Through this Policy, the Company regards personal information of the users as important and inform them of the purpose and method of the Company’s using the personal information provided by the users and the measures taken by the Company for protection of those personal information.
1. Information to be collected and method of collection
(1) Personal information to be collected
Personal information items to be collected by the Company are as follows:
Information provided by the users: the Company may collect the information directly provided by the users.
- Name, e-mail address, password, nationality
Information collected while the users use the Service: besides of the information directly provided by the users, the Company may collect information in the course that the users use the service provided by the Company.
- Device information: device identifier, operating system, hardware version, etc.
- Log information: logging data, usage time, search history, etc.
- Other information: preferences regarding service use of the users, etc.
(2) Method of collection
2. Use of collected information
The Company uses the collected information of users for the following purposes:
- For identification and member management
- To detect and prevent unauthorized or fraudulent use of or abuse of the Service
- To perform the contract regarding provision of services demanded by the users
- To improve existing services and develop new services
- For making notice of function of the Service or matters on policy change
- To measure members' service usages and provide optimized services based on the statistical characteristics
- To comply with applicable laws or legal obligations
3. Sharing collected information
Except for the following cases, the Company will not share personal information with 3rd parties:
When the Company shares the information with its affiliates, partners, and service providers:
- If the Company's affiliates, partners, and service providers carry out services such as execution of orders, products delivery, and dispute resolution for and on behalf of the Company
When the sharing is required by the laws:
- If required to be disclosed by the laws and regulations; or
- If required to be disclosed by the investigative agencies for detecting crimes in accordance with the procedure and method as prescribed in the laws and regulations
4. Users' right to access and options
The users or their legal representatives, as main agents of the information, may exercise the following options regarding collecting, using, and sharing of personal information by the Company:
- Make corrections or deletion; or
- Make temporary suspension of treatment of personal information
The Company regards the security of personal information as very important. The Company constructs the following security measures to protect the users’ personal information from any unauthorized access, release, use, or modification:
Encryption of personal information
- Transmit users' personal information by using encrypted communication protocols
- Securely store important information (e.g., passwords) by encrypting them
Countermeasures against cracking
- Construct the system to prevent leakage or damage of users' personal information from attempts of cracking or viruses
- Take measures to prevent forging or alteration of access logs
6. 3rd party's sites and services
7. Installation, operation and denial of automatic collection of personal information
The services of the Company may use session information to provide more convenient services. The session information is used for the purpose of user's convenience and preventing wrong use of the services through Internet connection. Users may refuse to use the session information by not using services that require an Internet connection.
The website of the Company may use cookie information to provide more convenient services. A cookie is a small amount of information stored in a user's device. It is used for statistical purpose and providing better service optimized for the users. Users may refuse to install cookies from the website. To refuse, please refer to the help of your web browser. However, if you refuse to install cookies, it may be difficult to use some services on the website.
8. Destruction of personal information
In principle, the Company destructs the information immediately after the purposes of its collection and use have been achieved without delay: Provided that, if any information is to be retained as required by relevant laws and regulations, the Company retains it for the period as required by those laws and regulations before destruction and, in such event, the personal information which is stored and managed separately will never be used for other purposes. The Company destructs: hard copies of personal information by shredding or incinerating it; and delete personal information stored in the electric form by using unrecoverable methods.