Article 1. Consent to the handling of personal
information
Knowmerce Co., Ltd. (hereinafter referred to as the 'Company') proceeds with the consent process for the
personal information processing policy when the user registers as a member, assumes the user has thoroughly read the
privacy policy, and confirms the email or clicks the "I agree" button.
Article 2. Purpose
Article 3. Personal information
items to be collected and methods of collection
- When a member signs up for membership, the company prepares a procedure for consenting to the terms of service
and the collection and use of personal information.
-
The company may collect personal information as follows to provide services such as membership consultation
and service application and to fulfill the contract.
(1) Common to members
-
- Required information received when signing up for membership: email address, password (encrypted
and
stored so that it cannot be decrypted)
-
- Information collected when paying for services and additional services: bank account information,
credit card information, name, email address, country of residence, address, phone number
-
- Information collected when participating in events and selecting winners: name, date of birth,
mobile
phone number, SNS ID
-
- Other information selectively collected to provide high-quality services: Phone number. In
addition,
there may be information that is automatically collected to provide services in the process of using
the service. It may or may not correspond to personal information.
-
- Member registration for statistics collection, visitors, orderers, and information created when
writing posts: IP Address, browser information, OS information, service use record, funnel path,
age, delivery area, gender, ID (e-mail), service version, OS, OS version, device model name, device
unique ID (ID randomly assigned by the company to the member’s device), language used, country or
region of residence, time zone
-
- Information before modification for member complaint processing and member management: name, email,
phone number, address, gender, birthday, etc.
-
- Information collected to prevent unauthorized use by delinquent members and unauthorized use: IP
Address
-
- Optional items: Profile picture (including meta information), status message, purchase history of
paid services such as items and products, location information
-
- Information collection through customer consent and customer input
-
- Provided by partner companies
-
- Collection through generated information collection tool
(2) The company may automatically create and collect service use records, access logs, cookies,
access IP information, IDs, and payment records in the process of using the service.
-
The company collects personal information in the following ways.
- (1) Membership registration, service inquiry, event application, delivery request, etc.
- (2) Collection through the generation information collection tool
Article 4. Purpose of collection and use of
personal information
The company uses the collected personal information for the following purposes.
Article 5. Sharing and Provision of Personal
Information
-
The company protects the personal information of users as “2. Purpose of collection and use of personal
information”, and we do not use it beyond the scope without the user's prior consent or disclose the
user's personal information to the outside in principle. However, exceptions are made in the following
cases.
- (1) When users consent to disclosure in advance
- (2) In accordance with the provisions of the Act or when there is a request from the investigation
agency in
accordance with the procedures and methods stipulated in the Act for the purpose of investigation
-
Period of retention and use of provided information: Personal information shall be retained and used within
one year after the transaction between the principal and the recipient is closed. It is retained and used
only within the scope necessary for the fulfillment of obligations.
Article 6. Consignment handling of collected
personal information
- The company entrusts the operation of personal information to an external professional company to improve the
service, and to ensure the safety of consignment management, the service provider follows the instructions
related to personal information through a consignment contract, maintains confidentiality of personal
information, The prohibition of provision to third parties and liability in case of an accident are clearly
stipulated and the contents of the contract are kept in writing.
- The company's personal information consignment processing agency and consignment work are as follows.
- If the contents of the consignment work or the consignee is changed, we will disclose it through this Privacy
Policy without delay.
External Company Name |
Consigned Work |
Personal Information Consignment & Storage period |
AMAZON Web Service |
Transmitting, processing and storing personal information acquired or created from users to the cloud
service *However, AMAZON Web Service only manages the server physically, and in principle does
not access your personal
information |
At the time of membership withdrawal or termination of consignment contract |
CJ Korea Express, Korea Post Office Courier, EMS, DHL, UPS, USPS |
Product Shiping |
At the time of membership withdrawal or termination of consignment contract |
Toss Payments Co., Ltd., Kakao Pay, Naver Pay, PayPal, eXimbay |
Purchase and Payment of products |
At the time of membership withdrawal or termination of consignment contract |
Channel Corporation |
Customer Service |
At the time of membership withdrawal or termination of consignment contract |
Article 7. Period of retention and use
of collected personal information
- When a member withdraws from membership or receives a member account deletion disposition due to false personal
information, the collected personal information will be completely deleted and processed so that it cannot be
used for any purpose.
-
Members' personal information will be destroyed without delay when the purpose of collection and use of
personal information is achieved in accordance with Article 7 Paragraph 1 of this Privacy Policy. However,
if it is necessary to preserve personal information in accordance with the company's internal policy or
the provisions of related laws, personal information may be kept for the period specified below.
- (1) According to the internal policy, the information below is stored for one year and then destroyed.
-
(2) According to the internal policy, the information below is stored for 6 months and then
destroyed.
- - Encrypt and store the device's unique ID (to prevent duplicate subscriptions of
delinquent
users)
-
(3) In accordance with the Consumer Protection Act in Electronic Commerce, etc., the items below are
stored for a
certain period and then destroyed. (Retention period in parentheses)
-
- Records on contract or subscription withdrawal, etc. (5 years)
-
- Records on payment and supply of goods (5 years)
-
- Records on consumer complaints or dispute resolution (3 years)
-
- Records on display/advertisement (6 months)
-
(4) According to the Framework Act on National Taxes, the books and supporting documents related to
all transactions
stipulated by the Tax Act are destroyed after being kept for 5 years.
-
(5) According to the Electronic Financial Transactions Act, records related to electronic financial
transactions are
kept for 5 years and then destroyed.
-
(6) According to the Communications Secret Protection Act, service visit records are kept for 3
months and then
destroyed.
Article 8. Personal information destruction
procedure and method
- In principle, the company destroys the information without delay after the retention period has elapsed or the
purpose of collecting and using personal information is achieved.
-
Destruction method
- (1) In principle, the information entered by the member for membership registration, etc. will be
destroyed
without delay when the purpose of collection and use of personal information is achieved and will not be
used for any other purpose other than being retained by law.
-
Destruction method
- (1) Printed personal information is shredded with a shredder or destroyed through incineration, and
personal
information stored in electronic file format is deleted using a technical method that cannot reproduce
records.
Article 9. Members' rights and how to exercise them
- Members may check, inquire or modify their personal information at any time, and may request cancellation of
membership or suspension of processing of personal information. However, in such cases, some or all the service
may be restricted.
- Members can view and edit their personal information directly in [My Profile] within the service. In addition,
the member can cancel the contract of use at any time through [Delete Fromm Account] in the service, and all
personal information of the member will be deleted upon termination. However, if it falls under Article 6
Paragraph 2 of the Personal Information Handling Policy, it may be stored for a certain period in accordance
with relevant laws and regulations.
- If a member requests correction or deletion of his/her personal information, the company will take necessary
measures without delay after confirming the identity of the member. In addition, personal information such as
deletion of member accounts may be destroyed at the discretion of the person in charge of personal information
management if it falls under each of Article 20 Paragraph 1 (restriction of use, etc.) of the Terms of Service.
- If you request correction of errors in personal information, the personal information will not be used or
provided until the correction is completed. In addition, if incorrect personal information has already been
provided to a third party, we will notify the third party of the result of the correction and make corrections.
- The company handles personal information that has been canceled or deleted at the request of the member as
specified in Article 6 of the Privacy Policy and is not allowed to be viewed or used for other purposes.
- The exercise of rights pursuant to Paragraphs 1 and 2 may be done in writing or by e-mail through an agent such
as the legal representative of the information subject or a person who has been delegated. In this case, you
must submit a power of attorney in accordance with Form 11 of the Enforcement Regulations of the Personal
Information Protection Act.
Article 10. Technical
and Administrative Measures for Protection of Personal Information
In handling members' personal information, the company is taking the following technical and administrative
measures to ensure safety so that personal information is not lost, stolen, leaked, altered or damaged.
-
Technical measures
- (1) The company is doing its best to prevent leakage or damage to members' personal information due
to
hacking or computer viruses. Data are frequently backed up in preparation for damage to personal
information, and the latest antivirus program is used to prevent leakage or damage to users'
personal
information or data, and to ensure safe transmission of personal information over the network through
encrypted communication, etc. are doing In addition, an intrusion prevention system is used to control
unauthorized access from the outside, and we are trying to equip all possible technical devices to
secure
other systemic security.
-
Administrative measures
- (1) The company's personal information handling staff is limited to the person in charge, and a
separate
password for this purpose is given and updated regularly, and compliance with the personal information
handling policy is always emphasized through frequent training for the person in charge.
- (2) The company has a person in charge of personal information management to always check the
implementation
of the personal information processing policy, and if a problem is found, it is working hard to correct
it
immediately. However, the company is not responsible for any problems caused by the leakage of personal
information due to the user's negligence or problems on the Internet.
Article 11. Matters concerning the installation/operation and rejection of automatic personal information collection
devices
The company installs/operates cookies to provide users with a faster web environment, and users can reject them.
Article 12. Linked Sites
The company may provide members with links to other companies' websites or materials through the service. In this
case, the “Privacy Policy” of the site is not related to the “Privacy Policy” of the service, so please check the
“Privacy Policy” of the newly visited site.
Article 13. Person in charge of personal
information management
The company has designated a personal information manager in charge of collecting opinions and handling complaints
about personal information.
-
Person in charge of personal information management
- (1) Company/Service: Knowmerce Co., Ltd.
- (2) Full name:
- (3) Position:
- (4) E-Mail:
-
Customer service
- (1) Company/Service: Knowmerce Co., Ltd.
- (2) Department in charge:
- (3) E-Mail:
- (4) Phone number:
-
Working hours of the person in charge of personal information management
- (1) Weekdays 10:00-19:00, break time 13:00-14:00
- (2) Closed on Saturdays, Sundays and public holidays.
-
Reporting or consulting organizations for other personal information infringement
Article 14. Amendment of Privacy Policy
- In the event of changes to this Privacy Policy, the Company shall specify the reason for the change and the date
of application and notify it through a notice within the service from 7 days before the effective date to the
effective date along with the current personal information processing policy. However, if there is any important
change in the user's rights or obligations, it will be notified at least 30 days in advance.
- In case the user does not express his/her intention to refuse even though the company has notified the change in
accordance with Paragraph 1 and has notified that if he/she does not express his/her intention to refuse by the
date the change is applied, it will be assumed the user has agreed to the changes.
- Notwithstanding Paragraph 2, if the company additionally collects personal information from the user or provides
it to a third party, the user himself/herself must agree to it separately.
This Privacy Policy is effective from November 15th, 2022.
Announcement Date: November 15th, 2022
Effective Date: November 15th, 2022