The Dear Arch co.,ltd (hereinafter referred to as the "Company") complies with all relevant laws and regulations, including the "Act on Promotion of Information and Communication Network Use and Information Protection", and is doing its best to protect the personal information of customers (hereinafter referred to as "users").
Through the disclosure of the personal information processing policy, the company informs you of the purpose and method of using the user's personal information and what measures are being taken to protect personal information.
This personal information processing policy may be changed by the revision of related laws or internal policies of the company, so please check it frequently when signing up for membership or using the site.
Article 1 [The items and methods of collecting personal information]
① Items of personal information that you collect
1. The company collects and uses the following personal information to provide customer counseling and various services when signing up for membership or using services.
A. Essential information
ID, password, name, date of birth, email, mobile phone number, address
2. The following information can be automatically generated and collected during the service use process or business process.
– IP Address, Cookie, Date and Time of Visit, Service Usage History, Bad Usage History
3. The following information may be collected when using paid services.
A. When paying by credit card: The name of the credit card company, card number, etc
4. In the case of service provision, the consent of the legal representative is required, and identification is required to comply with the relevant laws and regulations
If necessary, the following information may be collected.
– Name, date of birth, gender, domestic/foreigner, mobile phone number, mobile carrier information, identification value (CI,DI)
② How to collect personal information
The company collects personal information in the following ways.
A. Membership registration, service use, written form, fax, telephone, consultation bulletin board, e-mail, delivery request
B. Provision from Affiliate
C. Generation information collection tools, etc
③ The company does not require personal information (race and ethnicity, ideology and creed, place of origin and domicile, political orientation and criminal record, health status and sex life, etc.) that may be subject to basic human rights violations.
Article 2 [Purpose of Collection and Use of Personal Information]
The company uses the collected personal information for the following purposes.
1. Fee settlement, content provision, and paid according to the performance of contracts related to service provision and the provision of paid services
Billing, purchase and payment of fees, self-certification, delivery of goods or bills, etc. for service use, collection of charges
2. Member management
Complaints such as identification, personal identification, prevention of illegal and unauthorized use of defective members, duplicate subscription confirmation, intention to join, record preservation for dispute settlement, and complaint handling, and delivery
3. Development of new services, marketing, and advertising applications
Developing new services and providing customized services, providing services and advertising based on statistical characteristics,
Validation of services, identification of frequency of access, and statistics on members' use of services
Article 3 [Sharing and Provision of Personal Information]
① The company shall use the user's personal information within the scope notified in Article 2 (Purpose of Collection and Use of Personal Information), and shall not use, provide, or share it to others or other institutions without the prior consent of the user. However, exceptions are made in the following cases.
1. If the user agrees in advance
2. Where there is a request from an investigative agency in accordance with the provisions of laws and regulations or in accordance with the procedures and methods prescribed by laws and regulations for investigative purposes
3. If necessary for the settlement of charges according to service provision
4. When an individual is provided in an unidentifiable form for statistical preparation, academic research, or market research
② The company provides the user's personal information only when consent is obtained in advance to provide a higher quality service to the user.
Article 4 [Consignment of processing of personal information]
The company notifies the consignee and the consignee when entrusting the user's personal information to perform the service, and complies with and supervise the relevant laws and regulations by stipulating the necessary matters for the safe management of personal information. The contents of the company's personal information consignment processing agency and consignment work are as follows.
Retention and period of use of personal information on the entrusted business of the entrusted company
Until the withdrawal of the credit card payment processing member of Dear Arch Co., Ltd. or the end of the consignment contract
Korea Mobile Authentication Co., Ltd. Mobile Phone Identification
Do not save it separately because it is personal information already held by the company
Article 5 [Period for Retention and Use of Personal Information]
The user's personal information is "Well. Based on the "Personal Information Destruction Procedure and Method," if the purpose of collecting and using personal information is achieved five days after the withdrawal request, it will be destroyed without delay. However, if it is necessary to preserve it in accordance with the provisions of related laws, such as the Communication Secret Protection Act and the Consumer Protection Act in e-commerce, etc., the company keeps member information for a certain period of time. In this case, the company uses the information it keeps only for the purpose of storing it, and the retention period is as follows.
- (E-Commerce Act) Records on contract or subscription withdrawal: 5 years
- (E-Commerce Act) Records on payment and supply of goods, etc.: 5 years
- (E-Commerce Act) Records of consumer complaints or dispute settlement: 3 years
- (Communication Secret Protection Act) Login record (log record, tracking data of access destination): 3 months
Article 6 [Procedures and methods for destroying personal information]
In principle, the user's personal information is destroyed without delay when the purpose of collecting and using personal information is achieved. The procedure and method of destroying personal information of the company are as follows.
1. Procedures for Destruction
A. Information entered by a user for membership registration, etc. is transferred to a separate DB after the purpose is achieved
It will be destroyed after storing it for a certain period of time according to the internal policy and other reasons for information protection under related laws.
B. The above personal information shall not be used for any purpose other than to be retained except in the case of law.
2. How to destroy it
A. Personal information printed on paper is destroyed by grinding with a shredder or incineration.
B. Personal information stored in the form of an electronic file is deleted using a technical method that cannot reproduce the record.
Article 7 [The rights of users and legal representatives and how to exercise them]
① Users can inquire or correct their personal information at any time, and can request termination of subscription (withdrawal of members) or deletion of personal information. However, if you delete personal information that is essential for providing the service, you may not be able to receive related services.
② To inquire and correct the user's personal information, you can change your personal information, and to withdraw your membership (withdrawal of consent), you can directly inquire, correct, or cancel your subscription (withdrawal of consent) after the identity verification process.
Or contact the person in charge of personal information protection and the person in charge in writing, phone, or e-mail, and we will take necessary measures without delay after the identification process.
③ If you request a correction of an error in personal information, the personal information will not be used or provided until the correction is completed. In addition, if incorrect personal information has already been provided to a third party, the correction processing result will be notified to the third party without delay so that the correction can be made.
④ The company processes personal information canceled or deleted at the request of the user as specified in Article 5 (Personal Information Retention and Use Period) and prevents it from being viewed or used for other purposes.
Article 8 [Matters concerning the installation, operation, and rejection of an automatic collection device for personal information]
① To provide personalized and customized services to users, the company uses cookies that store and retrieve users' information from time to time. Cookies are a small amount of information that a website sends to your web browser (Internet Explorer, Firefox, Chrome, etc.).
② The user has a choice for cookies. Users can accept all cookies by choosing Tools > Internet Options > Personal Information > Settings in their web browser, go through confirmation every time they are saved, or refuse to save all cookies. However, if you refuse to save all cookies, you will not be able to use the services provided by your company through them.
Article 9 [Technical and administrative protection measures for personal information]
In processing users' personal information, the company is preparing technical and administrative measures to ensure safety so that personal information is not lost, stolen, leaked, tampered with, or damaged.
1. Technical measures
A. The user's password is encrypted, so only the user himself or herself cannot know it.
B. The company allows the secure transmission of personal information on the network through encrypted communication.
C. The company is doing its best to prevent users' personal information from being leaked or damaged by hacking or computer viruses.
D. The company backs up data from time to time in preparation for personal information damage, and provides the latest vaccine program
We are taking measures to prevent damage caused by computer viruses.
E. The company continues to make efforts to enhance security through measures such as access control, authority management, and vulnerability check of the system.
2. Management measures
A. The company limits users' access to personal information to a minimum of people.
B. The company provides regular training for personal information processors on personal information protection obligations, etc.
C. The company is trying to check compliance with personal information processing policies and internal regulations in the department dedicated to personal information protection so that if a problem is found, it can be corrected immediately.
D. The company shall not be liable for damages not attributable to the company, such as the user's own carelessness or accidents in areas not managed by the company.
Article 10 [Notification of Business Transfer, etc.]
When the company transfers all or part of its business or transfers its rights and obligations through merger or inheritance, the company notifies the user of the following items as related details.
1. Facts of transfer, merger, or inheritance of all or part of business
2. Name, address, and contact information of the person who succeeded to the rights and obligations
Article 11 [Contact information of the person in charge of personal information protection and the person in charge]
① In order to protect users' personal information and handle complaints related to personal information, the company has a personal information protection manager as follows.
Classified person in charge of personal information protection
Name: Cho Han-moo
one's representative
Phone number 010-3912-2010
Email [email protected]
② If you need to report or consult other personal information infringement, please contact the following institution.
A. Personal Information Infringement Reporting Center (privacy.kisa.or.kr/ 118)
B. Cyber Crime Investigation Team of the Supreme Prosecutors' Office ([email protected] /02-3480-3571)
C. Cyber Security Bureau of the National Police Agency (www.ctrc.go.kr/ 182 without a national number)
D. Personal Information Dispute Mediation Committee (kopico.go.kr/ 1833-6972)
Article 12 [Link Site]
The company can provide users with links to other companies' websites. In this case, this personal information processing policy does not apply to the act of collecting personal information from the linked website.
Article 13 [Others]
If the contents of this personal information processing policy are added, deleted, or modified, it will be notified through the notice on the website at least 7 days in advance.