[Privacy Policy]
Malang Tank Co., Ltd. (hereinafter referred to as the "Company") establishes and discloses guidelines for processing personal information as follows in order to protect the personal information of the data subject in accordance with Article 30 of the Personal Information Protection Act and to facilitate the processing of related grievances quickly and smoothly.
Article 1 (Purpose of Processing Personal Information)
The company processes personal information for the following purposes. The personal information being processed will not be used for any purpose other than the following purposes, and if the purpose of use is changed, necessary measures such as obtaining separate consent pursuant to Article 18 of the Personal Information Protection Act will be implemented.
1. Membership and management of the website
Personal information is processed for the purpose of confirming the intention to join the membership, identification and certification based on the provision of membership services, maintenance and management of membership, identification based on the implementation of a limited identification system, prevention of illegal use of services, confirmation of the consent of a legal representative when processing personal information for children under the age of 14, various notices and notices, and grievances.
2. the provision of goods or services
Personal information is processed for the purpose of delivering goods, providing services, sending contracts and bills, providing content, providing customized services, self-identification, age certification, payment and settlement of charges, and collection of bonds.
3. the handling of grievances
Personal information is processed for the purpose of identifying civil petitioners, confirming civil complaints, contacting and notifying them for fact-finding, and notifying them of the results of processing.
Article 2 (Processing and Retaining Period of Personal Information)
① The company processes and holds personal information within the period of retention, use, or use of personal information agreed upon when collecting personal information from the data subject according to laws and regulations.
② Each of these personal information processing and retention periods is as follows.
1. Membership and management of the website: Until withdrawal from the website of the business operator/organization
However, in the following cases, until the end of the relevant reason
1) Where an investigation, investigation, etc. is in progress for violation of relevant laws and regulations, the relevant investigation and investigation shall be completed until the completion of the investigation
2) If the bond and debt relationship remains due to the use of the website, until the relevant bond and debt relationship is settled
2. Provision of goods or services: completion of supply of goods and services and completion of payment and settlement of charges
However, in the following cases, until the end of the relevant period
1) Records on transactions, such as display, advertisement, contract details, and implementation, under the Electronic Commerce, etc. Act on Consumer Protection, etc
- Record of display and advertisement: June
- Record of withdrawal of contract or subscription, payment, goods, etc.: 5 years
- Records on handling consumer complaints or disputes: 3 years
2) Storage of communication fact confirmation data under Article 41 of the Communications Secret Protection Act
- Subscriber telecommunication date and time, start and end times, counterparty subscriber number, frequency of use, and source station location tracking data: 1 year
- Computer communication, Internet log records, access point tracking data: 3 months
Article 3 (Consignment of Personal Information Processing)
① The company entrusts the processing of personal information as follows for smooth processing of personal information.
- Consignee (trustee): ImWeb Co., Ltd
- Contents of duties entrusted: system provision of shopping mall hosting service, mobile app service, marketing service and addition, affiliate service provision and notification talk, friend talk, text message sending agency service, etc
- Consignee (trustee): Toss Payments PG
- Details of business entrusted: Payment and escrow work
- Consignee (trustee): CJ Delivery Service
- Details of consignment business: Product delivery business
② In accordance with Article 25 of the Personal Information Protection Act, the company stipulates responsibilities such as prohibition of processing personal information other than the purpose of consignment, technical and management protection measures, re-consignment restrictions, management and supervision of trustees, and compensation for damages in documents such as contracts, and supervises whether the trustee handles personal information safely.
③ If the details of the consignment work or the trustee changes, we will disclose it through this personal information processing policy without delay.
Article 4 (Rights of users and legal representatives and methods of exercising them)
① The data subject may exercise the following privacy-related rights against the company at any time.
1. Request to view personal information
2. Request for correction if there is an error, etc
3. Request for deletion
4. Request to stop processing
② The exercise of the rights under paragraph 1 may be made to the company in writing, by telephone, by e-mail, by copy (FAX), etc., and the company will take action without delay.
③ If the data subject requests correction or deletion of an error in personal information, the company will not use or provide the personal information until the correction or deletion is completed.
④ The exercise of rights under paragraph 1 may be made through an agent, such as the legal representative of the data subject or a person who has been delegated. In this case, you must submit a power of attorney in accordance with attached Form 11 of the Enforcement Regulations of the Personal Information Protection Act.
⑤ The data subject shall not infringe on the personal information and privacy of the data subject or others that the company is processing in violation of related laws such as the Personal Information Protection Act.
Article 5 (Personal Information Items to be Processed)
The company is processing the following privacy items.
1. Membership and management of the website
Mandatory items: name, date of birth, ID, password, address, phone number, gender, email address, ipin number
Selections: Marriage status, areas of interest
2. the provision of goods or services
Mandatory items: name, date of birth, ID, password, address, phone number, e-mail address, ipin number, credit card number, bank account information, etc
Selections: Interest field, past purchase details
3. In the process of using the Internet service, the following personal information items can be automatically generated and collected.
IP address, cookie, MAC address, service usage record, visit record, bad usage record, etc
Article 6 (Destruction of Personal Information)
① When personal information becomes unnecessary, such as the expiration of the retention period of personal information or the achievement of the purpose of processing, the company will destroy the personal information without delay.
② If the retention period of personal information agreed by the data subject has elapsed or the purpose of processing has been achieved, the personal information needs to be preserved according to other laws and regulations, the personal information is transferred to a separate database (DB) or stored differently.
③ The procedures and methods of destroying personal information are as follows.
1. procedure for destruction
The company selects personal information for which the reason for destruction has occurred and destroys the personal information with the approval of the company's personal information protection officer.
2. How to destroy
The company destroys personal information recorded and stored in the form of electronic files by using methods such as Low Level Format so that records cannot be reproduced, and the personal information recorded and stored in paper documents is destroyed by crushing or incineration with a shredder.
Article 7 (Measures to ensure the safety of personal information)
The company is taking the following measures to ensure the safety of personal information.
1. Management measures: Establishment and implementation of internal management plans, regular employee training, etc
2. Technical Measures: Management of Access Rights of Personal Information Processing Systems, etc., Installation of Access Control Systems, Unique Identification Information
Encryption, security program installation, etc
3. Physical measures: Control access to computerized rooms, data storage rooms, etc
Article 8 (Matters concerning the installation, operation, and refusal of automatic personal information collection devices)
① The company uses a "cookie" that stores usage information and fetches it from time to time to provide individual customized services to users.
② Cookies are small amounts of information sent by the server (http) used to run the website to the user's computer browser and are sometimes stored on hard disks in the user's computer.
A. Purpose of use of cookies: It is used to provide optimized information to users by identifying the type of visits and use of each service and website visited by the user, popular search terms, security access, etc.
B. Installation, operation, and rejection of cookies: You can refuse to save cookies through the Tools at the top of the web browser > Internet Options > Options settings on the Privacy menu.
C. Refusing to save cookies may cause difficulties in using customized services.
Article 9 (Personal Information Protection Officer)
① The company is in charge of handling personal information, and designates a person in charge of personal information protection as follows to handle complaints and remedy damages by data subjects related to personal information processing.
▶ Personal Information Protection Officer
Name: Jeon Eui-jin
Position: Representative
Contact point: 070-7954-6041
※ You will be connected to the privacy department.
② The data subject may contact the personal information protection officer and the department in charge for any personal information protection inquiries, complaints, damage relief, etc. that have occurred while using the company's service (or business). The company will respond to and process the data subject's inquiries without delay.
Article 10 (Request for Access to Personal Information)
The data subject may request the following departments to view personal information pursuant to Article 35 of the Personal Information Protection Act. The company will endeavor to expedite the data subject's request for personal information access.
▶ Department of receipt and processing of request for access to personal information
Department name: Customer department
Person in charge: Jeon Eui-jin
Contact point: 070-7954-6041
Article 11 (How to remedy infringement of rights and interests)
The data subject can inquire about damage relief and counseling for personal information infringement from the following institutions.
▶ Personal Information Infringement Reporting Center (operated by the Korea Internet & Security Agency)
- Affiliated duties: Report personal information infringement and apply for counseling
- Home page: privacy.kisa.or.kr
- Phone: 118 (without country code)
- Address: (5832) Personal Information Infringement Reporting Center, 3rd Floor, Jinheung-gil 9 (301-2 Bitgaram-dong), Naju-si, Jeollanam-do
▶ Personal Information Dispute Mediation Committee
- Affiliated duties: Application for personal information dispute mediation, collective dispute mediation (civil settlement)
- Home page: www.kopico.go.kr
- Phone: (No Number) 1833-6972
- Address: (03171) 4th floor of Government Complex Seoul, 209, Sejong-daero, Jongno-gu, Seoul
▶ Cybercrime Investigation Team of the Supreme Prosecutors' Office: 02-3480-3573 (www.spo.go.kr )
▶ Cyber Security Bureau, National Police Agency: 182 (http://cyberbureau.police.go.kr )
Article 13 (Enforcement and Change of Personal Information Processing Policy)
This privacy policy will take effect from October 23, 2023.