Privacy Policy

       

Privacy Statement

 

Individuals of users who use http://www.eckorea.net and APP services provided by EC Plaza Co., Ltd. (hereinafter referred to as 'Company') with one ONE ID (here-in-after referred to as "Service") The following principles are in place to keep your information safe. Besides, if we inevitably need to change the privacy policy due to changes in related laws or company policies, we will notify you quickly through website announcements (or individual notices), so please refer to them.

 

1. Personal information collected by ECPlaza is processed to protect the rights of users and provide better convenience as classified below. Besides, we promise to seek prior consent in the case the purpose of processing is changed or added.

a. Member registration and management

We process personal information to confirm the intention to sign up as a member, identification, and authentication according to the provision of member services, maintenance, and management of member qualifications, prevention of illegal use of services, various notices and notifications, complaint handling, and record preservation for dispute settlement.

b. Related to the provision of goods or services.

We process personal information to deliver goods and prizes, providing services and payment and settlement of fees, providing content and customized services for members, identity verification, and debt collection.

c. Marketing and product information delivery (if selected)

We process personal information to guide new services (products) and provide customized services, providing events and participation opportunities, verifying the validity of the service, identifying the frequency of access, or statistics on the member's use of the service.

2. Personal information collected by the company may differ in items and collection methods depending on the type of member or service used by the user, which is as follows.

① For non-members

  1. For members who subscribe to content such as mail
    • Collection items: e-mail
    • Collection method: Email subscription
  2. For event participants
    • Collection items: e-mail or phone number, SNS
    • Collection method: directly entered by the information subject through the event page.

② For members

  1. Information to be collected.

□ When registering as a member

  • Input information (required): Name, e-mail, contact information (mobile phone number or phone number, password, language)
  • Input information (optional): gender, country, date of birth
  • Generated information: IP, cookie information, visit date, service use record, bad use record.

□ When using mobile services

  • Unique device identification value (IMEI, etc.), OS version, terminal device name

□ When purchasing and paying for products

  • Personal information (required): Name of the payer, contact information (mobile phone number or phone number), shipping address, identification information. (CI, DI), other customs clearance information
  • Payment information: Depending on the payment company (PG company) and payment type, the following information may be additionally required.
    1. When paying by credit card: card company name, card number
    2. When paying by mobile phone: mobile phone number, carrier name
    3. For account transfer payment: bank name, account number
    4. When depositing without a bankbook: bank name, depositor name

(For 1:1 consultation) Name, e-mail, contact number (mobile phone number or phone number)

  1. How to collect information.

Website, App (member registration, customer center), information input at purchase, event participation, and phone or online consultation through the customer center

3. The retention period of personal information processed by the company is as follows.

  1. Personal information is processed and retained within the period of retention and use of personal information agreed upon when collecting personal information from the data subject or following relevant laws such as the Commercial Act and the Consumer Protection Act in e-commerce.
  2. Each personal information processing and retention period is as follows.
  3. . Storage based on relevant laws.
  4. Records on the contract or subscription withdrawal
  • Reason for storage: Act on Consumer Protection in Electronic Commerce, etc.
  • Retention period: 5 years
  1. Records on payment and supply of goods, etc.
  • Reason for storage: Act on Consumer Protection in Electronic Commerce, etc.
  • Retention period: 5 years
  1. Records on consumer complaints or dispute settlement
    • Reason for storage: Act on Consumer Protection in Electronic Commerce, etc.
    • Retention period: 3 years
  2. Websites visit history.
    • Reason for storage: Communication Secret Protection Act
    • Retention period: 3 Months
  3. Records on display·advertisement.
    • Reason for storage: Consumer Protection Act in Electronic Commerce.
    • Retention period: 6 Months
  4. Storage for the protection of personal information of the information subject, such as company internal policies
  • Reason for storage: Prevention of illegal use of personal information.
  • Retention period: 6 Months

4. Personal information stored to provide better services to users or to comply with responsibilities outlined in the laws and regulations may be provided to third parties.

① The company uses the user's personal information within the scope notified in 「Collection·Use of Personal Information」 and does not use it beyond the scope of the purpose of collection or provide it to a third party without the prior consent of the users.

② When orders and payments are made through the service provided by the company, the relevant information is delivered to the seller within the necessary range for smooth transaction execution such as consultation and delivery.

③ The personal information collected by the company is used within the scope notified to the information subject, and will not be used beyond the scope or disclosed to the outside without prior consent. However, if stipulated by laws and regulations, it may be provided without consent following the procedures and methods established by investigative agencies, administrative agencies, and third parties.

5. The business details for the personal information that the company entrusts the processing of personal information to are as follows.

① The company entrusts the processing of customer's personal information as follows for smoother service provision and effective business processing.

Category | Trustee | Commissioned work

Customer consultation | EC Plaza Co., Ltd. | All of the call center business such as management of the use of customer and order information

Shipping Service | CJ Logistics Co., Ltd. | Delivery of goods and prizes

Payment processing and sms sending | Korea Cyber ​​Payment Co., Ltd. (KCP), Eromnet Co., Ltd. | Payment processing through credit card, mobile phone, account transfer, bank transfer (virtual account), etc., sending SMS

② The company continuously manages and supervises whether the personal information entrusted by the above consignees is safely processed, and the personal information held by the consignee is immediately destroyed when the consignment work is terminated. (If the law specifies a separate storage period, the company keeps it safely for compliance with the law)

③ If the contents of the consignment business or the consignee change, the company will disclose it through this privacy policy without delay.

6. The Company can exercise the following rights as personal information subjects who use the service.

① If the user wants to inquire or modify his/her personal information, he/she can directly process it by using the ‘My Page → My Information → Information Check/Edit' menu at any time on the website.

② Users can conveniently cancel their subscription (or ‘withdraw consent') at any time by using the ‘Membership Withdrawal' menu on the homepage.

③ If the user does not agree with the company's processing of personal information, he or she may refuse consent or request termination of membership (or ‘withdrawal from membership'), and in such case, the use of some or all of the related services may be restricted. (However, if you are a user of the ‘Subscribe' service, you can withdraw your consent to receive through the "unsubscribe" function at the bottom of the email address you received.)

④ When a user requests the correction of errors in personal information, the company will not use the personal information or provide it to others until the processing is completed. Besides, if incorrect personal information has already been provided to a third party for a reasonable reason, the result of the correction process will be notified to the third party without delay to correct it.

7. In principle, the company destroys the personal information immediately after the purpose of storing the collected member's personal information has been achieved. The procedure, deadline, and method of destroying personal information are as follows.

  1. Discarding procedure

Personal information for which the purpose of collection and use has been achieved is transferred to a separate DB (separate documents in the case of paper) and safely stored in compliance with internal regulations and related laws and is destroyed without delay when the specified period is over. At this time, the personal information transferred to the DB will not be used for any other purpose unless it exceeds the purpose agreed by each of you or is not stipulated by law.

2. How to discard

① Information in the form of electronic files uses a technical method that cannot reproduce records.

② Personal information printed on paper is destroyed by shredding or incineration.

8. We inform you of the installation, operation, and rejection of cookies.

  1. What is a cookie?

Cookies are very small text files that the server used to operate the website sends to the user's computer and are stored on the user's computer hard disk. Therefore, you can refuse collection because you can choose to install and collect cookies yourself.

2. How can I refuse cookies?

a. For Internet Explorer

"Tools" menu at the top of the web browser → "Internet Options" menu → "Personal Information" tab → Custom Settings.

b. For Chrome

Select the icon "☰ (Custom Description and Controls for Google Chrome)" in the upper right corner of your web browser → select "Settings" → select "Show advanced settings" at the bottom of the screen→ "Content Settings" button in the Privacy section → Set directly in the Cookies section.

* Please note that if a member refuses to store cookies, some services that require login may be restricted.

9. The company is taking technical, administrative, and physical protection measures necessary to ensure the safety of personal information.

a. Minimization and training of personnel handling personal information.

We designate employees who handle personal information, minimize the number of people in charge of handling personal information, and make every effort to safely manage personal information through continuous personal information protection education.

b. Conduct self-audit.

To secure technical and managerial protection measures to ensure that personal information is handled safely internally, we employ personnel in charge of audit and conduct periodic self-audits to check whether personal information handlers comply with internal regulations and laws.

c. Establishment and implementation of an internal management plan

We have established and implemented an internal management plan for the safe handling of personal information.

d. Encryption of personal information

Your personal information is encrypted and stored and managed according to the standards stipulated by the law, and additional security features such as encryption of files and transmission data are used.

e. Technical measures against hacking, etc.

The company installs a security program to prevent leakage and damage of personal information due to hacking or computer viruses, periodically updates and checks, installs a system in an area where access is controlled from outside, and monitors and blocks technically and physically.

f. Restricting access to personal information

We are taking necessary measures to control access to personal information by granting, changing, and canceling access rights to the database system that processes personal information, and we control unauthorized access from outside by using an intrusion prevention system.

g. Storage of access records and prevention of forgery

Records accessed to the personal information processing system are kept and managed for at least 6 months as stipulated in relevant laws and regulations, and security functions are used to prevent forgery, alteration, theft, and loss of access records.

h. Use of locks for document security.

Documents containing personal information and auxiliary storage media are stored in a safe place with a lock.

i. Access control for unauthorized persons

A separate physical storage place for personal information is established and access control procedures are established and operated.

10. The company appoints a person in charge of personal information management to protect users' safe personal information.

① The Company has designated a person in charge of personal information management as follows to take full responsibility for the handling of personal information and to handle user complaints related to personal information processing and to relieve damage.

Chief Privacy Officer of EC Plaza Co., Ltd. (CPO)

Name: Dong Ha Lee

Department: Developer Team

Position: Team Leader 

Email: esummer@ecplaza.net

Phone number: 070-4099-0111

Fax number: 02-482-0339

② Users can contact the person in charge of personal information management and the customer support center for all personal information protection related inquiries, complaints handling, damage relief, etc. that occurred while using the service (or business) provided by the company. We will respond and process without delay.

③ If you need to report or consult about personal information due to infringement, you can contact the following organizations for help.

Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)

  • (Without area code) 118 / privacy.kisa.or.kr

Information Protection Mark Certification Committee

  • 02-550-9531~2 / eprivacy.or.kr

Supreme Prosecutors' Office Cyber Crime Investigation Team

  • (Without area code) 1301 / www.spo.go.kr

National Police Agency Cyber Crime Investigation Team

11. The policy on changing the privacy policy is as follows.

This privacy policy will be applied from the effective date, and if there are any additions, deletions, or corrections to the changes following laws and policies, we will notify you through the notice from 7 days before the enforcement of the changes. However, if there is a reason for a material change in the user's rights, such as collection and use of personal information, provision to a third party, etc., it will be notified at least 30 days in advance.

●Privacy Policy Version Number: 2.1

●Date of announcement of current privacy policy: March 18th, 2021

●Current privacy policy enforcement date: Arpil 1st, 2021