▪ Purpose of Processing Personal Information

We process personal information for the following purposes. The personal information being processed will not be used for purposes other than the following, and if the purpose of use is changed, we will take necessary measures, such as obtaining separate consent pursuant to Article 18 of the Personal Information Protection Act.
1. Membership registration and management
We process personal information for purposes of confirming membership registration intentions, identifying and authenticating individuals for membership services, maintaining and managing member qualifications, preventing service misuse, confirming the consent of legal representatives when processing personal information of children under 14 years of age, various notifications, notices, and complaint handling.

▪ Processing and Retention Period of Personal Information

① We process and retain personal information within the period stipulated by law for personal information retention and use or within the period consented by the information subject at the time of collecting personal information.
② The processing and retention periods for each type of personal information are as follows:
1. Website membership registration and management: Until the withdrawal from the business/organization’s website
However, in the following cases, until the end of the relevant reasons:
1) In case of an ongoing investigation or investigation due to a violation of relevant laws, until the end of the investigation or investigation.
2) In case of remaining rights and obligations related to website use, until the settlement of the relevant rights and obligations.
3) until the .
2. Provision of goods or services: Until the completion of supplying goods or services and the completion of payment and settlement
However, in the following cases, until the end of the relevant period:
1) Records related to display/advertising, contract contents, and performance, etc., according to the “Act on Consumer Protection in Electronic Commerce, etc.”
– Records related to display/advertising: 6 months
– Records of contracts or subscription withdrawals, payment of fees, supply of goods, etc.: 5 years
– Records related to consumer complaints or dispute handling: 3 years
2) Preservation of communication records according to the “Telecommunications Secrecy Protection Act”
– Records of communication date and time, start/end time, counterpart’s subscriber number, frequency of use, location tracking data: 1 year
– Records of computer communications, internet log data, access point tracking data: 3 months
3) : Until withdrawal and request for disposal.

▪ Items of Personal Information Being Processed

We process the following personal information:
1. Membership registration and management
– Mandatory items: Email address
2. Provision of goods or services
– Mandatory items: Email address

▪ Procedure and Method of Personal Information Destruction

① When personal information becomes unnecessary due to the expiration of the personal information retention period, achievement of the processing purpose, etc., we promptly destroy the relevant personal information.
② If personal information must be retained pursuant to other laws despite the expiration of the consented personal information retention period or achievement of the processing purpose, we transfer the personal information to a separate database (DB) or store it in a different location.
③ The procedure and method of personal information destruction are as follows:
1. Destruction procedure
We select personal information for destruction, obtain approval from the personal information protection manager, and destroy the personal information.
2. Destruction method
We destroy personal information stored in electronic file formats so that the records cannot be regenerated.

▪ Rights and Obligations of Information Subjects and Legal Representatives and Methods of Exercise

① Information subjects may exercise rights such as accessing, correcting, deleting, processing, and requesting the suspension of personal information processing from us at any time.
※ Requests for accessing information regarding children under 14 years of age must be made directly by legal representatives. Information subjects who are minors aged 14 or older may also exercise their rights regarding their personal information themselves or through legal representatives.
② Rights may be exercised by sending a request to us in writing, via email, facsimile, etc., in accordance with Article 41(1) of the Enforcement Decree of the Personal Information Protection Act, and we will promptly respond to such requests.
③ Rights may also be exercised through legal representatives or delegates.
In such cases, a power of attorney according to the format in Annex 11 of the “Guidelines for Personal Information Processing Methods (No. 2020-7)” must be submitted.
④ Requests for accessing and suspending processing may be limited under Article 35(4) and Article 37(2) of the Personal Information Protection Act.
⑤ Requests for correcting and deleting personal information may not be allowed if the personal information is specified as collection targets under other laws.
⑥ We verify whether the requester of requests such as access, correction, deletion, processing, and suspension is the information subject or a legitimate representative.

▪ Measures for Ensuring the Security of Personal Information

We take the following measures to ensure the security of personal information:
1. Administrative measures: Establishment and implementation of internal management plans, regular employee training
2. Technical measures: Access control to personal information processing systems, encryption of personal information, installation and updating of security programs
3. Physical measures: Access control to computer rooms, data storage rooms, etc.

▪ Personal Information Protection Manager

① We have designated a personal information protection manager to oversee personal information processing tasks, take responsibility, and handle complaints and remedies related to personal information processing as follows:
‣ Personal Information Protection Manager
Name: HYEONJUN YANG
Contact: dingyah@dingyah.com
※ Connected to the personal information protection department.