Wilwia Co., Ltd. highly values the protection of its member’s personal information and complies with personal information protection policy of 『Laws on Promotion of Information Network Use 』 and 『Personal Information Protection Policy 』 set by the Ministry of Information and Communication.
ο The policy takes effect as of January 1, 2018. .
1. Purpose of collection and use of personal information
2. Items collected in personal information and collection method
3. Storage and use period of collected personal information
4. Destruction procedure and method of personal information
5. Provision and sharing of personal information
6. Consignment of personal information disposition
7. Installation, operation and decline of personal information collection device
8. Technical/managerial measures for personal information protection
9. Rights of user and legal representative, and exercise of the right
10. Personal information manager and consultation request
11. Supplementary provision
<01. Purpose of collection and use of personal information>
Personal information is information regarding a living individual and it refers to information of which the company can identify the member him/herself of the company such as legal name of the individual (including information that is not sufficient to identify a certain individual by itself, however it can be combined with other useful information for identification). Personal information collected by the company is used for following purposes.
1) Execution of contract provision contract and fee calculation per service provision
– Contents provision, product shipment or invoice sending, personal verification for financial transaction and financial service, purchase and payment, payment collection
2) Member management
– User verification, personal identification, prevention of illegal use by faulty member and unauthorized use, confirmation of membership, limitation on registration and registration count, record keeping for dispute resolution, civil affair handling such as complaint handling, delivery of notification
3) Use in marketing and advertisement
– Development and specialization of new service (product), service provision and advertisement per demographic characteristics, visit frequency analysis, statistics regarding member’s service use, delivery of advertising information such as event (member’s personal information is not provided to an individual or an institute requesting advertisement.)
– When personal information is used for marketing and advertisement, a separate consent is required. Decline to consent is not limiting the service use.
<02. Items collected in personal information and collection method>
[Collected personal information]
(1) At the initial membership registration, the company collects following information for consultation, service application and provision of optimized service.
– Required field : name, date of birth, ID, password, mobile number, email address
– Optional field : sex, address, telephone number, study goal, occupation, applying field
(2) Following information may be created or collected during the service use or business process
– service use record, access log, cookie, access IP information, computer device information, transaction record, faulty use record
– Legal name verification information
(3) Collected information for payment
– Bank wire transfer : Bank name, account number
1) Membership registration through website, consultation post, giveaway event application, request for delivery
2) Collection using a tool collecting created information
<03. Storage and use period of collected personal information >
In principle, once purpose of collection and use of personal information is accomplished, the information is destroyed without hesitation. However, following information is stored for a certain period for following reasons.
1) Stored personal information upon membership cancellation
– Stored information : name provided by the member, ID, email address, address, telephone number
– Reason for storage : Prevention of re-registration of a faulty member, aid in dispute of infringement on rights such as defamation, and aid in investigation
– Storage period : 1 year from membership cancellation
2) Stored personal information regarding commercial transaction
– Stored information : commercial transaction record
– Reason for storage : Laws relevant to consumer protection in commercial law or electronic commercial transaction
– Storage period : 5 years for record regarding contract or contract cancellation / 5 years for record regarding payment and product provision / 3 years for record regarding customer complaint or dispute resolution
<04. Destruction procedure and method of personal information>
1) Destruction procedure
Information the member entered for the purpose of membership registration, etc. is stored for a certain period and destroyed once its purpose is accomplished according to information protection clauses pursuant to the company’s internal policy and other relevant laws. The personal information is not used for any other purpose other than the purpose of storage unless otherwise by the law.
2) Destruction method
Personal information printed on paper-based material is shredded and destroyed by a shredder. Personal information stored in a format of electronic file is destroyed by the method of irrecoverable technical method.
<05. Provision and sharing of personal information>
In principle, the company only uses the member’s personal information for the purpose of collection and use. The company does not disclose the information to 3rd party or other institution. However, following are exempted.
1) When the user gives consent in advance
– Prior to collection and provision of information, the company informs the members who the business partner is, which information is necessary for what cause, how long the information is stored, how the information is protected/managed, and seeks the member’s consent. If a member does not give consent, additional information is not collected and it is not shared with a business partner.
2) When it is regulated by the law, or it is requested by the investigative agency pursuant to procedure and method set by laws with purpose of investigation
<06. Consignment of personal information disposition>
In principle, Wilwia Co., Ltd. does not consign user’s personal information to a 3rd party.
<07. Installation, operation and decline of personal information collection device>
To provide a personalized and customized service for each individual member, the company uses ‘cookie’ which stores and frequently retrieves user information. Cookie is a miniscule data cluster the site-operating server sends to user’s web browser. It is stored in the user’s computer hard drive.
1) Pupose of cookie
– Provision of target marketing and personalized service through analysis of access frequency and visit time by members and non-members, understanding and tracing user preference and interest, and participation in various events and calculating visit frequency
2) Decline to cookie setting : User is able to agree to or decline cookie installation. Therefore, user may allow all cookies by setting in web browser option, confirm every time cookie is stored, or decline all cookie installations.
– Cookie setting example (internet explorer) : Tool at the top of web browser>internet option>personal information (however, decline to cookie installation may hinder certain services which require login)
<08. Technical/managerial measures for personal information protection>
1) Technical measures
– Member’s personal information is protected by password. Important data are protected by separate protection features such as encryption of file or transferred data or file lock feature.
– The company uses computer virus vaccine program to prevent damages from computer virus. The vaccine program is regularly updated. When virus attacks suddenly, the vaccine program is applied and prevents the invasion of personal information.
– The company adopts SSL which is a security program that can safely transmit personal information on network using an encryption algorithm.
2) Managerial measure
– On top of above efforts, member him/herself too be careful not to expose his/her password to a 3rd party. Always be careful not to disclose password through a computer in a public place. Member’s ID and password shall be used by the member only and frequent password change is recommended.
– The company strictly limits the personal information management to employee(s) performing personal information management and the employee who must handle personal information due to the nature of his/her work. The company frequently trains employees managing personal information to emphasize the compliance of the policy. Through audit by an audit committee, fulfillment of the policy and the compliance by the managing employees are being confirmed, and corrective measure is taken immediately in case of a problem.
<09. Rights of user and legal representative, and exercise of the right>
User, at any time, may view or edit his/her personal information and request for membership cancellation. To view or edit user’s personal information, please go to ‘Information Edit’ in the company website. To cancel the membership, please go to ‘Information Edit’>’Membership Cancellation’, verify the user, and view, edit or cancel the membership. If a user requests to a personal information manager via telephone or email, the request is processed immediately.
In the event that a user requests edit of error in personal information, the company does not use or provide the personal information until the edit is completed. In the event that incorrect personal information is provided to a 3rd party, correction result is notified to the 3rd party immediately to enable the correction. The company processes the cancelled or deleted personal information per user request pursuant to statements in ‘storage and use period of collected personal information’ and makes sure that the information is not used for other purposes.
<10. Personal information manager and consultation request>
To protect customer’s personal information and to process complaints regarding personal information, the company appoints a personal information manager. For inquiries regarding customer’s personal information, please contact the personin charge of personal information below.
[Personal Information Manager]
– Name : Hyeon Tae Kim
– Department : Wilwia Co., Ltd.
– Contact : email@example.com
In the event of a need for consultation regarding invasion of personal information, please contact personal information invasion report center, Supreme prosecutor’s office internet crime investigation center, Police cyber terror response center, etc.
[Personal information invasion report center]
– Telephone : 1336
– URL : http://www.cyberprivacy.or.kr/
[Supreme prosecutor’s office internet crime investigation center]
– Telephone : 02-3480-3600
– URL : http://icic.sppo.go.kr/
[Police cyber terror response center]
– Telephone : 02-392-0330
– URL : http://www.ctrc.go.kr/
<11. Supplementary provision>