ROGANJI (hereinafter referred to as "company") establishes and discloses personal information processing guidelines as follows to protect the personal information of the data subject and to quickly and smoothly handle related grievances in accordance with Article 30 of the Personal Information Protection Act.
Article 1 (Purpose of Processing Personal Information)
The company processes personal information for the following purposes. Personal information being processed is not used for purposes other than the following purposes, and if the purpose of use is changed, necessary measures will be implemented, such as obtaining separate consent under Article 18 of the Personal Information Protection Act.
1. Membership registration and management on the website.
Personal information is processed for the purpose of identifying and authenticating membership, maintaining and managing membership qualifications, preventing illegal use of services, checking the consent of legal representatives, notifying, and handling grievances.
2. Provide goods or services.
Personal information is processed for the purpose of delivering goods, providing services, sending contracts and bills, providing content, providing customized services, personal authentication, age certification, payment and settlement, and debt collection.
3. Handling difficulties.
Personal information is processed for the purpose of identifying civil petitioners, checking civil complaints, contacting and notifying them for fact-finding, and notifying them of the results of processing.
Article 2 (Processing and Retention Period of Personal Information)
① The company processes and holds personal information within the period of possession and use of personal information under laws or within the period of possession and use of personal information agreed upon by the data subject.
② Each personal information processing and retention period is as follows.
1. Subscription and management of membership on the website: Until the business/group website is withdrawn,
However, in the case of the following reasons, until the end of the relevant reason,
1) In the case where an investigation, investigation, etc. due to violation of relevant laws and regulations is in progress, until the end of the investigation and investigation,
2) If the bond/debt relationship remains due to the use of the website, until the relevant bond/debt relationship is settled.
2. Supply of goods or services: Until the supply of goods and services is completed and the payment and settlement of charges are completed.
However, in the case of the following reasons, until the end of the relevant period,
1) Records of transactions, such as display and advertisement, contract details, and performance, pursuant to the Consumer Protection in Electronic Commerce, etc. Act.
- Records of indications and advertisements: June
- Supply records of contract or subscription withdrawal, payment, goods, etc.: 5 years
- Records of consumer complaints or disputes: 3 years
2) Storage of communication fact confirmation data pursuant to Article 41 of the Communications Secret Protection Act.
- Date and time of subscriber telecommunication, start and end time, counterparty subscriber number, frequency of use, and location tracking data of the transmission base station: 1 year
- Computer communication, Internet log record data, and connection tracking data: 3 months.
Article 5 (the rights, obligations, and methods of exercising information subjects)
① The data subject may exercise the following privacy rights against the company at any time.
1. Request to read personal information.
2. If there is an error, etc., request correction.
3. Request deletion.
4. Request for suspension of processing.
② The exercise of rights under paragraph 1 can be made through written, telephone, e-mail, and mock-up (FAX) for the company, and the company will take action without delay.
③ If the data subject requests correction or deletion of errors in personal information, the company does not use or provide the personal information until correction or deletion is completed.
④ The exercise of rights under paragraph (1) may be made through an agent such as a legal representative of the data subject or a person who has been delegated. In this case, you must submit a power of attorney in accordance with attached Form 11 of the Enforcement Rule of the Personal Information Protection Act.
⑤ The data subject shall not infringe on the personal information and privacy of the data subject or other person handled by the company in violation of relevant laws such as the Personal Information Protection Act.
Article 6 (Personal Information Items to be Processed)
The company is processing the following personal information items.
1. Membership registration and management on the website.
Required items:
Optional items:
2. Provide goods or services.
Required items:
Optional item:
3. In the process of using the Internet service, the following personal information items can be automatically created and collected.
IP address, cookie, MAC address, service usage record, visit record, defective usage record, etc.
Article 7 (Destruction of personal information)
① If personal information becomes unnecessary, such as the lapse of the period of personal information retention or the achievement of the purpose of processing, the company will destroy the personal information without delay.
② If personal information must be preserved according to other laws and regulations even after the period of personal information retention agreed by the data subject has elapsed or the purpose of processing has been achieved, the personal information will be moved to a separate database (DB) or preserved differently.
③ The procedure and method of destroying personal information are as follows.
1. Procedure for destruction.
The company selects personal information that has caused the reason for destruction and destroys the personal information with the approval of the company's personal information protection officer.
2. How to destroy it.
The company destroys personal information recorded and stored in the form of electronic files using a low level format, etc., and destroys personal information recorded and stored in paper documents by crushing or incinerating.
Article 8 (Measures to Secure the Safety of Personal Information)
The company is taking the following measures to ensure the safety of personal information.
1. Management measures: Establishment and implementation of internal management plans, regular employee training, etc.
2. Technical measures: Management of access rights to personal information processing systems, installation of access control systems, and unique identification information.
Encryption of back, installation of security programs, etc.
3. Physical measures: Control of access to computer rooms, data storage rooms, etc.
Article 9 (Matters concerning the installation, operation, and rejection of automatic personal information collection devices)
① In order to provide individual customized services to users, the company stores usage information and uses "cookie" that is frequently retrieved.
② Cookies are a small amount of information sent by the server (http) used to run the website to the user's computer browser and are also stored on the user's PC computer's hard disk.
A. Purpose of use of cookies: To provide optimized information to users by identifying the types of visits and uses of each service and website visited by users, popular search terms, security access status, etc.
It's used.
B. Installation, operation, and rejection of cookies: Tools at the top of the web browser>Internet Options>Setting options in the Personal Information menu allows you to refuse to save cookies.
C. Refusing to save cookies may cause difficulties in using customized services.
Article 10 (Personal Information Protection Officer)
① The company is in charge of personal information processing, and designates a person in charge of personal information protection as follows to handle complaints and remedy damages of information subjects related to personal information processing.
▶ Person in charge of personal information protection.
Name: Yoonji.
Position: CEO.
Contact: 070-8777-2416 / roganji@naver.com
※ It connects to the department in charge of personal information protection.
▶ Department in charge of personal information protection.
Department name: Marketing department
Contact: 070-8777-2416 / roganji@naver.com
② The data subject may contact the personal information protection manager and the department in charge for all inquiries, complaints, and damage relief arising from the company's service (or business). The company will respond and process the information subject's inquiries without delay.
Article 11 (Request for Access to Personal Information)
The data subject may request the following department to view personal information pursuant to Article 35 of the Personal Information Protection Act. The company will try to expedite the data subject's request for personal information access.
▶ Department of receiving and processing a request for access to personal information
Department name: Marketing department
Contact: 070-8777-2416 / roganji@naver.com
Article 12 (How to remedy infringement of rights and interests)
The data subject can inquire about the institution below about damage relief and counseling for personal information infringement.
▶ Personal Information Infringement Report Center (operated by the Korea Internet & Security Agency)
- Responsible affairs: Reporting personal information infringement and applying for counseling.
- Homepage: privacy.kisa.or.kr
- Phone: 118 (without a national number)
- Address: (58324) Personal Information Infringement Report Center on the 3rd floor of Jinheung-gil, Naju-si, Jeollanam-do (301-2 Bitgaram-dong)
▶ Personal Information Dispute Mediation Committee
- Responsible affairs: Application for personal information dispute mediation, collective dispute mediation (civil settlement)
- Homepage: www.kopico.go.kr
- Phone: 1833-6972 (without a national number)
- Address: (03171) 4th floor of the Government Complex Seoul, 209, Sejong-daero, Jongno-gu, Seoul, Republic of Korea
▶ Supreme Prosecutors' Office Cyber Crime Investigation Team: 02-3480-3573 (www.spo.go.kr)
▶ National Police Agency Cyber Safety Bureau: 182 (http://cyberbureau.police.go.kr)
Article 13 (Enforcement and Change of Personal Information Processing Policy)
This personal information processing policy will be applied from December 9, 2019.