B. Installation, operation, and refusal of cookies: You can refuse to store cookies by setting the options in the "Internet Options" menu under "Tools" at the top of your web browser.
C. If you refuse to store cookies, you may have difficulty using customized services.
Article 10 (Personal Information Protection Manager)
① The Company is responsible for overall personal information processing and has designated a personal information protection manager as follows to handle complaints and remedies related to personal information processing:
▶ Personal Information Protection Manager
Name: OOO
Position: OOO
Contact: , ,
※ It will be connected to the personal information protection department.
▶ Personal Information Protection Department
Department Name: OOO Team
Responsible Person: OOO
Contact: , ,
② Information subjects can inquire about complaints, complaints handling, and remedies related to personal information protection, and other matters related to personal information protection to the personal information protection manager and the department in charge while using the Company's services (or business). The Company will respond promptly to inquiries from information subjects.
Article 11 (Request for Access to Personal Information)
Information subjects can request access to personal information in accordance with Article 35 of the Personal Information Protection Act to the department below. The Company will make efforts to ensure that the request for access to personal information is processed promptly.
▶ Department for Receiving and Processing Requests for Access to Personal Information
Department Name: OOO
Responsible Person: OOO
Contact: , ,
Article 12 (Remedy for Infringement of Rights)
Information subjects can contact the following agencies for remedies, consultations, and complaints regarding personal information infringements:
▶ Personal Information Infringement Report Center (Operated by the Korea Internet & Security Agency)
Duties: Report personal information infringements and request consultations.
Website: privacy.kisa.or.kr
Phone: 118 (no area code required)
Address: 3rd floor, 9 Jinheung-gil, Naju-si, Jeollanam-do, 58324, Korea
▶ Personal Information Dispute Mediation Committee
Duties: Apply for personal information dispute mediation and collective dispute mediation (civil remedies).
Website: www.kopico.go.kr
Phone: 1833-6972 (no area code required)
Address: 4th floor, Government Seoul Building, 209 Sejong-daero, Jongno-gu, Seoul, 03171, Korea
▶ Cybercrime Investigation Unit of the Supreme Prosecutor's Office: 02-3480-3573 (www.spo.go.kr)
▶ Cyber Safety Bureau of the National Police Agency: 182 (http://cyberbureau.police.go.kr)
Article 13 (Enforcement and Amendment of Personal Information Processing Policy)
This personal information processing policy will be applied from XX.X.XX.
User
아래도 영어로 번역해줘
다음과 같이 개인정보를 제3자에게 제공하고 있습니다.
1. 개인정보를 제공받는 자 : 예) ㅇㅇㅇ카드
2. 제공받는 자의 개인정보 이용목적 : 예) 이벤트 공동개최 등 업무제휴 및 제휴카드 발급
3. 제공하는 개인정보 항목 : 예) 성명, 주소, 휴대폰번호, 이메일
4. 제공받는 자의 보유 및 이용기간 : 예) 회원탈퇴 시 또는 개인정보 제3자 제공 철회 시까지
ChatGPT
We are providing personal information to third parties as follows:
1. Recipient of Personal Information: e.g., XYZ Card
2. Purpose of Recipient's Use of Personal Information: e.g., Business cooperation, joint event hosting, and issuance of co-branded cards
3. Items of Personal Information Provided: e.g., Name, address, phone number, email
4. Retention and Use Period of Recipient: Until withdrawal of membership or withdrawal of consent for third-party personal information provision