Personal Information Policies
ROAPACIFIC Corporation highly values personal information.
ROAPACIFIC Corporation (hereinafter referred to as “Company”) highly values personal information of customers for the company while making the greatest effort to protect their personal information. Company is obeying laws and regulations related to personal information protection including [Personal Information Protection Act] or [Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc.] and protecting personal information of customers by enacting and following personal information processing rules of the company. Company will make notification on the website (or individual notification) if revising personal information processing rules. Personal information processing rules of the company are subject to change from the modifications to related laws or notifications or changes in the operation policies of the company.
If they are changed, relevant contents are notified in the homepage.
[Article 1. Methods, Items, and Period of Collection for Personal Information]
1. Company integrates and operates Internet website. Therefore, users are able to use the same ID and password of brand website and shopping mall website operated by our company. Company provides services only to members who agree with the notification on integrated operation of the company when joining as a member.
2. “Member” means a customer who joins with membership by providing personal information to the company.
3. “Non-member” indicates a customer who uses service from the company without joining with membership on the website of the company.
4. Customers are able to agree with the collection of their personal information according to the personal information processing rules of the company. If customers check on the agreement box, they are regarded to agree with the collection of personal information.
5. Company is collecting personal information as follows for the membership, consultation, and service application.
– Items to collect: Name, date of birth, gender, log-in ID, password, password related inquiries and answers, house telephone, house address, cell phone number, email, occupation, company name, department, position, company telephone number, hobby, marital status, anniversary date, statutory representative, resident registration number, service log, access log, access IP information, and payment history
– How to collect personal information: Written form from the homepage (membership)
6. Company organizes the retention period and related laws of personal information as follows.
– Retention period: 5 years
– Related laws: Record of the supply including the payment and currency: 5 years
– Records about the contract or withdrawal from the agreement: 5 years
[Article 2. Collection of Personal Information and Purpose of Usage]
1. Company utilizes collected personal information for the following purpose.
– Perform the contract on the service provision, provide payment calculation contents from the service, purchase and payment for the fees, shipping, and issuance of bills, etc.
– Manage members
Identification from using the service in the membership, identification of individuals, confirmation of ages, and statutory representatives when collecting personal information of children aged less than 14
Confirmation of agreement, and delivery of notification
– Identify frequency for utilizing the marketing or advertisement and statistical information on the use of service from members
2. Company is collecting personal information at minimum to provide service when customers join as members. However, additional personal information of users is selectively entered to provide high quality and custom service to customers.
3. Company is eligible to identify individuals when they use online service (including mobile) and collect information about terminals (including the terminal model, operating system information, or browser information, etc.) for providing the service and preventing the unfair usage. As for the mobile service, tele-communication firm can be additionally collected and used to provide service according to the mobile service characteristics including the provision of PUSH service (only if customers agree) and the upgrade of application version.
4. If customers need to purchase items or services from the company, following additional information is required to pay for the amount, ship items, or process the refund.
– Card payment; Types of credit card, card number, and least account information needed for the payment including the expiration
– Fund transfer: Name of ordering party, telephone number or mobile number, email address, order password and name of recipient, shipping address, telephone number, and other requirements
5. Company is collecting personal information as follows other than the collection of personal information for membership and also obtaining agreement from customers by specifying the purpose of collection for personal information.
– Collection of information for the consultation with customers, inquiries for adjustment of issues, processing of requirements, and preservation of records
– Collect personal information for monitoring and prosumer activities
– Collect personal information for participating in marketing exhibition or event
6. Customers are eligible to deny the collection and use of personal information. However, if they deny the collection and use of required information, they are not eligible to use the membership service. If they deny the collection and use of selective information, they are eligible to join membership but might be limited with the service in the use of selective information or benefits.
[Article 3. Provision of Personal Information]
1. Company does not use personal information of customers in a scope beyond what is notified in the Article 2 or provide them to a third party except for the regulations from the laws or agreement from customers.
2. Customers are eligible to deny providing their personal information to a third party. When they deny the provision of personal information, they might be limited with the use of service from providing personal information to a third party.
3. Company is notifying users of provision for their personal information to a third party in foreign countries and obtaining their agreement.
4. Company does not disclose personal information of customers to a third party in principles. However, followings are the exception.
– If customers agreed in advance
– If it is based on regulations in the laws, or if there is a request from investigating agency according to procedures and methods determined by the laws for the purpose of investigation
[Article 4. Entrustment of collected personal information]
1. Company is eligible to entrust a third company to manage personal information of customers for the improvement of service and seamless computer process.
2. Company provides personal information processing service if entrusting them for the event or promotion by obtaining the agreement of users.
3. Company is entrusting personal information as follows for the provision and improvement of service while regulating matters required to safely manage personal information if concluding the entrustment agreement.
4. Entrusting companies for the personal information and entrusted tasks are as follows.
Entrusting company: Entrusted work / product shipping / provision of payment and safe purchase service/ confirmation of real name/authentication of identification, etc.
[Article 5. Destroying procedures and methods of personal information]
1. In principles, company proceeds the destroying procedures and methods as follows after collecting the personal information and achieving the purpose for using them.
– Destroying procedures
Information entered by a member for joining the membership is transferred after achieving the purpose (container box for paper) and destroyed after it is saved for a certain period according to the causes of information protection by internal policies and other related laws (refer to the period of retention or use).
Personal information transferred to a separate DB is not used for any other causes except for how it is saved by the laws.
– Destroying methods
Personal information saved in the electronic file is deleted in the use of technical method that cannot regenerate records.
2. Company is applying the expiration policy for personal information according to the Article 29 of Information and Communication Network Act.
3. Company shall immediately take an action if requested to delete personal information of customers or withdraw from membership. Deleted information is completely erased in the disk with a method that cannot restore or regenerate records and is processed to be non-readable or used in the future.
[Article 6. Civil complaint service about personal information]
Company is designating the related department and personal information control associate as follows to process complaints related to personal information while protecting them.
Name of a person in charge of personal information control: Sung-gul Song
Telephone number: 02-413-0915 (free) (Mon to Fri: 09:00 – 18:00, except for holidays)
Customer service department: CS team (free) (Mon to Fri: 09:00 – 18:00, except for holidays)
Telephone number: 02-413-0916
You are able to use the service of the company and report civil complaints related to the personal information protection to the person in charge of personal information control or related department. Company will provide a prompt response to the report from customers.
Please inquire to the following organizations if you need to report or consult on the infringement of personal information.
1. Personal Information Dispute Mediation Committee (www.1336.co.kr/1336)
2. E-privacy committee (www.eprivacy.co.kr/02-580-0533~4)
3. Internet crime investigation center at Supreme Prosecutor’s Office (>4. National Police Agency Cyber Terror Center) (www.ctrc.go.kr/02-392-0330)
[Article 7. Matters related to installation, operation, and denial of automatic collecting device of personal information]
1. Company is using ‘cookie’ to frequently save and load information to provide custom service for customers.
2. Cookie is a small amount of information sent from the server used for operating website (http) to computer browser of a customer and is saved in the hard disk of PC computer of a customer.
– Purpose of using cookie: Identify the visiting and use type, famous search words, security access, and etc. on each of the services and websites visited by customers and provide the optimal information to customers.
– Installation, operation, and denial of cookie: Available to deny saving cookie with tool on top of the web browser > Internet option > personal information menu options.
– If denying saving cookie, there might be difficulty in using custom service.
[Article 8. Read or modify personal information and withdrawal of agreement on collection, use, and provision of personal information]
1. Customer is eligible to click on the [modification of member information] by logging into the company website at any time to read or modify their information or request to an entrusted party for personal information including the sellers or visiting sales associates, or contact the personal information protection department via telephone, in writing, or email to request reading, modification, deletion, or suspension for processing personal information Company will take a prompt action on the request from a customer.
2. If requested by customers to modify the error on their personal information, company shall not process them including the use or provision of relevant personal information until modification is completed. In addition, if processing wrong information, company will take an immediate action to reflect the results of modifying procedures.
3. In the following cases, it might be limited to read or modify personal information.
– If there is a concern to significantly harm rights or profits of a third party
– If violating laws
4. Customer is eligible to withdraw agreement on the collection, use, or provision of personal information at any time. Withdrawal of agreement (withdrawal from membership) is available in person (withdrawal from membership) by logging into the company website, or by requesting a person entrusted to process personal information including the seller or visiting associates, or in writing, telephone, or email to personal information management department. Company will take necessary actions immediately including the process of withdrawal from membership of a user or destruction of personal information upon the request of customers.
5. Company is making an effort to take necessary actions to make it easier to withdraw agreement (withdrawal from membership) on the collection of personal information than to collect personal information.
[Article 9. Rights and exercise of rights of users and statutory representative]
1. Customers or their statutory representatives are eligible to inquire or modify personal information of them or children aged less than 14 that are registered in the system at any time or to request to cancel the membership.
2. In order to modify personal information of customers or children aged less than 14, it is required to confirm the identification by clicking in “withdrawal from membership” to read, modify, or withdraw. If customers contact the person in charge of personal information control in writing, telephone, or email, company will take a prompt action.
3. If you request to modify the error of personal information, the relevant personal information is not to be disclosed until it is modified. In addition, if providing wrong personal information to a third party, results of modification are to be immediately provided to a third party to process modification.
4. Company is processing cancelled or deleted personal information upon the request of customers or statutory representatives as stated in the ‘period of retention and use of personal information collected by the company’ without reading or using them for other purposes.
5. Customers or their statutory representatives are eligible to exercise rights related to inquiry, modification, or change of personal information or withdrawal from membership.
6. Customers or their statutory representatives are eligible to use Internet, telephone, or writings to exercise the rights by contacting the company in regard of personal information, and the company shall immediately take necessary actions.
[Article 10. Obligations of notification if changing protection policies]
Policies for processing personal information are subject to change depending on the changes in laws or policies, or internal operation instructions or security technology of the company. Changed policies of processing personal information will be notified on the first page of company website along with the causes and contents of changes.