In order to provide the best service to users, ZEP Co., Ltd. (the “Company”) uses personal data from users to provide some of its services.
① The Company will collect and handle the following personal data, and the collected personal data will not be used for purposes other than those specified herein.
② The Company will collect personal data using the following methods:
- Data being directly input by the user on the Company’s website, applications, or within its services
- Data being collected through automatic collection devices
① The Company may use collected personal data for the following purposes. Personal data which is handled by the Company is not used for other purposes than the following, and in the case of changes to the purpose of use, necessary measures such as consent receipt will be taken according to relevant laws and regulations.
① The Company will retain and use the personal data collected from the user while the user's status is maintained. If the purpose for the collection of the data is completely achieved, the data will be deleted immediately regardless of whether or not the user’s status is maintained. However, the Company will keep and use personal data for the written retention period if the Company has any of the following bases for retention:
- Retention basis : consumer satisfaction, dispute settlement, restriction to re-registration of membership, etc., when cancelling membership
- Retention period : 30 days
- Retained items : email, access records, abuse records, nickname
② Notwithstanding the provisions of Paragraph 1 above, if there is reason to hold personal data under relevant laws and regulations, the Company will preserve the data for a period of time prescribed in relevant laws and regulations including the Commercial Act and the Act on the Consumer Protection in Electronic Commerce, Etc. In this case, the Company will separate the data to be preserved, and the preservation periods are as follows:
③ Your account will be withdrawn immediately upon application for withdrawal. User registration with the same email address will be restricted for one month after withdrawal.
② Members have the right not to consent to the provision of personal data to third parties and may withdraw their consent to the provision of personal data to third parties. Even if they do not consent, services that are not based on provision of personal data to third parties will remain available, while the use or provision of services dependent on the provision of this data to third parties may be limited. Notification will be provided for any other changes to the provision of personal data to third parties through separate notifications.
① The Company consigns personal data as described in Paragraph 2 in order to increase the quality of its services and to perform a certain part of tasks required to provide services and stipulates necessary matters for the personal data to be safely managed as per applicable laws and regulations upon conclusion of the consignment contract. Also, the amount of data to be shared is limited to the minimum amount necessary to achieve the concerned purposes.
② The trustees and entrusted task are as below:
- Trustee Amazon Web Service Inc.
- Entrusted task Operation and maintenance of cloud servers located in South Korea storing personal information
① In principle, when the purpose for collecting and using a user’s personal data is achieved, the Company will destroy the data without delay. The Company’s procedures and methods for personal data destruction are as follows:
② The Company will, in accordance with Article 39-6 of the Personal Information Protection Act, in order to protect the personal data of those who have not used the service for a long period, immediately destroy the personal data of the user, or save or manage it separately, if the following conditions are met:
- Subject: Users who have not logged in for the past 1 year or have no history of inquiries or users who have no history of payment settlement for the past 1 year (In case of members registered for settlement)
- The Company notifies the user through email, etc. 1 month before the separation and storage of the personal data of the user who has not used the service for an extended period.
① Users and their legal representatives may view or modify their personal data at any time. This can be done through Settings-View and Change Member Information within the service or through a wired phone call with an agent. However, if the user's personal data is linked with an external platform, such as Google, the user must view or change the personal data according to the method provided by the concerned platform vendor.
② If a user requests the correction of a personal data error, the Company will correct the error without delay or inform the user of the reason for not correcting it and will not use or share the data until necessary action is taken. However, the Company may provide such data when requested in accordance with applicable laws.
③ If the person whose data is to be collected is under 14 (a “Child”), the Company will obtain the consent of the legal representative separately from the Child's consent for the collection, use, provision, etc. of personal data protection.
④ In order to obtain the consent as described in Paragraph 1, the Company may request the minimum amount of data necessary, such as the name and address of the legal representative, and the collected personal data of the legal representative may not be used for purposes other than to confirm the consent of the legal representative and may not be shared with third parties. The agreement of the legal representative is used for a Child for the resolution of customer complaints when there is a dispute with the Company, for the withdrawal of subscriptions, settlement of payments, and the supply of goods.
⑤ The withdrawal of consent or the expiration of the validity of the legal representative’s consent will be executed in a non-renewable manner 30 days after the expiration date. However, if there is a legal need to preserve the data as defined in the Commercial Act or the Act on the Consumer Protection in Electronic Commerce, Etc., the Company will keep the personal data of the legal representative for the period set by applicable laws and regulations.
⑥ The legal representative of the Child may request the retrieval of the Child's personal data, corrections, or the withdrawal of consent to the collection, use and provision of personal data. If such a request is made, the Company will take necessary measures without delay.
① The Company installs and operates tools that automatically collect personal data, such as cookies (access information files) that store and retrieve user data from time to time to provide personalized services. A cookie is a small text file sent to the user's device by the server used to run an application and stored in your device's storage. When the user uses the application, the server reads the contents of the cookies stored in the user's device to maintain the user's preferences.
- To analyze visits to and uses of the website and provide the user with personalized usage environments
③ The installation of cookies is optional. As a result, the user can allow all cookies in the device settings or options, require permission to be given each time a cookie is saved, or refuse to save all cookies. However, if the user refuses to store all cookies, the service may be restricted or unavailable.
① The Company takes the following technical and administrative measures while handling users’ personal data in order to prevent it from being lost, stolen, leaked, altered, or damaged.
② Users are obligated to protect themselves and not to infringe on the data of others. Users should be careful that their personal data, such as their password, is not leaked, and also that the personal data or postings of other users are not negatively affected. The Company will not take any responsibility for any personal data issues that occur due to a user's carelessness or mistake.
① The Company makes its best effort to provide the best service while keeping personal data safe. The personal data protection manager is responsible for the protection of personal data in case of incidents as described above. However, despite technical remedies, the Company has no liability for any damage to data due to unexpected accidents caused by basic network dangers such as hacking, and any disputes over the posts made by visitors.
Personal data protection manager
- Name : YOONSEUNGJAE
- Email address : email@example.com
③ In some circumstances you are entitled to the erasure of your personal data without undue delay.
Those circumstances include :
You may request erasure of your information by contacting us at firstname.lastname@example.org
④ Please contact the following organizations if you need to report or consult about other personal data infringement.
[For South Korea]
- Personal Information Infringement Notification Center ( https://www.1336.or.kr /(02)1336 )
- ePRIVACY ( https://www.eprivacy.or.kr / (02)580-0533~4)
- Supreme Prosecutor's Office, Advanced Crime Investigation Department ( https://www.spo.go.kr / (02)3480-2000)
- Cyber Terrorism Response Center ( https://www.police.go.kr/www/security/cyber.jsp / (02)392-0330)
[For other countries]
The Company has opened a window for filing opinions and complaints regarding the protection of personal data. Users who are dissatisfied with the handling of personal data may inquire about such issues to the person in charge of the personal data management of the Company and then will be notified of the result of their inquiries.
- 개인정보 보호책임자 이메일 주소: email@example.com
This policy will take effect on November 30, 2021.