• 1

    General

  • Vernox (hereinafter referred to as the "Company") actively protects the personal information of customers (hereinafter referred to as "Customers"), including non-members, that the Company collects and processes through offline or Internet homepages, and complies with all relevant laws, including the Personal Information Protection Act. are doing the company's personal information processing policy may be changed in accordance with related laws, guidelines and internal operating policies of the company.
  • 2

    Purpose of collection and use of personal information

  • The company collects the minimum personal information required at that time to provide the service requested by the customer.

    A. purpose of use

    -Customer care
    Customer registration, identification and inquiry, delivery and guidance of related notices, customer surveys, guidance on using related services, provision of customized services, analysis of illegal or fraudulent transaction attempts, reception and handling of after-sales service and complaints, response to related disputes and evidence.
    -Performance and settlement of contracts for service provision
    Delivery of related notices about products and services.
    -Use for marketing and promotional purposes
    Sending advertising information such as booklets, newsletters, and DMs through mail and communication means (phone, e-mail, text message, SNS, KakaoTalk, etc.) Providing (sending) coupons, samples, gifts and customer surveys, identifying sample subjects, checking whether samples are requested and received, providing customized services, customer analysis (including analysis of purchase patterns and statistical data), and product and service improvement.
  • 3

    Items of personal information processed and retention period

  • The personal information of customers processed by the company according to the purpose of Article 2 and the retention period are as follows.

    Vernox official website
    Non-member customers: name, mobile phone number, email, address, postal code, business proof, age 19 or older, browser type, OS type, IP address, cookie (retention period: 1 month after delivery).
    Customer inquiry: name, mobile phone number, e-mail, customer inquiry history, browser type, OS type, IP address, cookie (retention period: 1 month after customer inquiry is processed).
  • 4

    Retention period and destruction of personal information

  • The customer's personal information is destroyed without delay when the purpose of processing has been achieved or the retention period has expired. However, if it is necessary to preserve in accordance with other laws, the relevant personal information may be preserved even after the retention period has expired. The main retention periods are:

    -Commercial books (accounting books and balance sheets, etc.), important business documents (including various contracts)
    Preservation Basis: Commercial Law
    Retention period: 10 years
    -Transaction books and supporting documents, tax invoices or receipts
    Preservation Basis: Framework Act on National Taxes, Corporate Tax Act, Value Added Tax Act
    Retention period: 5 years
    -Records on contract or subscription withdrawal, etc., records on payment and supply of goods
    Preservation Basis: Act on Consumer Protection in Electronic Commerce, Etc.
    Retention period: 5 years
    -Records of consumer complaints or dispute resolution
    Preservation Basis: Act on Consumer Protection in Electronic Commerce, Etc.
    Retention period: 3 years
    -Website visit history
    Preservation Basis: Communications Secret Protection Act
    Retention period: 3 months
    B. Procedure and method of personal information destruction
    The procedure and method of personal information destruction are as follows.
    Destruction procedure
    The company selects the personal information for which the reason for destruction has occurred, such as reaching the retention period, and destroys the personal information with the approval of the company's personal information protection officer.
    Destruction method
    The company destroys personal information recorded and stored in electronic file format so that the record cannot be reproduced, and personal information recorded and stored in paper documents is destroyed by shredding or incineration with a shredder.
  • 5

    Entrustment of personal information processing business

  • The company entrusts the processing of personal information of customers as follows, and the consignee who has been entrusted with the processing of the business may process personal information according to the purpose of the entrustment.

    A. Current status of consignment of personal information processing business

    Nice Evaluation Information Co., Ltd.: Identification using mobile phone and i-PIN
    LG CNS: Purchasing and billing, financial transaction identity authentication and financial services, charge collection-
    Kakao Co., Ltd.: Purchasing and billing, financial transaction identity authentication and financial services, charge collection-

    B. NOTICE TO CUSTOMERS
    When the company entrusts the task of promoting or soliciting sales of goods or services, it is expected to obtain consent for the task of consignment in writing, e-mail, fax, telephone, text message, or any equivalent method.

    C. consignment contract
    The company clearly stipulates compliance with laws and regulations related to personal information protection in the consignment contract, prohibition of provision of personal information to third parties, and responsibilities. If the contents of the entrusted work or the entrusted institution are changed, we will notify you through the personal information processing policy.
  • 6

    Provision of personal information and overseas transfer

  • A. Third-Party Provision
    The company shares customer personal information with the head office and Asian affiliates to provide customer support and services, and the personal information collected by the company for this purpose is transferred to the Asian integrated data center according to the following information. The company, affiliates, and data center management companies will use and store personal information in accordance with domestic and international regulations and the head office internal regulations,
    and will take physical and technical measures to protect personal information.
  • 7

    Rights and obligations of data subjects and how to exercise them

  • A. Request for viewing and processing suspension
    Customers may request to suspend the viewing and processing of their personal information. However, in any of the following cases, the company may notify the customer of the reason and reject the request to suspend processing.

    If there are special provisions in the law or it is unavoidable to comply with statutory obligations.
    If there is a risk of harming the life or body of another person or unfairly infringing on the property and other interests of another person.
    If it is difficult to fulfill the contract, such as not being able to provide the service contracted with the customer if personal information is not processed, and the information subject does not clearly indicate its intention to terminate the contract.

    B. Request for correction and deletion
    Customers may request correction or deletion of errors in their personal information. However, if the personal information is specified as a collection target in other laws, the deletion cannot be requested.

    If a customer requests correction or deletion of errors in personal information, the personal information will not be used or provided until the correction and deletion are completed. In addition, if incorrect personal information is used or provided, it will be corrected immediately upon discovery.
    C. event method
    The exercise of rights pursuant to A and B can be done directly by the information subject or through a legal representative or a person who has been delegated. In this case, you must submit a power of attorney in accordance with Form 11 of the Enforcement Rule of the Personal Information Protection Act.
    Customers must not infringe on the personal information and privacy of the customer themselves or others processed by the company in violation of related laws such as the Personal Information Protection Act.
    In addition, please refer to Article 12 for the person in charge of requesting access, correction, suspension of processing, and deletion of personal information.
  • 8

    Matters concerning protective measures to ensure safety

  • A. Administrative measures to protect personal information

    The company designates a person in charge of personal information protection for safe handling of personal information, establishes an internal management plan, and implements it.
    We establish and implement training plans for employees and trustees who directly process personal information.
    We conduct regular self-audits according to the internal management plan.
    B. Technical measures to protect personal information

    Access to personal information is controlled, and access rights are restricted and managed.
    We record the management of access rights to personal information and keep the records for a certain period of time.
    We install and operate an intrusion prevention/prevention system to block unauthorized access to personal information. In addition, when connecting from outside, secure access means such as virtual private networks are applied.
    Establish and apply password creation rules so that employees, etc. can set and implement safe passwords.
    When sending, receiving, and storing personal information, including sensitive information and unique identification information, encryption measures required by relevant laws are taken.
    We install programs to correct and supplement security vulnerabilities of software such as operating systems and update them periodically.
    The company safely keeps records of access to the personal information processing system for a certain period of time.
    C. Physical measures to protect personal information
    We are implementing physical access prevention measures such as access control and locking devices for safe storage of personal information.
  • 9

    Restrictions on transmission of advertising information

  • The company does not transmit advertising information for commercial purposes against the customer's explicit refusal to receive it. In addition, when the company transmits advertising information to customers using electronic means such as e-mail and SMS, it will be transmitted in accordance with relevant laws.

    When a customer expresses his/her intention to reject the transmission of advertising information for commercial purposes, the company will take measures such as stopping the transmission immediately and notify the customer of this. to confirm.
  • 10

    Remedies for Infringement of Rights

  • A. Remedy for rights due to infringement of personal information

    When the company becomes aware that the customer has used the site by stealing another person's resident registration number or other personal information, the company will take necessary measures, such as suspension of service use for the ID or withdrawal of membership, without delay.
    In addition, the company will take immediate action if a customer who has recognized theft of their personal information requests the suspension of service use or membership withdrawal for the ID.
    Customers may apply for dispute resolution or consultation to the Personal Information Dispute Mediation Committee or the Personal Information Infringement Report Center in order to receive relief from personal information infringement.

    In addition, for other personal information infringement reports and consultations, please contact the following organizations.
    Personal information protection comprehensive support portal (operated by the Ministry of Public Administration and Security)
    Responsibilities: Report personal information infringement, apply for counseling, provide data
    Website: http://www.privacy.go.kr
    Phone: 02-2100-3394
    Personal Information Infringement Report Center (operated by Korea Internet & Security Agency)
    Responsibilities: Report personal information infringement, apply for counseling
    Website: http://privacy.kisa.or.kr
    Phone: (without area code) 118
    Address: (138-950) Korea Internet & Security Agency Personal Information Infringement Report Center, 135, Jung-daero, Songpa-gu, Seoul
    Personal Information Dispute Mediation Committee (operated by Korea Internet & Security Agency)
    Responsibilities: Report personal information infringement, apply for counseling
    Website: http://privacy.kisa.or.kr
    Phone: (without area code) 118
    Address: (138-950) Korea Internet & Security Agency Personal Information Infringement Report Center, 135, Jung-daero, Songpa-gu, Seoul
    National Police Agency Cyber Security Bureau
    Website: cyberbureau.police.go.kr
    Tel: 02-393-9112 (Cyber Crime), 1566-0112 (Representative of the National Police Agency)
    B. Personal Information Protection Officer

    The company is responsible for overall handling of personal information, and has designated a person in charge of personal information protection as follows to handle complaints and damage relief from information subjects related to personal information processing.

    Personal Information Protection Officer
    Name: Kwon Young-gak Employee
    Phone: (031) 628 8733
    Email: ygkown@daejindsp.com
  • 11

    Automatic collection device for Internet access information files, etc.

  • Cookies (supported by Internet browsers) are small pieces of information that websites send to your computer's hard disk for record keeping. Cookies make the web more useful by recording information about certain sites that you like. The company uses cookies to store and retrieve personal information from time to time to provide customized services to individual users on the website. Cookies are set when users register or log in to the company website. The company uses this
    cookie information for user convenience and does not use it for commercial purposes.

    As a method of refusing to set cookies, you can accept all cookies by selecting the option of the web browser used by the user, check each time a cookie is saved, or refuse to save all cookies. However, if you refuse to install cookies, there may be difficulties in providing services.

    Example of setting method (in case of Internet Explorer)
    Tools > Internet Options > Privacy at the top of your web browser
  • 12

    Changes to the Privacy Policy

  • When the company changes the personal information processing policy, the timing of the change and enforcement. The changed contents will be continuously disclosed, and the changed contents will be disclosed in comparison before and after the change so that customers can easily check them.