Huple Co., Ltd. (hereinafter referred to as the "Company") establishes and discloses the following personal information processing policies to protect users' personal information in accordance with related laws and regulations such as the Personal Information Protection Act.
The user's personal information is collected through the user's direct input or offline document preparation through the consent process when using the service. In addition, personal information can be collected through web pages, applications, mail, faxes, and phone calls during the consultation process through the customer center. (1) The company collects and uses ID, password, name, e-mail address, CI, DI, store information (business type, region, store name, etc.) for membership and identity authentication. (2) Members can selectively use the services provided by the company. The company collects and uses personal information with consent at the time the member applies for the service use and affiliate service below.
| Sortation | Items for collection and use |
| Service | ID, name, mobile phone number, email address, birth date Owner (representative) information: name of representative, domestic/foreigner, CI, DI, business registration number, account information (bank name, depositor, account number), (foreigner) nationality, (foreigner) English name |
| [If you use the money charging service] Account transfer payment: Bank name, depositor name, account number, date of birth (business registration number) Credit card payment: Card number, card expiration date, date of birth, 2 digits in front of password |
(3) The following information can be automatically generated, stored, combined, and analyzed during the service use process. - Examples of automatic collection information (generation information): access point information, device unique number, service usage record, visit record, advertisement ID (4) The company uses all personal information and generated information collected to provide services for the following purposes. - Confirmation of membership intention, identification of users, identification of identity, provision of membership services, and member management - Improve service delivery and management (benefit services, including), services and development of new services. - Purchase and payment of paid services and products (including refund) - Settlement payment - Complaint handling and customer consultation - Communication of the disclaimer - Prevention of money laundering, such as checking customers and reporting suspicious transactions under the Act on the Prevention of Illegal and Illegal Use, Reporting and Utilization of Specific Financial Transaction Information, etc - Statistics and analysis of service visits and usage records - Survey and manage service satisfaction - Notification Service - Offer events and giveaways - Delivering customized services - Utilize marketing and promotion (provide advertising/event information)
(1) In order to improve the service, the company entrusts the user's personal information as follows, and stipulates necessary matters so that personal information can be safely managed in the case of consignment contracts in accordance with relevant laws. (2) The company that the company entrusts the user's personal information and the details of the work are as follows.
| Sortation | a consignment company | Contents of entrusted business |
| Credit charge service | ㈜Toss Payment | Payment |
(1) In principle, if the purpose of collecting and using the user's personal information is achieved, the company shall destroy the personal information without delay if the retention and use period of the personal information is over. (2) If a user withdraws his/her consent to the collection and use of personal information, the company shall destroy the collected user's personal information without delay. (3) If the personal information must be preserved for a certain period of time according to other laws or internal policies, the personal information shall be transferred to a separate database (DB) or stored in a different storage place. A. Information of users collected and used under laws and regulations
| legislation | Purpose of possession and use | Retained item | Period of retention and use |
| Communications Secrets Protection Act | Obtain a warrant from the court and provide it to the investigative agency upon request | Log records, access destination information, etc | 3 months |
| in e-commerce, etc the Consumer Protection Act | Records of indications and advertisements | Display and advertising records | 6 months |
| Records on payment and supply of goods, etc | Records of payment and supply of goods, etc | 5 years | |
| Records concerning withdrawal of contracts or subscriptions, etc | Consumer identification contract/subscription withdrawal record | 5 years | |
| Records on the handling of consumer complaints or disputes | Consumer Identification Information Dispute Settlement Records | 3 years |
B. User information collected and used by the company's internal policy
| Sortation | Purpose of possession and use | Retained item | Period of retention and use |
| Company internal policy | Abuse of membership (Prevention of Illegal Use) |
ID, DI | 1 year after withdrawal from membership |
(4) According to Article 39-6 of the Personal Information Protection Act, the company notifies the user of the personal information of users who have not used the company's service for a year in advance and destroys or stores the personal information separately. * The company notifies the user 30 days before the unused period by announcement, e-mail, etc. that personal information is destroyed or stored and managed separately, the expiration date of the unused period of the service, and the items of the relevant personal information. This requires users to inform or modify the company of the correct contact information. (5) The procedures and methods of destroying personal information are as follows. ① Revocation procedure The company shall destroy without delay from the time when the reason for destruction occurs to the time when the separately designated holding and use period has elapsed. ② Destruction method The company destroys personal information recorded and stored in the form of an electronic file using a technical or physical method so that the record cannot be reproduced, and the personal information printed on the paper is destroyed by a shredder or incineration.
The company does not collect personal information of children under the age of 14 to protect their personal information.
(1) In principle, users directly inquire and delete their personal information, and the company provides functions for this. (2) Users and legal representatives can request inquiry, correction, and deletion of personal information, and the company will take action after going through the identity verification process according to the policy. (3) If a user requests an error correction of personal information, the company does not use or provide the personal information until the correction is completed. Also, if the company has already provided the wrong personal information to a third party, it will request the third party to correct it without delay. (4) Users must keep their personal information up-to-date, and the user is responsible for problems caused by the user's inaccurate information entry. (5) In the case of membership registration for stealing other people's personal information, they may lose their user qualifications or be punished by laws related to personal information protection. (6) Users are responsible for maintaining security for users' personal information, such as IDs, passwords, and e-mails, and cannot transfer or lend them to third parties. The user is responsible for the problems caused by the user's transfer or loan of the user's personal information to a third party.
- Weblog Analysis ① Through Google Analytics, a weblog analysis tool, the company collects and analyzes the user's usage of services (move, click, switch, etc.). ② If you want to stop weblog analysis, you can block it through the settings in the information page below.
In order to ensure safety so that personal information is not lost, stolen, leaked, altered, or damaged in processing users' personal information, the company is taking technical and management protection measures as follows. (1) Encryption of important personal information The user's password is stored and managed by one-way encryption, and personal information can be checked and changed only by the person who knows the password. Financial information such as user's account number is stored and managed by encryption by applying a strong two-way encryption algorithm. (2) countermeasures against hacking, etc ① The company is doing its best to prevent users' personal information from being leaked or damaged by intrusion into information and communication networks such as hacking and computer viruses. ② Using the latest antivirus program, we prevent users' personal information or data from being leaked or damaged by virus infection. ③ Access control devices such as intrusion prevention systems are installed and operated to block illegal access to personal information. ④ Sensitive personal information enables safe transmission of personal information on the network through encrypted communication. (3) Minimize and educate personal information processing The company limits the number of personal information-related processing personnel to a minimum, and emphasizes compliance with laws and internal policies through administrative measures such as education for personal information processors. (4) Personal Information Protection The company is committed to checking the implementation of the personal information processing policy and the compliance of the person in charge of processing to resolve and correct problems immediately if they are found.
The company is responsible for handling personal information, and designates a personal information protection manager and department in charge as follows to handle complaints and remedy damages related to personal information processing. • Privacy Commissioner : Koo bum mo • Contact : 070-8899-3434 • Email : jeju2ri@huple.kr
Users can inquire about the following institutions for damage relief and counseling for personal information infringement. The agency below belongs to a government agency, and if you are not satisfied with the company's own personal information complaints or personal information damage relief results, please contact us if you need further help.
| ● Personal Information Infringement Report Center | Homepage : http://privacy.kisa.or.kr Phone number : (without a national number) 118 |
| ● Personal Information Dispute Mediation Committee | Homepage : https://www.kopico.go.kr Phone number : 1833-6972 |
| ● Cyber Investigation Division of the Supreme Prosecutors' Office | Homepage : http://www.spo.go.kr Phone number : (without a national number) 1301 |
| ● National Police Agency Cyber Safety Administration | Homepage : http://cyberbureau.police.go.kr Phone number : (without a national number) 182 |
(1) The current personal information processing policy can be changed as necessary, such as laws, government policies, or company internal policies, and if there is any addition, deletion, or modification, it will be notified through the "notification" on the website at least seven days before the revision. However, if there is an important change in user rights, it will be notified at least 30 days in advance. (2) The current personal information processing policy will be applied from September 00th, 2022, and the personal information processing policy before the change can be confirmed through the notice.
- Announcement date: September 30, 2022 - Implementation date: September 30, 2022