Privacy Policy

Jan. 6, 2025

Dozn Co., Ltd. (hereinafter referred to as "the Company") is dedicated to safeguarding users' personal information and adheres to applicable domestic laws related to personal information protection, including the Act on Promotion of Information and Communications Network Utilization and Information Protection and the Personal Information Protection Act.

  • 1. Purpose of Processing Personal Information

    The Company collects only the essential personal information from users, and the information collected is used for the following purposes:

      1. Member identification and verification and the delivery of notifications and announcements to members.
      2. Provision of services, enhancement of service quality, prevention of fraudulent use within the service, development of new services and technologies, offering personalized services, and billing/payment for services.
      3. Execution of tasks related to the outsourcing of personal information processing to trusted third-party companies.
      4. Distribution of advertising information.
      5. Analysis of income distribution across similar industries, tax payment history, credit, financial fluctuations, etc.
      6. Receipt of member complaints and inquiries and response to the results of their processing.

  • 2. Items of Personal Information to be Collected

    The Company collects only the minimum personal information required to operate its services. If additional personal information is necessary for service use, the Company will obtain separate consent from the user before collecting it.

  • Category Mandatory Items Optional Items Retention Period
    Membership registration Email, Password - Until membership cancellation or contract termination
    Card registration Card number, Expiration date, CVC, Card password - Until the card is deleted or the membership is terminated
    Inquiry and notification services Transaction history (payment, withdrawal, recharge) - Until the card is deleted or the membership is terminated
    Email recovery (by card number) Card number, Expiration date, CVC, Card password - Until membership cancellation or contract termination
    Email recovery (by passport number) Country code, Passport number - Until membership cancellation or contract termination
    Customer support Email, Inquiry details - 3 years (by the Act on the Consumer Protection in Electronic Commerce, etc.)
    Personalized services and product recommendations - Email, Country code Until consent is withdrawn or membership is terminated

  • 3. Retention Period and Destruction of Personal Information

    1. The Company processes and retains personal information collected from users within the agreed retention period. If a user withdraws their membership, revokes consent, or if the retention period has expired, the Company will immediately destroy the personal information in a manner that prevents recovery or reproduction. However, if applicable laws require personal information to be retained, the information will be securely stored separately.
      1. Records related to contracts or withdrawal of offers (Act on the Consumer Protection in Electronic Commerce, Etc.: 5 years)
      2. Records of payment and supply of goods (Act on the Consumer Protection in Electronic Commerce, Etc.: 5 years)
      3. Records of consumer complaints or dispute resolution (Act on the Consumer Protection in Electronic Commerce, Etc.: 3 years)
      4. Records of displaying and advertising (Act on the Consumer Protection in Electronic Commerce, Etc.: 6 months)
      5. Accounting books and supporting documents related to transactions as prescribed by tax laws (Framework Act on National Taxes: 5 years)
      6. Records related to access (Protection of Communications Secrets Act: 3 months)
      7. Records of electronic financial transactions (Electronic Financial Transactions Act: 5 years)
      8. Records of the collection/processing and use of credit information (Credit Information Use and Protection Act: 3 years)
    2. Destruction Method
      1. Personal information stored in electronic file formats will be permanently deleted using technical methods that ensure the data cannot be restored. Printed materials will be shredded using a shredder.

  • 4. Outsourcing of Personal Information Processing

    The Company outsources specific personal information processing tasks to facilitate smooth operations. Necessary provisions have been established to ensure subcontracted companies securely handle personal information in compliance with the Personal Information Protection Act. If users do not use services related to the outsourced tasks, their personal information will not be shared with the subcontracted companies.

  • Subcontractors Outsourced Tasks Personal Information Protection and Retention Period
    Channel Corporation Co., Ltd. ChannelTalk (Customer Service) 3 years

  • 5. Rights of Users and Legal Representatives and How to Exercise Them

    The Company has implemented the following procedures to protect the rights of users (or their legal representatives) concerning their personal information:

    1. Rights of Users and How to Exercise Them
      1. Users have the right to request access to, correction of, deletion of, suspension of processing, or withdrawal of consent for their personal information at any time.
      2. Requests to suspend processing or delete personal information can be made in writing or via email.
      3. Requests for access to personal information or suspension of processing may result in limitations on service usage until the correction or deletion is completed.
      4. Requests for correction or deletion of personal information cannot be made if the information is explicitly required by other laws to be collected.
      5. The user's identity will be verified when exercising the rights to access, correct, delete, or suspend processing.
    2. Rights of Legal Representatives and How to Exercise Them
      1. Suppose a legal representative or authorized person exercises the user's rights (such as access, correction, suspension of processing, or deletion). In that case, they must submit a power of attorney form prescribed in the Personal Information Processing Guidelines, Attachment 11.
      2. The Company will verify the legitimacy of the person requesting access, correction, deletion, or suspension of processing.
      ※ Requests for access or other rights related to the personal information of children under 14 must be made by a legal representative.

  • 6. Measures to Ensure the Security of Personal Information

    The Company implements administrative, technical, and physical security measures to manage users' personal information securely.

    1. Administrative Measures
      1. The Company has established an internal management plan to process personal information safely and has implemented internal procedures to ensure compliance.
      2. A dedicated personal information protection organization is in place, and continuous monitoring is conducted to ensure adherence to privacy obligations.
      3. The Company limits the number of personnel handling personal information and prevents information leaks through security pledges and regular training.
    2. Technical Measures
      1. Access to the personal information processing system is restricted, with access rights granted only to the minimum number of authorized personnel. Access logs are separately backed up and stored to prevent tampering or alteration.
      2. Users' personal information is transmitted through encrypted communication channels, and sensitive information such as passwords is encrypted and securely stored.
      3. Security programs are actively used to block personal information leaks caused by hacking or viruses, ensuring safe management.
    3. Physical Measures
      1. Access control systems are in place at data centers and other facilities to prevent unauthorized access.

  • 7. Operation of Automatic Collection Devices for Personal Information

    The Company uses cookies, which automatically collect and store user information. A cookie is a small text file sent from the server operating the Company’s website to your browser and stored on your computer's hard drive.

    1. Purpose of Cookie Collection
      1. Cookies are used to store language settings for language changes in customer support.
    2. How to Reject Cookies
      1. Users can adjust their web browser's settings to refuse cookie storage. However, refusing cookies may result in difficulties accessing personalized services.
    3. Examples of How to Set-Cookie Rejection
      1. For Internet Explorer: Tools menu at the top of the web browser > Internet Options > Privacy > Settings
      2. For Chrome: Settings menu on the right side of the web browser > Settings > Security and Privacy > Cookies and Other Site Data

  • 8. Personal Information Protection Officer and Personal Information Inquiries

    The Company has designated a Personal Information Protection Officer to oversee the management of personal information and address user complaints and requests for remedies related to personal data processing, as outlined below.

    1. Personal Information Protection Officer
      1. Name: Kyung Pyo Park
      2. Title: Executive Director of the Development Division (CPO)
      3. Email: privacy@dozn.co.kr
    2. Department Responsible for Personal Information Protection
      1. Department: Information Security Team, Development Division
      2. Contact: 02-6105-6335
      3. Email: privacy@dozn.co.kr
    3. For Additional Reports or Consultations Regarding Personal Information Breaches
      1. Privacy Call Center (privacy.kisa.or.kr / 118)
      2. Personal Information Dispute Mediation Committee (www.kopico.go.kr/ 1833-6972)
      3. Supreme Prosecutor's Office Cybercrime Division (www.spo.go.kr / 1301)
      4. National Police Agency Cyber Safety Bureau (cyberbureau.police.go.kr / 182)

  • 9. Obligation to Notify the Privacy Policy

    This Privacy Policy is effective from the date of implementation. It may be updated, revised, or modified if there are any additions, deletions, or corrections by applicable laws and policies.