Privacy Policy

Back

Privacy Policy

 

General Rules

 

Boomers Mall Co., Ltd.(hereinafter referred to as the "Company") values the privacy of its members and complies with relevant laws, such as the "Privacy Act," a major law related to privacy. The company informs member about the purpose and method of using the personal information provided by the member to the company online and what measures are taken to protect the personal information.

 

The company's personal information processing policy contains the following information.

 

1. Items and methods of collecting personal information

 

2. Purpose of collection and use of personal information

 

3. Period of retention and use of personal information

 

4. Sharing and delivering personal information

 

5. Entrustment of processing personal information

 

6. Procedure and method for destruction of personal information

 

7. Rights of members and legal representatives and how to exercise them

 

8. Matters concerning the installation and operation of the automatic personal information collection device and its rejection

 

9. Technical/management protection measures related to personal information protection

 

10. Person in charge of personal information protection and department in charge

 

11. Reporting and dispute mediation related to personal information

 

12. Obligations of notice

 

1. Items and methods of collecting personal information

 

The term "personal information" means information about a living individual that can be identified through a name, resident registration number, video, etc.(including information that can be easily combined with other information even if the information alone cannot identify a specific individual.

 

1.1 Items of Personal Information Collected

 

⑴ The company collects the following personal information for membership, service application, customer counseling, etc.

 

 ⒜ When signing up for membership

 <General member(individual aged 14 or older)>: Name, date of birth, gender, application ID, password, email, mobile phone number, landline phone number, identity verification value(CI, DI)

 <Personal business owner> : trade name, business license number, representative certification(name, date of birth, gender), place of business, application ID, password, email, mobile phone number, landline phone number, identification value(CI, DI)

 <corporate business operator> : corporate name, corporate registration number, business registration number, representative certification(name, date of birth, gender), place of business, application ID, password, email, mobile phone number, wired phone number, identification value(CI, DI)

 <Child/Juvenile Member(Individual under 14 years of age)>: Name, Date of Birth, Gender, Legal Representative Certification(Name, Date of Birth, Gender), Application ID, Password, Email, Mobile Phone Number, Wired Phone Number, Identification Value(CI, DI)

 <Foreign members(foreigners living in Korea and abroad)>: Name, date of birth, gender, nationality, passport number, alien registration number, application ID, password, email, mobile phone number, landline phone number, identification value(CI, DI)

 

 ⒝ When using some services

 In the process of using individual services, additional personal information can be collected, and at the time of collection, the user will be informed and agreed.

 - Shipping address, remittance account number of product sales fees, email receipt status, SMS receipt status, password memory question/answer

 

 ⒞ In case of refund

 Account information(transaction bank name, account number, trader name)

 

⑵ The following information can be generated and collected during the service use process or business process.

 Service usage records, access logs, cookies, access IP information, payment records, usage suspension records, defective usage records

 

1.2 Collection method of personal information

 

The company collects personal information in the following ways;

 

⑴ Membership registration through the website and written form

 

⑵ Customer counseling and service use management through telephone, fax, and counseling bulletin board

 

⑶ Application for event (gift event) and delivery request

 

⑷ Provision from Affiliates

 

⑸ Collection through generative information collection tools

 

2. Purpose of personal information collection and use

 

The company uses the collected personal information for the following purposes;

 

2.1 Member management

 Identification of identity, personal identification, prevention of illegal use and unauthorized use of defective members, confirmation of subscription intention, restriction of number of subscriptions, Confirmation of the consent of the legal representative when collecting information on the opening of children under 14 years of age, confirmation of legal representative, records for dispute mediation, handling civil petitions, such as handling complaints, and delivering notices.

 

2.2 Fulfillment of contracts for the provision of services and settlement of charges for the provision of services

 Delivery of services and contents, delivery of goods or invoices, etc., self-certification, purchase and payment, collection of charges

 

2.3 Developing and marketing new services and advertising

 Development and specialization of new services (products), provision of services and advertisements according to demographic characteristics, frequency of access, statistics on members' use of services, and Communicate advertising information such as events

 

3. Period of retention and use of personal information

 

In principle, after the purpose of collecting and using personal information is achieved, the information is destroyed without delay. However, the following information shall be preserved for the period specified for the following reasons;

 

3.1 Reasons for possession of information according to the company's internal policy

 Even if a member withdraws, the company keeps the membership information as follows to provide smooth services and prevent the use of fraudulent services;

 

 ⑴ Records of fraudulent/defective use(including personal information of fraudulent/defective users)

 Reasons for preservation : Prevention of fraud and poor use of services and prevention of re-subscription of fraudulent/poor users

 - Retention period: 1 year

3.2 Reasons for possession of information under relevant statutes

If it is necessary to preserve it under the provisions of the relevant statutes, such as the Commercial Act, the Consumer Protection Act in e-commerce, etc., the company shall keep the membership information for a certain period prescribed by the relevant statutes. In this case, the company uses the stored information only for the purpose of storage, and the retention period is as follows.

 

 ⑴ Records of contracts, withdrawal of subscriptions, etc.

 - Reasons for preservation: Consumer Protection in e-commerce, etc.

 - Retention period: 5 years

 

 ⑵ Records of payment and supply of goods, etc.

 Reasons for preservation: Consumer Protection in e-commerce, etc.

 - Retention period: 5 years

 

 ⑶ Records of consumer complaints and disputes

 Reasons for preservation: Consumer Protection in e-commerce, etc.

 - Retention period: 3 years

 

 ⑷ Service visit history

 - Reason for preservation: Communication Secret Protection Act

 - Retention period: 3 months

 

 ⑸ Books and evidentiary documents on all transactions prescribed by the Tax Act

 - Reason for preservation: Framework Act on National Taxes

 - Retention period: 5 years

 

 ⑹ Electronic financial transaction records
  - Reasons for preservation: Electronic Financial Transactions Act
  - Retention period: 5 years

 

4. Sharing and delivering personal information

 

The company uses personal information to the extent prescribed for the purpose of collection and use, except as otherwise provided by the relevant statutes or with the consent of the members, and does not use or disclose to the outside world beyond the scope of the extent. However, this shall not apply where there is a request from an investigative agency in accordance with the regulations of the Act or according to the procedures and methods prescribed in the Act and subordinate statutes for investigation purposes.

 

5. Entrustment of processing personal information

 

The company entrusts and operates personal information processing tasks such as customer service management and handling civil complaints as follows. In addition, in order to ensure the safety of personal information protection during consignment contracts, it clearly stipulates compliance with regulations related to personal information protection, prohibition of third-party supply of personal information, and burden of responsibility in case of accidents. If the company is changed, the name of the changed company will be notified through the notice or privacy policy screen.

Trustee

Contents of consignment work

Personal information retention and use period

Boomers Co., Ltd.

Computerized processing of membership/change/

revocation

Retention until consignment expires

Service Operations System Material Management

Retention until consignment expires

PayPal(PG Company)

Providing overseas electronic payment methods

Retention until consignment expires

KG INICIS

(PG Company)

Providing overseas electronic payment methods

Retention until consignment expires

Cosmic Co.,Ltd.

Advertising

sales representative

Retention until consignment expires

Delivery agent  

Domestic delivery even for overseas delivery

Retention until consignment expires

Overseas shipping company

Shipping to Overseas Customers

Retention until consignment expires

SBS

Personal information related to purchasing/selling member's

business processing

When transferring duties due to the expiration of the entrustment contract

 

 

6. Procedures and methods for destroying personal information

 

In principle, the company destroys the information without delay after the purpose of collecting and using personal information is achieved. The destruction procedures and methods are as follows.

 

6.1 Process for destruction and separation of storage

 

 ⑴ Information entered by a member for membership is transferred to a separate DB or table after the purpose is achieved (for paper, a separate filing box), and is stored for a certain period according to the internal policy and other related laws and is destroyed.

 

 ⑵ Personal information transferred to a separate DB or table shall not be used for any purpose other than being retained except in accordance with the Act.

 

6.2 Destruction method

 

 ⑴ Personal information printed on paper shall be shredded or incinerated with a shredder.

 

 ⑵ Personal information stored in electronic file format is deleted using a technical method that cannot reproduce the record.

 

 ⑶ Destruction of personal information of customers who do not use it, etc.

Based on Article 39-6 of the Personal Information Protection Act, the company shall destroy or separately store personal information for members who do not have a service usage record for one year to protect users' personal information. However, if a separate period is prescribed by other statutes, the user's personal information shall be kept during that period.

 

7. Rights of members and their legal representatives and how to exercise them

 

7.1 A member or legal representative may view or modify the personal information of the registered person or child under the age of 14 at any time, and may request termination (withdrawal of consent).

 

7.2 Click "Modify member information" to inquire into or modify personal information of a member or a child under 14 years of age, and in order to withdraw the membership (withdraw consent), click "Withdrawal of membership" to confirm the identity; Member can read, correct, or withdraw after going through it. Or if member contacts the person in charge of personal information protection by writing, calling, e-mail, or counseling bulletin board, the person in charge will take action.

 

7.3 If a member or legal representative requests correction of personal information errors, the personal information shall not be used or provided until the correction is completed. In addition, if the wrong personal information has already been provided to a third party, the company will notify the third party of the correction process without delay so that the correction can be made.

 

8. Matters concerning the installation/operation of automatic collection of personal information and the refusal thereof

 

The company uses 'cookie' to store and retrieve members' information from time to time in order to provide individual customized services. Cookie is a small amount of text file that the server running our website sends to your browser. It is stored on the user's computer hard disk, identifies your computer, but does not identify you personally

 

8.1 Purpose of using cookies, etc.

 

 The company uses cookies for the following purposes

 

 ⑴ Providing convenient Internet services by maintaining the service environment established by the user;

 

 ⑵ Providing optimized services by analyzing users' visits, usage behaviors, etc.

 

8.2 Rejecting Cookie Settings

 

Members have the option of installing cookies. Therefore, members can accept all cookies, or check each time they are saved, or refuse to save all cookies by setting options in their web browser. However, in order to access the company's website and use the service, cookies must be allowed, and if member refuses to do so, it may be difficult to use the company's service that requires login.

 

 Example of how to set up

 

 ⑴ For Internet Explorer: Tools menu at the top of a web browser >Internet Options >Privacy >Advanced

 

 ⑵ For Chrome: Settings menu on the right side of the web browser >Display advanced settings at the bottom of the screen >Privacy and security >Site settings >Cookie and site data

 

9. Technical/management protection measures related to personal information protection

 

9.1 A member's personal information is basically protected by the member's ID and password, and the company prepares technical and managerial measures to ensure safety to prevent personal information from being leaked, tampered with or damaged.

 

 ⑴ Technical measures

 

⒜ The password for membership account is encrypted and stored, so only member knows it. Therefore, only those who know the ID and password can check and modify personal information that requires account login.

 

⒝ The company frequently backs up data in preparation for damage to personal information, and uses the latest vaccine program to prevent leakage or damage of members' personal information or data due to computer viruses.

 

⒞ In the case of payment, the company uses security devices to safely transmit personal information on the network.

 

⒟ The company controls unauthorized access from the outside by using an intrusion prevention system (firewall) to prevent information leakage due to hacking, etc.

 

 ⑵ Management measures

 

⒜ When handling personal information by requesting a password, etc., the company does its best to confirm that he/she is the person in the best possible way and to handle the information safely.

 

⒝ The company limits access to personal information to those who perform personal information management tasks such as the person in charge of personal information protection, or those who handle personal information. The company always emphasize compliance with the personal information processing policy through frequent training for employees who handle personal information.

 

9.2 In addition to the efforts of the above company, members should be careful not to expose their personal information such as ID, password, and resident registration number on the Internet or to others. If personal information such as ID and password is leaked due to carelessness or negligence of the member, the company will not be held responsible for it.

 

9.3 Therefore, it is recommended that only members use the member's ID and password, change the password frequently, and use a number that is difficult to infer by others by mixing alphabetic, numeric, and special characters.

 

9.4 It is also recommended that members always log out after using the service and exit the web browser. This is especially necessary for privacy when sharing computers with others or using them in public.

 

10. Person in charge of personal information protection and department in charge

 

The company designates a person in charge of personal information protection to protect members' personal information and handle complaints related to personal information. Please contact the person in charge of personal information protection and the department in charge of personal information protection for any complaints regarding the use of the company's services. The company will quickly and fully respond to the members' inquiries.

 

Person in charge of personal information protection and the department in charge;

 

 

Responsible : Lee Doo Hyun

Department in charge : Personal Information Protection Team

Phone : +82 2 3664 0614

email : dhlee@rawoon.com

 

11. Reporting and dispute mediation related to personal information

 

If you need to report or consult on personal information infringement, please contact the Korea Internet & Security Agency(KISA) Personal Information Infringement Reporting Center. In addition, if members have suffered financial or mental damage through infringement of personal information, members can apply to the Personal Information Dispute Mediation Committee for relief.

 

Personal Information Infringement Report Center (privacy.kisa.or.kr/118)

Privacy Dispute Mediation Committee (kopico.go.kr/1833-6972)

Supreme Prosecutors' Office Cybercrime Investigation Unit (spo.go.kr/1301)

Police Cyber Investigation Bureau (cyberbureau.police.go.kr/182).

 

12. Obligations of notice

 

In the event of addition, deletion, or modification of the current personal information processing policy due to changes in statutes, policies, or security technologies, the revised personal information processing policy will be announced at least seven days before implementation.

 

Addendum

⑴ Announcement date: August 17, 2021

⑵ Enforcement date: September 01, 2021

 

 

Youth Protection Policy

 

General Rules

 

Based on the Youth Protection Act and the Act on Promotion of Information and Communications Network Utilization and Information Protection, the Company has established and implemented youth protection policies to protect youth from various media harmful to youth.

 

1. Measures to prevent juvenile access to harmful media

 

The company prevents teenagers from being exposed to harmful media such as violence, adult information, pornographic information, etc. in accordance with the regulations of the Korea Communications Standards Commission and the Youth Protection Committee.

 

2. Regulations on harmful media for juveniles.

 

In cooperation with the Korea Communications Standards Commission, the company will continue to clean up the Internet environment through its own regulations to prevent the distribution of harmful media for youth within the company.

 

3. Youth Protection Manager

 

For youth protection, the company will designate a youth protection manager as follows and do its best to prevent the damage from spreading through counseling and grievance treatment caused by harmful media.

 

A person in charge of youth protection management

 

Name : Lee Doo Hyun

Belonging : Personal Information Protection Team

Position : Vice president

Phone : +82 2 3664 0614

email : dhlee@rawoon.com


WORLD SHIPPING

PLEASE SELECT THE DESTINATION COUNTRY AND LANGUAGE :

GO
Close
Top