Stanmore International Co., Ltd. (hereinafter referred to as the "Company") establishes and discloses personal information processing guidelines as follows in order to protect the personal information of the data subject and to quickly and smoothly handle related difficulties.
Article 1 (Purpose of processing personal information)
The company processes personal information for the following purposes. The personal information being processed is not used for any purpose other than the following purposes, and if the purpose of use is changed, necessary measures will be implemented, such as obtaining separate consent under Article 18 of the Personal Information Protection Act.
1. Register and manage homepage membership
Personal information is processed for the purpose of confirming the intention to join, identifying and certifying oneself by providing membership services, maintaining and managing membership, preventing fraudulent use of services, and processing personal information of children under the age of 14.
2. Providing goods or services
Personal information is processed for the purpose of delivering goods, providing services, sending contracts and invoices, providing contents, providing customized services, personal authentication, age certification, payment and settlement of charges, and collecting bonds.
3. Handling of Complaints
Personal information is processed for the purpose of identifying the complainant, confirming the complaint, contacting and notifying the result of the fact-finding, etc.
Article 2 (Processing and Retention Period of Personal Information)
① When the company holds personal information in accordance with laws and regulations, or collects personal information from the information subject, it processes and holds personal information within the period of use.
② Each personal information processing and retention period is as follows.
1. Membership and management of the website: Until the withdrawal of the website of the business operator/organization
Provided, That in cases falling under the following grounds, by the time the relevant grounds are terminated:
1) Where an investigation, investigation, etc. is in progress due to a violation of relevant statutes, the relevant investigation shall be completed by the time the investigation is completed.
2) If the bond and debt relationship remains due to the use of the website, the relevant bond and debt relationship shall be settled by the time of settlement.
2. Provision of goods or services: Until the supply of goods and services is completed and the payment and settlement of charges is completed
Provided, That in the following cases, by the end of the relevant period:
1) Records on transactions, such as indications, advertisements, contract details, and performance under the Act on the Protection of Consumers in Electronic Commerce, etc
- Record of display and advertisement: June
- Records of contract or subscription withdrawal, payment, goods, etc.: 5 years
- Records on the handling of consumer complaints or disputes: 3 years
2) Storage of communication fact confirmation data under Article 41 of the Communications Secrets Protection Act
- Subscriber telecommunication date and time, start and end time, counterparty subscriber number, frequency of use, and location tracking data of the originating station: 1 year
- Computer communication, Internet log records, access point tracking data: 3 months
Article 3 (Provision of personal information to a third party)
① The company processes the personal information of the data subject only within the scope specified in Article 1 (Personal Information Processing Purpose), and provides personal information to third parties only if it falls under Article 17 of the Personal Information Protection Act, such as consent of the data subject and special provisions of the law.
② The company provides personal information to third parties as follows.
- Person to whom personal information is provided: LOGEN
- Purpose of using personal information of the recipient: Delivery service agency
- Person who receives personal information: KG Inicis
- Purpose of using personal information of the recipient: Payment-related affairs
Article 4 (Rights of users and legal representatives and methods of exercise thereof)
① The information subject may exercise the following personal information protection rights against the company at any time:
1. Requesting access to personal information
2. Request correction if there is an error, etc
3. Delete Request
4. Request to stop processing
② The exercise of rights under paragraph (1) can be made to the company in writing, by phone, e-mail, or fax, and the company will take action without delay.
③ If the data subject requests correction or deletion of errors in personal information, the company will not use or provide the personal information until the correction or deletion is completed.
④ The exercise of rights under paragraph (1) may be conducted through a legal representative of the data subject or an agent, such as a delegated person. In this case, you must submit a power of attorney in accordance with attached Form 11 of the Enforcement Rules of the Personal Information Protection Act.
⑤ The information subject shall not violate the personal information and privacy of the information subject or others handled by the company in violation of related laws such as the Personal Information Protection Act.
Article 5 (Personal Information Items to be Processed)
The company is processing the following personal information items.
1. Register and manage homepage membership
Required items: <Example) Name, date of birth, ID, password, address, phone number, gender, email address, IP number>
Optional items: <Example) Marital status, area of interest>
2. Providing goods or services
Required items: <Example) Payment information such as name, date of birth, ID, password, address, phone number, e-mail address, IP number, credit card number, bank account information>
Select item: <Example) Areas of interest, past purchase details>
3. In the process of using the Internet service, the following personal information items may be automatically generated and collected.
IP address, cookie, MAC address, service usage record, visit record, bad usage record, etc
Article 6 (Destruction of personal information)
① When personal information becomes unnecessary, such as the expiration of the period of personal information retention or the achievement of the purpose of processing, the company destroys the personal information without delay.
② If personal information is to be preserved in accordance with other laws and regulations despite the expiration of the period of personal information retention agreed by the data subject or the purpose of processing has been achieved, the personal information is moved to a separate database (DB) or stored elsewhere.
③ The procedure and method of destroying personal information are as follows.
1. Destruction procedure
The company selects personal information for which the reason for destruction occurs, and destroys personal information with the approval of the company's personal information protection manager.
2. Disposal method
The company destroys personal information recorded and stored in the form of electronic files by using a method such as a low level format so that the record cannot be reproduced, and shreds or incinerates personal information recorded and stored in paper documents.
Article 7 (Measures to ensure the safety of personal information)
The company is taking the following measures to ensure the safety of personal information.
1. Management plan : Establishment and implementation of internal management plan, training of regular employees, etc
2. Technical measures: management of access rights such as personal information processing system, installation of access control system, encryption of unique identification information, and installation of security program
3. Physical measures: Control access to computer rooms, data storage rooms, etc
Article 8 (Matters concerning the installation, operation, and rejection of an automatic personal information collection device)
① The company uses 'cookie' to store usage information and retrieve it from time to time to provide individual customized services to users.
② Cookies are small amounts of information that the server (http) used to run the website sends to the user's computer browser and are sometimes stored on the user's hard disk.
1. Purpose of use of cookies: It is used to provide optimized information to users by identifying the type of visit and use of each service and website visited by users, popular search terms, security access, etc.
2. Installation, operation, and rejection of cookies: You can refuse to save cookies by setting options in the Tools > Internet Options > Privacy menu at the top of the web browser.
3. Refusing to save cookies can cause difficulties in using customized services.
Article 9 (Personal Information Protection Officer)
① The company is responsible for overall personal information processing, and designates a person in charge of personal information protection as follows to handle complaints and remedy damages of information subjects related to personal information processing.
▶ Person in charge of personal information protection
Name: Jeong-hyang, Pak
Position: General manager
Contact information: 1533-0681
Email: cs@amalric.co.kr
※ You will be directed to the Privacy Department.
② The information subject may contact the person in charge of personal information protection and the department in charge of personal information protection, handling complaints, and remedy for damage caused by using the company's service (or business). The company will respond and process inquiries from the information subject without delay.
Article 10 (Request for access to personal information)
The information subject may request the following departments to view personal information under Article 35 of the Personal Information Protection Act. The company will try to expedite the request for access to personal information by the data subject.
▶ Personal Information Access Request Processing Department
Name: Jeong-hyang, Pak
Position: General manager
Contact information: 1533-0681
Email: cs@amalric.co.kr
Article 11 (Method of remedy for infringement of rights)
The information subject can contact the following institution for damage relief and counseling for personal information infringement.
▶Personal Information Infringement Report Center (operated by the Korea Internet Agency)
- Affairs under his/her jurisdiction: Report personal information infringement facts, apply for counseling
- Home page: privacy.kisa.or.kr
- Phone: 118
- Address: (58324) 9, Jinheung-gil, Naju-si, Jeollanam-do, Republic of Korea
▶ Personal Information Dispute Mediation Committee
- Competent affairs: application for personal information dispute settlement, collective dispute settlement (private settlement)
- Home page: www.kopico.go.kr
- Phone: 1833-6972
- Address: (03171) 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea
▶ Cyber criminal investigation department, the Supreme Public Prosecutors ' Office: 02-3480-3573 (www.spo.go.kr)
▶ the National Police Agency's Cyber Safety Bureau: 182 (http://cyberbureau.police.go.kr)
Article 12 (Implementation and change of personal information processing policy)
This personal information processing policy will be applied from March 1, 2022.