1. Purpose of processing personal information
ILPUM Corporation (hereinafter the “Company”) has the following handling policies to protect users’ personal information and rights and interests in accordance with the Personal Information Protection Act and to handle users’ complaints related to personal information smoothly.
ILPUM Corporation (‘Company’) will notify you through website notices (or individual notices) when revising the personal information processing policy, and this personal information processing policy is applied to all services provided by the company.
The company processes personal information for the following purposes. The processed personal information will not be used for any purpose other than the following, and prior consent will be sought when the purpose of use is changed.
A. Website membership registration and management
– Confirmation of intention to sign up for membership, identification/authentication according to membership service provision, prevention of duplicate registration, maintenance/management of membership, delivery of notices to members, and securing a smooth communication path for complaint handling, etc.
B. Provision of goods or services
– Identity verification, service complaint handling, customer center operation, etc.
C. Marketing use (optional)
– Provision of event information and participation opportunities (e-mail, SMS/MMS, etc.), analysis of marketing and service use (individual and group statistical analysis), provision of advertising information and regular sending, etc.
D. Use of individual services (optional)
– Events: Participation in online/offline events and social media events
– Customer Survey: Guidance on participation in customer surveys and provision of rewards
– Merchant inquiries: Securing business-related communication, such as consulting-related company review, and delivery of notices related to franchisees
– Partnership inquiry: Securing business-related communication such as delivery of transaction-related notices
E. Others: generated/collected during service use or business processing
– Customer analysis for marketing and public relations, statistical analysis and research for service improvement
– Providing customer convenience such as gift giving and gift-giving events
– Preparation for personal information infringement incidents and preservation of records for dispute resolution
2. Personal information collection and use status
The company collects, uses, retains and destroys the following personal information through the website, etc. when registering for membership or in the process of using the service.
How to collect personal information is as follows.
In the case of collecting personal information, the user must be informed of the fact in advance and consent is obtained, and personal information is collected through the following methods.
– When the user agrees to the collection of personal information and directly enters information during membership registration and service use
– When personal information is provided from affiliated services or organizations
– In the course of consulting through the customer center, webpage, e-mail, Fax, phone, SMS/MMS, etc.
– Participation in online/offline events/events, etc.
3. Matters concerning the provision of personal information to third parties
The company provides personal information to third parties only when it falls under Articles 17 and 18 of the Personal Information Protection Act, such as the consent of the information subject and special provisions of the law. The company uses users’ personal information only within the scope agreed upon at the time of collection, and does not use or disclose or provide personal information outside the scope without the user’s prior consent.
Users may not consent to the provision of personal information to a third party and may withdraw consent to the provision of personal information to third parties at any time. However, the use of some services based on the provision of third parties may be restricted.
Sharing and delivery status
recipient | Purpose of provision | Items of personal information to be provided |
ILPUM Corporation | Service development and operation, quality control, customer CS processing and response, marketing communication, etc. | Name, contact information, email |
4. Consignment of personal information processing
The company entrusts some of the personal information processing tasks as follows for smooth business performance.
When the company concludes a consignment contract, the company specifies in the contract documents the responsibilities such as prohibition of processing of personal information other than for the purpose of performing entrusted tasks, technical/administrative protection measures, restrictions on re-entrustment, management/supervision of the trustee, and compensation for damages in the contract, etc. We regulate and supervise necessary matters to safely handle personal information.
If the contents of the consignment work or the consignee is changed, we will disclose it through this personal information processing policy without delay.
5. Personal information retention and use period, destruction method
The company processes and retains personal information within the period of retention and use of personal information in accordance with laws and regulations, or the retention and use of personal information agreed upon when collecting personal information from the information subject.
In principle, the company destroys personal information without delay when the purpose of collecting or receiving personal information is achieved.
– Destruction procedure: The information entered by the user is transferred to a separate DB (separate document in the case of paper) after the purpose is achieved, stored for a certain period in accordance with internal policies and other related laws, or immediately destroyed. At this time, the personal information transferred to the DB will not be used for any other purpose unless it is in accordance with the law.
-Destruction deadline: If the retention period of the personal information of the user has elapsed, the personal information will be deleted within 5 days from the end of the retention period. When the personal information is deemed unnecessary, the personal information will be destroyed within 5 days from the date it is deemed unnecessary.
– Destruction method: For information in the form of electronic files, a technical method that cannot reproduce the record is used. Personal information printed on paper is shredded with a shredder or destroyed through incineration.
6. Rights and obligations of data subjects and how to exercise them
Users can exercise the following rights as the subject of personal information.
1) The information subject can exercise the following personal information protection rights against the company at any time.
① Request to view personal information
② Request for correction if there is an error
③ Request for deletion
④ Request for suspension of processing
2) The exercise of rights pursuant to Paragraph 1 shall be made to the company in writing, e-mail, You can do this through fax, etc., and the company will take action without delay.
3) If the information subject requests correction or deletion of personal information, the company will not use or provide the personal information until the correction or deletion is completed.
4) The exercise of rights pursuant to Paragraph 1 may be done through an agent such as a legal representative of the information subject or a person who has been delegated. In this case, you must submit a power of attorney in accordance with Form 11 of the Enforcement Regulations of the Personal Information Protection Act.
7. Measures to ensure the safety of personal information
In accordance with Article 29 of the Personal Information Protection Act, the company is taking the following technical/administrative and physical measures necessary to ensure safety.
– Regular self-audit: To ensure the safety of personal information handling, we conduct self-audit on a regular basis (once a quarter).
8. Personal Information Protection Officer
The company is responsible for overall handling of personal information, and has designated a person in charge of personal information protection as follows to handle complaints and damage relief from information subjects related to personal information processing.
name | position | rank | contact |
representative | CEO | ※ You will be directed to the department in charge of personal information protection. |
The information subject may inquire about all personal information protection related inquiries, complaint handling, damage relief, etc. that occurred while using the company’s service (or business) to the person in charge of personal information protection and the department in charge. The company will respond and handle inquiries from information subjects without delay.
9. Changes to the Privacy Policy
This Privacy Policy may be amended for the purpose of reflecting changes in laws or services. If the privacy policy is changed, the company will post the change, and the changed privacy policy will take effect 7 days after posting.
Privacy Policy Version Number: V 2.1
Privacy Policy Enforcement Date: December 22, 2020