D'CENT App Privacy Policy
All personal information handled by the company shall be collected, held and processed in accordance with the Personal Information Protection Act and related laws and regulations. And the company shall protect the collected personal information and user’s rights based on the Personal Information Protection Act and following policy has been placed for handling of user’s complaints.
In case of the company’s online mall, App and applications that handle personal information, the company sets privacy policy manual and operates based on Article 30, Section 1 of Personal Information Protection Act and Article 31, Section 1 of its enforcement ordinance.
When company’s privacy policy has been changed, company shall post in public about timing of enforcement and changed information that shall be recognized by users easily.
Purpose and use of personal information
Personal information means information about an individual who is alive and can be identified by the name, e-mail, contact information, etc. contained in the personal information.
The company always confirms the intention of the user who wants to use the service from the company when company collects the personal information, and the company does not use the personal information for any purpose other than listed purposes. The company shall not provide collected information to third parties without user’s consent and purpose of collecting personal information is as follows.
| Purpose | |
|---|---|
| Membership | User authenticating using membership service |
| Detect and prevent unauthorized use of service and fraudulent use | |
| Customer service, Handling customer’s complaints, Preservation of records for settlement of dispute settlement | |
| Public notices (Notification of changes in company’s online mall website, App, application or policy changes) | |
| Order·Payment·Delivery | Payment |
| Fulfilling of agreement for delivering service | |
| Payment settlement | |
| Delivery | |
| User authentication in financial transactions and services | |
| Product returns, Refund, and Exchange | |
| Marketing | Improvement of existing services and development of new services |
| Offering customized services | |
| Providing services based on statistics and statistical key information of using the service | |
| Delivering Publications and announcing new products or services | |
| Informing of marketing campaign, event and advertisements or managing membership lounge |
Collection of personal information and collected information
Company collects user's personal information through registration of company’s App or application membership, opening user account, and its online mall. Collected information is;
- Required information for membership registration : E-mail, Password, Nickname
- Required information for online mall ordering process : E-mail, Name, Contact number, Address
- Credit card payment : Card company name, Card number, Expiration Date
User has the right to refuse for collection of required information and/or optional information, but there may be a limit for company to offer the services if user rejects it.
Providing personal information to third party
In principle, company shall process and manage collected personal information within the scope specified for the purpose of collection and use, and shall not process it beyond the scope of its original purpose or provide it to a third party without prior consent from owner of information except for below cases;
- If company receives separate consent from the information owner
- If there are special regulations in the law and/or act
- If the owner of information or his legal representative is unable to express his intention, or prior consent cannot be obtained due to an incorrect address, and it deems necessary to protect life, body or economic profits of the owner of information or a third party from impending danger
- If it is impossible to perform duties provided in other laws unless personal information is used for purposes other than those originally intended or provided to a third party, provided that it has been decided through deliberation at a meeting
- If it is necessary to conduct criminal investigation and to commence and maintain prosecution
- If it is necessary for the court to perform tasks related to trials
- If it is necessary to execute punishment, preventive custody, and protective disposition
Personal information processing consignment
The company consigns part of collected personal information to external parties for them to carry out some of necessary tasks to provide various services to users. And we are supervising entrusted companies not to violate the personal information protection laws and regulations. In addition, collected information is based on the time when the user confirmed, and we will notify user when the consignment company or consignment work is changed.
(Contracted Companies)
(Contracted Companies)
| Name | Tasks | Information | Use of personal information |
|---|---|---|---|
| KG Inicis | Card Payment, Mobile Payment | Name, Phone number, Address, Card company name, Card number, CVC Number, Expiration Date | Until membership withdrawal or end of consignment contract |
| EXIMBAY | Overseas Card Payment | Name, Phone number, Address, Card company name, Card number, CVC Number, Expiration Date | Until membership withdrawal or end of consignment contract |
| Kakao Pay | Payment | Name, Phone number, Address, Payment related information | Until membership withdrawal or end of consignment contract |
| Mailchimp | E-mail address | Name, E-mail address | Until membership withdrawal or end of consignment contract |
| WeKeep | Delivery | Name, Phone number, Address, Openmarket ID (option) | Until membership withdrawal or end of consignment contract |
| DHL | Delivery | Name, Phone number, Address, E-mail, Tax ID(selected countries) | Until membership withdrawal or end of consignment contract |
Retention and usage period of personal information
In principle, collected information of user will be destroyed without delay when company reaches objective for collecting and using of personal information. However, in accordance with relevant laws and regulations including Consumer Protection Act in Commercial law and Electronic Commercial law etc., the company shall preserve the collected information for a certain period of time when is necessary. In this case, the company shall use the information solely for the original purpose, and its retention period is;
| Information to be kept about | Applied Law | Period |
|---|---|---|
| withdraw or termination of agreement | Consumer Protection Act in Commercial Law and Electronic Commercial Law | 5 years |
| payment of goods delivery | Consumer Protection Act in Commercial Law and Electronic Commercial Law | 5 years |
| customer's complaint or settlement of dispute | Consumer Protection Act in Commercial Law and Electronic Commercial Law | 3 years |
| advertisement and its display | Consumer Protection Act in Commercial Law and Electronic Commercial Law | 6 months |
| all ledgers and evidential documents related to transactions in accordance with tax laws | National Tax Law, Corporate Tax Law | 5 years |
| electronic financial transactions | Electronic Financial Transaction Law | 5 years |
| website visits | Protection of Communications Secrets Act | 3 months |
| collection, processing and use of credit information | Use and Protection of Credit Information Act | 3 years |
| identity verification | Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. | 6 months |
Destruction of personal information
In principle, the company shall delete personal information without delay when purpose of processing personal information has been accomplished and users withdrawal membership. And personal information of users who have not connected to our service more than one year shall be stored and managed separately.
Destruction procedure
Personal information shall be deleted immediately or moved and stored in separate location for certain period based on internal policies and/or other related laws and regulations when purpose of processing personal information has been accomplished. Personal information that has been moved into separate location shall not be used for any other purpose unless related law and/or regulation order.
Destruction period and process
When the retention period has expired or personal information becomes unnecessary, printed personal information on paper is shredded or incinerate, and personal information stored in the form of an electronic file shall be deleted through technical methods that can not reproduce the original data.
User's rights and duties and how to exercise them
User has the right to receive sincere response from the company’s customer support team when there is a question, and can ask to view, correct or withdraw the registered user's personal information and request the company to view, provide, correct or withdraw the personal information.
The user should input the personal information accurately and precisely to prevent potential accidents. User has full responsibility for accidents caused by entering incorrect information, and you may lose membership if you enter false information including unauthorized use of other person's information.
Users have the right to protect the personal information. But also has responsibility to protect registered personal information and not to infringe other’s personal information. User has to be careful not to disclose the personal information, including passwords and should not to damage the privacy of others, including posts. If user fails to fulfill such responsibilities and damage other’s information, user may be punished under the Information and Communications Network Act.
Denying installation and operation of automatic collecting device of personal information
The company uses ‘cookie’ to store information about users and to find them from time to time. ‘Cookie’ is a small amount of data from the HTTP server to a user's computer browser (i.e. Internet Explorer, Safari, Firefox, Chrome etc.). ‘Cookie’ identifies user’s computer, but not you as an individual.
Purpose of ‘cookie’
- Provide customized information according to individual interests
- Analyzes the frequency and duration of visits of members’ and non-members' to identify user's interests and areas of interest for targeted marketing
- Keep track of what users are looking for personalized service at their next visit
- Analyze users' habits and use them as indications of service re-organization
Options for ‘cookie’
- By adjusting users’ web browser, users can accept all cookies, send a notification when a cookie is installed, or reject all cookies. However, if users refuse storage of cookies, users may not be able to access certain services that require log-in
- Select “Internet Option” in “Tool” menu
- Select “Privacy”
- Under “Setting” menu, users can choose “Accept” / “Block” / “Prompt”
- ‘Cookie’ will be expire when internet browser is closed or log-out
Personal information protection measures
The company is taking the following measures to ensure the protection of personal information.
- Administrative measures: Establish an internal management plan. Implementation, regular staff training, etc.
- Technical measures: Management of access rights of personal information processing system, etc., installation of an access control system, encryption of unique identification information, etc., installation of security programs
- Physical measures: Control access to computer rooms, data storage rooms, etc.
Remedies for infringement of rights
Remedies for Infringement of Rights Information subjects may inquire about damage relief and counseling for personal information infringement to the following organizations.
<The following organizations are separate organizations from the company, so if you are not satisfied with the company's own personal information complaint handling and damage relief results, or if you need more detailed help, please contact them.>
Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
- Responsibilities: Report personal information infringement, apply for counseling
- Website : privacy.kisa.or.kr
- Telephone Number: 118
- Address: 9, Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong) 3rd floor (58324)
Personal Information Dispute Mediation Committee
- Responsibilities: Personal information dispute mediation application, collective dispute mediation (civil settlement)
- Website : www.kopico.go.kr
- Telephone Number: 1833-6972
- Address: 12th floor, Seoul Government Complex, 209 Sejong-daero, Jongno-gu, Seoul (03171)
Supreme Prosecutor's Office Cyber Crime Investigation Team: 02-3480-3574 ( www.spo.go.kr )
National Police Agency Cyber Security Bureau: 182 ( http://cyberbureau.police.go.kr )
Personal information protection
To protect personal information of members and handle complaints and inquiries for personal information reading, the company operates related department and chief privacy officer as the following:
| Chief Privacy Officer | Minho Yoo Vice President |
| Telephone Number : +82-2-1833-4022 | |
| E-mail : contact@iotrust.kr | |
| Privacy Management team / Request Personal information reading team | D’CENT Customer Support Team |
| Telephone Number : +82-2-1833-4022 | |
| E-mail : contact@iotrust.kr |
Announcement date: January 12, 2022
Effective date: January 19, 2022
